Welcome to Hillicon Valley, The Hill’s newsletter detailing all you need to know about the tech and cyber news from Capitol Hill to Silicon Valley. If you don’t already, be sure to sign up for our newsletter with this LINK.
Welcome! Follow our cyber reporter, Maggie Miller (@magmill95), and tech team, Chris Mills Rodrigo (@chrisismills) and Rebecca Klar (@rebeccaklar_), for more coverage.
YEAR AHEAD IN TECH: Lawmakers are expected to tackle key tech policy issues in 2021 following a tumultuous year that strained the Washington-Silicon Valley relationship.
ADVERTISEMENT
Congress will likely introduce or move forward on legislation addressing antitrust concerns in the tech industry, while continuing its split crusade on content moderation.
Here’s a look at how those two issues could play out in the coming year.
Digital monopolies
The coronavirus pandemic has underscored and amplified the power held by the country’s biggest tech companies, all of which have seen their positions in the marketplace strengthen as millions of Americans work, shop and socialize online from home.
The industry’s strength has also increased as other sectors contract.
Congress has been laying the groundwork to start addressing that growing concentration of power. Democrats on the House Judiciary Committee’s panel dealing with antitrust released a scathing report this fall, compiled over the course of a year, detailing how Amazon, Apple, Facebook and Google have stifled competition in the digital marketplace.
Content moderation
ADVERTISEMENT
The 2020 election perfectly encapsulated the deep partisan divisions over how social media firms should moderate content on their platforms.
The first Senate hearing on tech after Election Day featured Democrats criticizing Facebook’s Mark ZuckerbergMark Elliot ZuckerbergHillicon Valley: Antitrust, content moderation to dominate tech policy in 2021 | Ransomware attacks pose 2021 challenges for Congress | Hackers threaten to disrupt COVID-19 vaccine supply chain Antitrust, content moderation to dominate tech policy in 2021 Attorneys general plan to sue Facebook over antitrust violations next week: report MORE and Twitter’s Jack Dorsey for alleged failures to handle political misinformation.
Republicans, on the other hand, raised concerns about anti-conservative bias by tech platforms, an oft-repeated allegation that has not been substantiated.
The anger around perceived targeting of conservative voices has coalesced around the GOP push to revise or even scrap Section 230 of the Communications Decency Act, the landmark 1996 law which gives internet companies immunity from lawsuits for content posted on their sites by third parties and allows them to make good faith efforts to moderate content.
Read more here.
YEAR AHEAD IN CYBER: Ransomware cyberattacks are expected to pose a growing threat to hospitals and schools next year, putting pressure on Congress to draft a legislative response.
At the other end of Pennsylvania Avenue, the Biden administration will have its own set of challenges, mainly building a new cybersecurity leadership team at the federal level and taking stock of what aspects of election security from 2020 should be replicated in the future.
Here’s what to watch for in 2021.
Ransomware attacks
Cyber criminals have steadily stepped up attacks on critical institutions over the past two years, increasingly turning to ransomware to extort vulnerable groups for funds.
The issue has been magnified by the COVID-19 pandemic, with hackers targeting stressed hospital networks and school districts that have moved online, along with local governments that are more likely to pay a ransom to ensure networks are running again as quickly as possible.
Targets in recent months have included hospital systems in Vermont and New York, and school districts in Miami Dade County, Fla., and Baltimore County, Md. In all cases, operations were significantly affected, slowing critical services.
Key leaders on Capitol Hill say they are aiming to take action to address these concerns next year.
“Getting federal resources to state and local governments for their cybersecurity efforts will be one of our top priorities next year,” House Homeland Security Committee Chairman Bennie ThompsonBennie Gordon ThompsonJohn Katko tapped to be next ranking member of House Committee on Homeland Security Hillicon Valley: Antitrust, content moderation to dominate tech policy in 2021 | Ransomware attacks pose 2021 challenges for Congress | Hackers threaten to disrupt COVID-19 vaccine supply chain Ransomware attacks pose 2021 challenges for Congress MORE (D-Miss.) told The Hill.
ADVERTISEMENT
Election security lessons
Securing U.S. election systems has been a major topic in the spotlight over the past four years after Russian agents interfered in the 2016 presidential election through hacking and disinformation efforts.
The 2020 election proved mostly uneventful and quiet on the cybersecurity front, with top officials declaring victory after four years of coordination at the federal, state and local levels to ramp up security.
Despite the relative calm, some officials are calling for more action to be taken next year to ensure the lessons learned since 2016 continue to be applied to future elections.
“You can’t take your eyes off the ball, you have to continue your diligence. The attack profile is still there,” said Christopher Painter, who was State Department cybersecurity coordinator under both the Obama and Trump administrations.
Read more here.
ADVERTISEMENT
VACCINE SUPPLY CHAIN UNDER THREAT: Government officials and health-care groups are growing increasingly concerned about nation states and criminal hackers targeting the supply chain for COVID-19 vaccines.
Concerns have been amplified as the U.S. prepares to roll out the first vaccines later this month, with groups involved in creating and shipping the vaccines a prime target for potential cyberattacks.
“We have noticed an uptick in attacks against all aspects of the vaccine supply-chain from research through to manufacturing and distribution,” Marc Rogers, the executive director of cybersecurity at software group Okta, told The Hill on Friday.
Rogers, who helps lead the COVID-19 CTI League that tracks and helps defend against cyberattacks aimed at health groups, noted that the League has seen “ramped up” cyberattacks aimed at medical institutions corresponding to increasingly positive news around vaccine development.
“My suspicion is that all parties in the cybercriminal underground from ordinary criminals to nation states recognize that the vaccines represent a golden opportunity and are responding as such,” Rogers said.
North Korea has been among such nations, with The Wall Street Journal reporting recently that North Korean hackers targeted at least six pharmaceutical groups in the U.S., the United Kingdom and South Korea involved in developing a vaccine, including Johnson & Johnson and Novavax.
“All CISOs [chief information security officers] in health care are seeing attempted penetrations by nation state actors, not just North Korea, every single minute of every single day,” Johnson & Johnson CISO Marene Allison said at the Aspen Institute’s virtual Cyber Summit earlier this week.
ADVERTISEMENT
Read more here.
ALL QUIET ON THE TIKTOK FRONT: The latest deadline for ByteDance to sell the widely popular video-sharing app TikTok passed on Friday without a final deal being reached or the Trump administration again extending the deadline.
The deadline had already been delayed twice last month, and uneventfully passed again last week without a clear path forward for President TrumpDonald TrumpTrump taps Conway, Chao to government posts in waning days of administration Pelosi, Schumer hit Trump but cite ‘progress’ in COVID relief talks House GOP leader trolls Democrats over reduced majority MORE’s executive order from August calling for the Beijing-owned ByteDance to sell the app or have it banned in the U.S.
A Treasury Department spokesperson said in a statement late Friday that the Committee on Foreign Investment in the United States (CFIUS) “is engaging with ByteDance to complete the divestment and other steps necessary to resolve the national security risks arising from the transaction, consistent with the President’s August 14 Order.”
A person familiar with the matter told CNN the government will not enforce the order requiring the sale but will not further extend the deadline.
Trump tentatively approved a deal in September that would establish a U.S.-headquartered TikTok Global with partial U.S.-based owners, Oracle and Walmart.
Read more here.
PORNHUB IN THE HOT SEAT: Credit card companies Mastercard and Visa announced Sunday that they are reviewing their business relationships with Pornhub after a New York Times column reported the website showed explicit videos filmed without the consent of the participants.
The probe comes after Nicholas Kristof wrote in a Friday column that Pornhub contains videos of rape scenes, revenge pornography and underage sex, allegations that Pornhub called “irresponsible and flagrantly untrue.”
Both Mastercard and Visa launched investigations into Pornhub and its parent company MindGeek in response to the column.
Mastercard said in a statement obtained by The Hill that it has “zero tolerance for illegal activity on our network.”
“We are investigating the allegations raised in the New York Times and are working with MindGeek’s bank to understand this situation, in addition to the other steps they have already taken,” the company said.
Read more here.
DEMOCRATS URGE ACTION ON GOOGLE AD POLICY: Senate Democrats on Monday urged Google to improve its ad policies regarding election disinformation and voter suppression, accusing the company of failing even to enforce its own “inadequate” policy.
Sens. Amy KlobucharAmy KlobucharSenate Democrats to vote on leadership rules amid power struggle Inauguration committee Republicans sink Democrats’ resolution acknowledging Biden victory Hillicon Valley: Antitrust, content moderation to dominate tech policy in 2021 | Ransomware attacks pose 2021 challenges for Congress | Hackers threaten to disrupt COVID-19 vaccine supply chain MORE (D-Minn.) and Mark WarnerMark Robert WarnerMajor cybersecurity firm says it was hacked in sophisticated nation-state attack Democratic senators push for ,200 direct payments in new coronavirus relief package The COVID-19 relief bill: Why compromise is back in Washington MORE (D-Va.) led the group of eight senators in a letter that called on the tech giant to strengthen the enforcement of its policies regarding election-related disinformation, including rejecting all ads spreading election disinformation and stopping ad services on websites that spread false information.
“Google continues to operate with a narrow and incomprehensive political ads policy that has major loopholes. It is also failing to enforce even this inadequate policy,” the senators wrote. “As a result, the company is profiting from ads that spread voting and election disinformation and helping disinformation sites profit from their lies. Our democracy deserves better.”
Google’s ad policy prohibits “making demonstrably false claims that could significantly undermine participation or trust in an electoral or democratic process,” according to a company update from last year. The update states that it is against the company’s policies for “any advertiser to make a false claim — whether it’s a claim about the price of a chair or a claim that you can vote by text message.”
Despite Google’s policy, the senators cited a study published by The Global Disinformation Index (GDI) in October that found Google services ads on 145 out of 200 websites GDI examines that publish disinformation.
Read more here.
Lighter click: How’d you get there?
An op-ed to chew on: The most important internet issue you’ve never heard of
NOTABLE LINKS FROM AROUND THE WEB:
Uber, after years of trying, is handing off its self-driving car project (The New York Times / Cade Metz and Kate Conger)
The EU is making overtures about cybersecurity collaboration under Biden (CyberScoop / Shannon Vavra)
Lots of people are gunning for Google. Meet the man who might have the best shot (Protocol / Emily Birnbaum)
New smartphone tool to track side effects of the coronavirus vaccine may be vulnerable to manipulation (The Washington Post / Lena Sun and Isaac Stanley-Becker)