What to Know About the CLOUD Act
Lawmakers also weigh in on bug bounties and advance customer experience and open data bills.
Industry groups and privacy and civil liberties groups split this week over a proposed fix from Sen. Orrin Hatch, R-Utah, to Justice Department demands for emails and other data stored in overseas servers.
The issue has been highly contentious since 2014 when Microsoft refused to comply with a Justice Department warrant for customer emails stored in a data center in Ireland, arguing only Irish law enforcement could request those emails. Google later refused a similar order. The Microsoft case will reach the Supreme Court later this month.
Hatch’s plan, dubbed the CLOUD Act, essentially gives the go ahead for warrants aimed at overseas data but gives data storage companies and the countries where they store that data an opportunity to object in a U.S. court. A judge would then decide “whether, in the interests of international comity, the warrant should be modified or quashed.”
The bill is a course reversal for Hatch who, in the last congress, sponsored a bill that would bar U.S. law enforcement from demanding overseas data unless it was about a U.S. person or the host country agreed to obtain and hand over the data using its own legal processes.
Microsoft President Brad Smith tweeted support for the bill. Also supporting the bill are industry groups BSA | The Software Alliance, SIIA, the Software & Information Industry Association, and ITI, the Information Technology Industry Council.
Opposing the bill were tech freedom and civil liberties groups the Electronic Frontier Foundation, which called it a “dangerous expansion of police snooping,” and the Center for Democracy and Technology, which said the CLOUD Act “would erode trust in [the] privacy of cloud storage.”
Batting Clean Up
In addition to the continuing resolution, President Donald Trump Friday signed the Continuing Appropriations Amendments Act, approving retroactive pay for federal employees for the last, albeit short, shutdown.
Senate Commerce: Don’t Let Uber Ruin Bug Bounties for the Rest of Us
Lawmakers on the Senate Commerce Committee managed to praised bug bounties during a Wednesday hearing, even as they chastised Uber for using a bug bounty program to pay off a hacker extortionist who’d stolen personal information from the company and then hiding that breach from authorities.
Bug bounties are programs in which organizations make cash payments to volunteer digital security researchers who discover hackable vulnerabilities in their systems.
“These substantive concerns, [meaning Uber’s illegal payoffs] should not completely outweigh the overall utility of this innovative, crowd-sourced approach [bug bounties] that many industry actors have taken to proactively identify ‘chinks in their technological armor,’” Sen. Jerry Moran, R-Kan., said in his opening statement, setting a tone for the hearing.
Moran chairs the committee’s data security panel.
Helping Out Ukraine
The House overwhelmingly passed legislation Wednesday endorsing U.S. cyber cooperation with Ukraine, which has been pummeled by alleged Russian cyber meddling and is highly reliant on Russian information and communications technology.
The bill offers a “sense of Congress” but doesn’t direct any specific activity beyond a State Department report on U.S. efforts to help harden Ukrainian cyber infrastructure. The bill passed 404-3.
About those Smartphones, Sec. Mattis
As long as the Pentagon is reviewing security concerns posed by smartphones and location tracking, it should investigate GPS tracking features on Google’s Android phones, according to a letter Sens. Tom Cotton, R-Ark., and Richard Blumenthal, D-Conn., sent to Defense Secretary James Mattis Wednesday.
The letter outlines concerns about the tracking features and asks whether the Pentagon has been in contact with Google about ensuring they are disabled on military bases. The Pentagon review followed news that a fitness tracking app had unknowingly revealed the location of secret military bases.
House Oversight Advances CX, Open Data Bills
The Creating Advanced Streamlined Electronic Services, or CASES, for Constituents Act passed the House Committee on Oversight and Government Reform on a voice vote Tuesday. The bill would allow citizens to electronically submit a form giving their representative authority to lobby a federal agency on their behalf. Currently, those forms have to be submitted on paper and in person.
“In my particular office, this is an issue that constantly slows up the process,” said Rep. Mark Meadows, R-N.C., during the Feb. 6 markup. “This particular act would allow those to be done electronically.”
The legislation passed as a substitute amendment, with some additional privacy protections built into the final language.
The committee also passed the Grant Reporting Efficiency and Agreements Transparency Act, or GREAT Act, which would create a standard taxonomy for data reported by grant recipients to federal agencies.
Senate Intelligence examines worldwide threats Tuesday with Director of National Intelligence Dan Coats, CIA Director Mike Pompeo, National Security Agency Director Michael Rogers, FBI Director Christopher Wray, Defense Intelligence Agency Director Robert Ashley and National Geospatial-Intelligence Agency Director Robert Cardillo. Hearing starts open but will shift into a closed session.
Tuesday afternoon Senate Armed Services Committee hears from cybersecurity experts on the Defense Department’s role in protecting elections.
Federal Trade Commission nominees Joseph Simmons, Noah Joshua Phillips, Christine Wilson, and Rohit Chopra testify before the Senate Commerce, Science and Transportation Committee Wednesday morning.
Also Wednesday morning, House Science, Space and Technology looks at emerging uses for blockchain with experts from Congressional Research Service, National Institute for Standards and Technology, IBM, Walmart and Benjamin N. Cardozo School of Law.
Wednesday afternoon House Oversight’s IT subcommittee kicks off a trio of hearings on artificial intelligence with experts from the Georgia Institute of Technology, the Allen Institute for Artificial Intelligence, NVIDIA and Intel.
Thursday House Oversight checks in with the General Services Administration’s acquisition and property manager and House Veterans’ Affairs goes over the Veterans Affairs Department budget request with Secretary David Shulkin.
Aaron Boyd contributed to this article.