Smaller Build Back Better Act Released
Biden nominates Rosenworcel to chair FCC and Sohn to fill empty seat; UK's ICO wants views on updated draft guidance on anonymisation, pseudonymisation and privacy enhancing technologies;
Democrats may have finally agreed upon a package of infrastructure and social safety net provisions. Originally, Democrats had settled on a $3.5 trillion package of spending over ten years, or an average of $350 million over ten years, on long wished for priorities, including climate change measures, childcare, free college, expanded Medicaid, Medicare, and Affordable Care Act funding. However, the White House and Democratic leadership has had extreme difficulty in trying to please the left wing of the party and the handful of moderate to conservative Democrats in each chamber.
It appeared as if Democrats threaded these needles through a reduction in bill size and scope ($1.75 trillion) until Senator Joe Manchin (D-WV) made remarks today about his misgivings about moving ahead with the package. Consequently, House Democratic Leadership’s hopes to vote this week on the “Build Back Better Act” and the $1 trillion “Infrastructure Investment and Jobs Act” (H.R.3684) may have been dashed. From the other side of the political spectrum, House Progressive Caucus Chair Pramila Jayapal has held steadfast, as have the House liberals she leads, in refusing to vote for the bipartisan infrastructure package (i.e., H.R.3684) until the Congress passes the larger package.
However, it bears some emphasis that this does not mean the Democrats are dead in the water. Rather, at present, it appears that more talks are necessary and likely more negotiation on some of the funding and provisions.
In any event, turning from the politics to the legislation, last week, after seeming announcement, the White House issued the Build Back Better Framework it developed through extensive negotiations with Senate and House Democrats that provides a succinct overview of the $1.75 trillion plan that was advertised as the fruit of these talks. On 28 October, the House Rules Committee met regarding a rule for floor consideration for the “Build Back Better Act” (H.R.5376) and ultimately punted on a issuing a final rule until this week. However, the committee made available a number of materials on the new bill. The committee released the text of the old bill, the new “Build Back Better Act” (H.R.5376), and a section-by-section summary. The committee also issued a comparison of the first bill with the second split into ten parts given the size of the document:
§ Part 1 PDF
§ Part 2 PDF
§ Part 3 PDF
§ Part 4 PDF
§ Part 5 PDF
§ Part 6 PDF
§ Part 7 PDF
§ Part 8 PDF
§ Part 9 PDF
§ Part 10 PDF
Regarding technology provisions, a number did not make the cut. For example, three priorities of the House Oversight and Reform Committee that were omitted totaled $3.35 billion for U.S. government technology programs:
If these funds were to be appropriated for these programs, they would likely increase in scope and impact. Of course, the fact these were left on the cutting room floor means these funds will almost certainly not be appropriated. As it stands, the Technology Modernization Fund (TMF) already received $1 billion earlier this year in the “American Rescue Plan Act of 2021” (P.L. 117-2), a huge boost above the previous year’s appropriations. The Federal Citizen Services Fund received $150 million in the same legislation for use until the end of FY 2024.
The House Energy and Commerce Committee saw its funding for the Federal Trade Commission (FTC) to establish a dedicated bureau for privacy enforcement sliced in half from $1 billion:
Even though the FTC would receive half of the funding as compared to the first iteration of the “Build Back Better Act,” the agency would still receive, on average, $50 million more a year as compared to its current funding for the next ten years. The current leadership of the agency has definite ideas about how to use additional funding aggressively to address the “data abuses” it sees across sectors of the U.S. economy. Depending on how the funds are used, this could allow the FTC to pursue many more privacy cases a year.
Funding for U.S. government cybersecurity was also pared back and, in some cases, eliminated. The United States (U.S.) Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) would still receive a significant funding boost on top of the appropriations boost Congress seems likely to enact. In September, the House Homeland Security Committee marked up its part of the “Build Back Better Act” that would have given CISA more funding for discrete purposes in the first iteration of the bill:
§ $50 million for the for support of the Multi-State Information Sharing and Analysis Center;
§ $25 million for the execution of a national multi-factor authentication campaign
§ $400 million for the execution of Executive Order 14028 “Improving the Nation's Cybersecurity”, specifically “including the implementation of multi-factor authentication, endpoint detection and response, improved logging, and securing cloud systems;”
§ $50 million for the “expansion and operation of the Crossfeed program”
§ $10 million for performing activities in support of the development of the continuity of the economy plan required under section 9603(a) of title XCVI of the William M. (Mac) Thornberry National Defense Authorization Act for Fiscal Year 2021
§ $20 million “for expanding programs working with international partners on the protection of critical infrastructure;”
§ $100 million “for cybersecurity workforce development and education, including providing education, training, and capacity development and to the Cybersecurity Education and Training Program,”
§ $60 million for “enhancing the cloud architecture, migration advisory services, and cloud threat hunting capabilities of the Agency.”
§ $75 million for “for expansion and operation of the CyberSentry program;”
§ $50 million for “for researching and developing means to secure operational technology, including industrial control systems, against cybersecurity vulnerabilities;”
§ $25 million for “for operating a cyber range”
However, the revised “Build Back Better Act” cuts some of this funding. First, the bill would provide $100 million for federal information systems cybersecurity (except for national security systems, meaning most of the Department of Defense and the Intelligence Community):
It bears note that the restriction is lifted that limited the use of funds for implementation of EO 14028, but the overall level of funding is reduced from $400 million to $100 million.
Second, the $100 million for cybersecurity training was sliced down to $15 million:
And yet, there is an additional $100 million bestowed on CISA for similar activities but not through the Cybersecurity Education and Training Assistance Program:
The funds for the Multi-State Information Sharing and Analysis Center (MS-ISAC) got trimmed from $50 million to $35 million:
CISA’s CyberSentry program also got a haircut:
CISA’s proposed funding for cloud security, threat mitigation, and hunting activities was reduced from $60 million to $50 million:
However, CISA’s funding for helping to secure U.S. industrial control systems held steady at $50 million:
The new “Build Back Better” Act has a new section that would give the Federal Emergency Management Agency, a sister agency of CISA’s at DHS, $100 million to make grants to secure state, local, tribal, and territorial governments’ cybersecurity and domains:
§ In a break with history, President Joe Biden nominated acting United States Federal Communications Commission Chair Jessica Rosenworcel to fill the role. Not only has there never been a female FCC chair, but an acting chair has not been tapped to permanently fill the role since the administration of President Lyndon Baines Johnson. Biden also nominated a former advisor to the Obama Administration’s second FCC Chair Tom Wheeler, Gigi Sohn to be an FCC Commissioner.
§ The United Kingdom’s (UK) Information Commissioner’s Office (ICO) “is calling for views on its updated draft guidance on anonymisation, pseudonymisation and privacy enhancing technologies. We are sharing our thinking in stages to ensure we gather as much feedback as possible to help refine and improve the final guidance, on which we will carry out a formal consultation.” The ICO stated:
o In our first chapter ‘Introduction to Anonymisation’ we outlined the legal, policy and governance issues around the application of anonymisation in the context of data protection law. We are grateful for the feedback we have received from many organisations across different sectors.
o Our second chapter ‘Identifiability’ focuses on how to assess anonymisation in the context of identifiability. We explore the concept of a spectrum of identifiability, data sharing scenarios, the motivated intruder and reasonably likely tests as well as guidance on managing re-identification risk. These key principles set out our views on effective anonymisation and we welcome your feedback.
o We will continue to publish draft chapters for comment at regular intervals. As outlined in Building on the data sharing code – our plans for anonymisation guidance, chapters to follow include:
§ Guidance on pseudonymisation techniques and best practices;
§ Accountability and governance requirements in the context of anonymisation and pseudonymisation, including data protection by design and DPIAs;
§ Anonymisation and research - how anonymisation and pseudonymisation apply in the context of research;
§ Guidance on privacy enhancing technologies (PETs) and their role in safe data sharing;
§ Technological solutions – exploring possible options and best practices for implementation; and
§ Data sharing options and case studies – supporting organisations to choose the right data sharing measures in a number of contexts including sharing between different organisations and open data release. Developed with key stakeholders, our case studies will demonstrate best practice.
§ Federal Trade Commission Chair Lina Khan issued a joint statement with Consumer Financial Protection Bureau Director “on an amicus brief the two agencies and the North Carolina Department of Justice filed with the U.S. Court of Appeals for the Fourth Circuit urging the court to overturn a lower court decision in Henderson v. The Source for Public Data, L.P.” Khan and Chopra argued “the lower court’s decision in Henderson would undermine the Fair Credit Reporting Act (FCRA) by granting immunity to consumer reporting agencies under Section 230 of the Communications Decency Act” (i.e., 47 USC 230.)
§ New Zealand’s Office of the Privacy Commissioner (OPC) published a position paper “on how the Privacy Act regulates biometrics…intended to inform decision-making about biometrics by all agencies covered by the Privacy Act, in both the public and private sectors.” The OPC also issued a summary and asserted:
o OPC believes that the privacy principles and the regulatory tools in the Privacy Act are currently sufficient to regulate the use of biometrics from a privacy perspective. OPC will continue to actively gather information about the use of biometrics in New Zealand, to see whether significant privacy issues or regulatory gaps emerge. OPC may also provide further information about its position on the use of particular biometric technologies, such as facial recognition, or on the use of biometrics in particular contexts, such as law enforcement. This position paper will be reviewed six months after publication, in consultation with key stakeholders, to assess its impact and whether any further steps are required.
§ The United States (U.S.) Trade Representative (USTR) lauded “the announcement by the Department of the Treasury that the United States has reached an agreement with Austria, France, Italy, Spain, and the United Kingdom regarding the treatment of Digital Services Taxes (DSTs) during the interim period prior to full implementation of Pillar 1 of the Organization for Economic Co-operation and Development (OECD) agreement.” The USTR added:
o Under the Agreement, in defined circumstances, DST liability that U.S. companies accrue during the interim period will be creditable against future income taxes accrued under Pillar 1 under the OECD agreement. In return, the United States will terminate the currently-suspended additional duties on goods of Austria, France, Italy, Spain, and the United Kingdom that had been adopted in the DST Section 301 investigations. USTR is proceeding with the formal steps required for terminating the Section 301 trade actions, and in coordination with Treasury, will monitor implementation of the agreement going forward.
o The Agreement on DSTs is reflected in a Joint Statement from Austria, France, Italy, Spain, the United Kingdom, and the United States Regarding a Compromise on a Transitional Approach to Existing Unilateral Measures During the Interim Period Before Pillar 1 is in Effect, which may be found here. Turkey and India, the other two countries covered by the DST investigations, have not joined in the agreement.
§ The White House’s Office of Science and Technology Policy (OSTP) published a readout on Quantum Industry and Society that “convened industry stakeholders from across the country to discuss how quantum computers and quantum sensors will benefit American society.” The OSTP summarized the event:
o The summit included a roundtable discussion with Executive Office of the President representatives and leaders from quantum information technology companies. The roundtable focused on understanding the applications of quantum information science, the barriers for transitioning quantum R&D concepts into products or services in a global market, and the potential societal impact of quantum technologies.
o Presidential Science Advisor and OSTP Director Dr. Eric Lander gave opening remarks highlighting the benefits of past investments in science and technology on our health, economy, and national security. He commented on the potential for quantum information technology to impact many areas, including biology and medicine. Dr. Lander also stressed the need to work together on understanding the applications and roadblocks for realizing the full potential of this technology.
§ In conjunction with the aforementioned Office of Science and Technology Policy (OSTP) meeting, the White House’s National Science and Technology Council’s (NSTC) Economic and Security Implications of Quantum Science Subcommittee issued a report that “highlights the critical role that international talent plays in ensuring a vibrant and successful U.S. research enterprise in Quantum Information Science and Technology (QIST), including the importance of close collaboration with foreign partners, while also stressing the importance of protecting the technology and expertise of the United States and our international partners.” The subcommittee’s report “finds that maintaining a strong flow of international students and researchers is an essential component to developing the expert QIST workforce required to achieve U.S. QIST goals as part of an advancing global research enterprise” and “[t]o ensure continued U.S. leadership in QIST, this report recommends the following:
o 1. The United States should continue to develop and support policies that welcome talented individuals from all over the world, while implementing appropriately balanced protections that mitigate potential research security concerns.
o 2. Federal organizations should engage in close collaboration with allies and partners to ensure a vibrant and secure international QIST ecosystem that is underpinned by shared values and principles including freedom of inquiry, merit-based competition, openness and transparency, accountability, and reciprocity.
o 3. The NSTC Subcommittee on Quantum Information Science (SCQIS) should develop a five-year strategic plan for QIST workforce development, to assess evolving workforce needs, grow the domestic pool of talent, and foster ways to attract and retain top QIST talent from around the world.
o 4. Federal organizations that fund research, development, and acquisition of QIST should develop coordinated, comprehensive technology protection plans to safeguard intellectual capital and property, while accounting for specific mission needs. These measures should address current and evolving methods used to target U.S. technology, while promoting U.S. ideals of open and transparent R&D.
§ The United States (U.S.) Consumer Financial Protection Bureau (CFPB) issued “a series of orders to collect information on the business practices of large technology companies operating payments systems in the United States.” The agency stated:
o The information will help the CFPB better understand how these firms use personal payments data and manage data access to users so the Bureau can ensure adequate consumer protection.
o The orders are issued pursuant to Section 1022(c)(4) of the Consumer Financial Protection Act. The CFPB has the statutory authority to order participants in the payments market to turn over information to help the Bureau monitor for risks to consumers and to publish aggregated findings that are in the public interest. The CFPB’s work is one of many efforts within the Federal Reserve System to make payments safer, faster, and more competitive. The initial orders were sent to Amazon, Apple, Facebook, Google, PayPal, and Square. The Bureau will also be studying the payment system practices of Chinese tech giants, including Alipay and WeChat Pay.
o Families and businesses benefit from faster, cheaper, and more secure payment systems. As online commerce and electronic payments have become consumers’ normal expectation -- especially during the pandemic -- companies have developed new products and business models to meet this demand.
o At the same time, these changes present new risks to consumers and to a fair, transparent, and competitive marketplace. For example, large technology firms such as Apple and Google have sought to integrate payments services into their operating systems. Person-to-person (P2P) payments platforms such as Venmo and CashApp have grown quickly, and speedy growth can present risks to families and businesses. Chinese giants Alipay and WeChat Pay are part of broader super apps that touch multiple parts of a consumer’s life and until recently were actively seeking to expand their presence in the US market.
o The CFPB’s orders build on the efforts of the Federal Trade Commission’s work to shed light on the business practices of the largest technology companies in the world. The orders also seek to illuminate the range of these consumer payment products and their underlying business practices. Specifically, the orders will compel information on:
§ Data harvesting and monetization. Payment companies may be actively sharing payment data across product lines and with data brokers and other third parties. In some cases, Big Tech companies may be using this data for behavioral targeting. These practices may not align with consumers’ expectations. The orders seek information on how companies collect and use data.
§ Access restrictions and user choice. When payment systems gain scale and network effects, merchants and other partners feel obligated to participate, and the risk increases that payment systems operators will limit consumer choice and stifle innovation by anticompetitively excluding certain businesses. The orders seek to understand any such restrictive access policies and how they affect the choices available to families and businesses.
§ Other consumer protections. Consumers expect certain assurances when dealing with companies that move their money. They expect to be protected from fraud and payments made in error, for their data and privacy to be protected and not shared without their consent, to have responsive customer service, and to be treated equally under relevant law. The orders seek to understand the robustness with which payment platforms prioritize consumer protection under laws such as the Electronic Fund Transfer Act and the Gramm-Leach-Bliley Act.
§ The House Judiciary Committee chair and Antitrust, Commercial, and Administrative Law Subcommittee chair and ranking member and two other members wrote Amazon President and CEO Andy Jassy “in response to recent, credible reporting that directly contradicts the sworn testimony and representations of Amazon’s top executives—including former CEO Jeffrey Bezos—to the Committee about their company’s business practices during our investigation last Congress.” They argued that “[a]t best, this reporting confirms that Amazon’s representatives misled the Committee…[and] [a]t worst, it demonstrates that they may have lied to Congress in possible violation of federal criminal law.” The Members stated:
o In light of the serious nature of this matter, we are providing you with a final opportunity to provide exculpatory evidence to corroborate the prior testimony and statements on behalf of Amazon to the Committee. We strongly encourage you to make use of this opportunity to correct the record and provide the Committee with sworn, truthful, and accurate responses to this request as we consider whether a referral of this matter to the Department of Justice for criminal investigation is appropriate.
o Last Wednesday, Reuters reported that Amazon “ran a systematic campaign of creating knockoffs and manipulating search results to boost its own product lines in India, one of the company’s largest growth markets.” This report was the result of a review of thousands of Amazon’s internal documents, including emails, plans, and strategy papers. As this report notes, these internal documents show a pattern of Amazon “exploiting proprietary data from individual sellers to launch competing products and manipulating search results to increase sales of the company’s own goods.” In one example, Amazon replicated a popular brand of shirts, copied the measurements of the shirt “down to the neck circumference and sleeve length,” and then partnered with the manufacturer of the product to produce a version of similar quality. As Amazon’s internal document noted, “It is difficult to develop this expertise across products and hence, to ensure that we are able to fully match quality with our reference product, we decided to only partner with the manufacturers of our reference product.”
§ California Governor Gavin Newsom signed three bills into law to change the state’s privacy laws:
§ First, the proposal would delete a duplicative phrase, "or by the consumer", from the exception to the definition of "personal information" for "publicly available" information in Civil Code Section 1798.140(v)(2). This same phrase appears earlier in the same sentence.
§ Second, the proposal would correct an error made in preparing the text of Proposition 24 submitted by the proponent to the Attorney General for inclusion in the ballot pamphlet. This correction is accomplished by deleting three commas and adding one comma in Civil Code Section 1798.145(k).
§ Finally, the proposal would correct a discrepancy between Civil Code Section 1798.100.40(b), which provides for the CPPA to assume responsibility for rule-making the earlier of July 1, 2021, or six months after the CPPA provides notice to the Attorney General that it is prepared to assume responsibility, and Section 1798.185(d), which specifies that it is the "later" of these two dates. Because the appointments to the CPPA were just made it should be the later of the two dates.
o AB 825 that “adds “genetic information” to the definition of personal information for purposes of the laws requiring certain businesses to implement and maintain reasonable security procedures and practices to protect personal information they own, license, or maintain…[and] requires businesses and agencies that maintain personal information to disclose a breach of genetic information” per a bill summary.
o SB 41 that “establishes the Genetic Information Privacy Act, providing additional protections for genetic data by regulating the collection, use, maintenance, and disclosure of such data” according to a bill summary.
§ United States (U.S.) Trade Representative (USTR) Katherine Tai made remarks at the Center for Strategic and International Studies (CSIS) “outlining the Biden-Harris Administration’s new approach to the U.S.-China bilateral trade relationship.” In a fact sheet, the USTR announced “the initial steps we will take to re-align our trade policies towards the PRC around OUR priorities:
o First, we will discuss with China its performance under the Phase One Agreement. China made commitments that do benefit certain American industries, including agriculture that we must enforce. President Biden will continue to promote our economic interests – and build confidence for American industry.
o Second, while pursuing Phase One enforcement, we will restart our targeted tariff exclusions process to mitigate the effects of certain Section 301 tariffs that raised costs on Americans.
o Third, we continue to have serious concerns with the PRC that were not addressed in the Phase One deal, specifically related to its state-centered and non-market trade practices including Beijing's non-market policies and practices that distort competition by propping up state-owned enterprises, limiting market access, and other coercive and predatory practices in trade and technology.
o Even as we work to enforce the terms of Phase One, we will raise our broader concerns with Beijing's non-market policies and practices like abuse of state-owned enterprises, anti-competitive behavior and subsidies, the theft of American intellectual property directly and in coordination with our allies and partners. We will defend American economic interests using the full range of tools we have and by developing new tools as needed.
o And lastly, we know that we cannot do it alone. We will continue consulting and coordinating with allies and partners who share our strong interest in ensuring that the terms of competition are fair, work collectively to set the rules of the road for trade and technology in the 21st century, and strengthen the global market for our workers and businesses.
§ “Microsoft: Russian-backed hackers targeting cloud services” By Alan Suderman — Associated Press. Microsoft said Monday the same Russia-backed hackers responsible for the 2020 SolarWinds breach continue to attack the global technology supply chain and have been relentlessly targeting cloud service companies and others since summer. The group, which Microsoft calls Nobelium, has employed a new strategy to piggyback on the direct access that cloud service resellers have to their customers' IT systems, hoping to “more easily impersonate an organization’s trusted technology partner to gain access to their downstream customers." Resellers act as intermediaries between giant cloud companies and their ultimate customers, managing and customizing accounts.
§ “Australia’s essential services could be forced to report when they are under cyber-attack” By Daniel Hurst — The Guardian. The Morrison government will push ahead with new laws requiring businesses to report when they are under cyber-attack and, in extreme cases, to allow Australian officials to “step in” to help fend off hackers. The operators of critical assets will be required to report cyber incidents. The legislation will also allow the government – through the Australian Signals Directorate – to provide direct assistance to industry “as a last resort”.
§ “Facebook whistleblower advises UK lawmakers on enforcing Online Safety Bill” By Katie Collins — c/net. Facebook whistleblower Sophie Zhang gave UK lawmakers her perspective on how best to implement the pending Online Safety Bill in a hearing in Parliament on Monday. The former Facebook data scientist used her inside knowledge of moderation practices to answer questions from the Draft Online Safety Bill joint committee about how to ensure that tech companies comply with upcoming legislation that would see them more tightly regulated in the UK.
§ “West eyes China’s playbook as Big Tech revs up finance ambitions” By Bjarke Smith-Meyer — Politico EU. As Big Tech wades deeper into financial markets, Western policymakers are looking to an unlikely regulatory guide: China. It’s not often that the West looks to Beijing for policy solutions, especially since diplomatic ties have soured amid alleged human rights abuses among China's Uyghur Muslims, trade dumping and a military build-up in the South China Sea. But a looming monetary crisis at the hands of Big Tech has made strange bedfellows. At issue is growing wariness in economic circles over the digital giants’ plans for the financial sector ever since Facebook announced a joint project two years ago with 25 other companies to launch a virtual currency called Diem.
§ “Chinese military newspaper calls for ‘people’s war’ to counter US spies after CIA sets up new China unit” — Shi Jiangtao — South China Morning Post. A Chinese military newspaper has called for a “people’s war” to defeat American espionage after the CIA set up a new unit dedicated to China. The launch of China Mission Centre on October 7, which CIA Director William Burns said was aimed at countering “the most important geopolitical threat” of the century, has gone viral on Chinese social media. A widely circulated video clip in the past few days, carried by many state-controlled media outlets, claimed that the CIA was recruiting Chinese-speaking operatives who understood Mandarin as well as Cantonese, Hakka and Shanghainese.
§ “Amazon copied products and rigged search results to promote its own brands, documents show” By Aditya Kalra and Steve Stecklow — Reuters. Amazon.com Inc has been repeatedly accused of knocking off products it sells on its website and of exploiting its vast trove of internal data to promote its own merchandise at the expense of other sellers. The company has denied the accusations. But thousands of pages of internal Amazon documents examined by Reuters – including emails, strategy papers and business plans – show the company ran a systematic campaign of creating knockoffs and manipulating search results to boost its own product lines in India, one of the company’s largest growth markets.
§ “Washington Hears Echoes of the ’50s and Worries: Is This a Cold War With China?” By David Sanger — The New York Times. When Kevin Rudd, the former Australian prime minister and longtime China expert, told a German newsmagazine recently that a Cold War between Beijing and Washington was “probable and not just possible,” his remarks rocketed around the White House, where officials have gone to some lengths to squelch such comparisons. It is true, they concede, that China is emerging as a far broader strategic adversary than the Soviet Union ever was — a technological threat, a military threat, an economic rival. And while President Biden insisted at the United Nations last month that “we are not seeking a new Cold War or a world divided into rigid blocs,” his repeated references this year to a generational struggle between “autocracy and democracy” conjured for some the ideological edge of the 1950s and ’60s.
§ “Sinclair TV stations disrupted across the US after ransomware attack” By Catalin Cimpanu — The Record. TV broadcasts for Sinclair-owned channels have gone down today across the US in what the stations have described as technical issues, but which multiple sources told The Record to be a ransomware attack. The incident occurred in the early hours of the day and took down the Sinclair internal corporate network, email servers, phone services, and the broadcasting systems of local TV stations. As a result of the attack, many channels weren’t able to broadcast morning shows, news segments, and scheduled NFL games, according to a barrage of tweets coming from viewers and the TV channels themselves.
§ “Alphabet CEO Sundar Pichai calls for federal tech regulation, investments in cybersecurity” By Sarah Perez — TechCrunch. In a wide-ranging interview at the WSJ Tech Live conference that touched on topics like the future of remote work, AI innovation, employee activism and even misinformation on YouTube, Alphabet CEO Sundar Pichai also shared his thoughts on the state of tech innovation in the U.S. and the need for new regulations. Specifically, Pichai argued for the creation of a federal privacy standard in the U.S., similar to the GDPR in Europe. He also suggested it was important for the U.S. to stay ahead in areas like AI, quantum computing and cybersecurity, particularly as China’s tech ecosystem further separates itself from Western markets.
§ “PM urged to enact ‘David’s law’ against social media abuse after Amess’s death” By Jessica Elgot — The Guardian. Boris Johnson is facing calls to enact “David’s law” to crack down on social media abuse of public figures and end online anonymity in the wake of the killing of Sir David Amess. Dozens of MPs paid tribute in the House of Commons on Monday to the veteran Conservative backbencher who was stabbed to death on Friday, shedding tears, sharing uproarious anecdotes and venting anger over his death.
§ “UK emerges as Europe's top crypto hub with $170bn of deals” By LaToya Harding — yahoo!finance. The UK has become the leading country in Europe for cryptocurrency transactions, with $170bn (£123bn) worth of deals. According to a report from blockchain data platform Chainalysis, central, northern, and western Europe (CNWE) had the biggest cryptocurrency economy in the world, receiving more than $1tn worth of the digital coins over the last year.
§ 2 November
o The Senate Judiciary Committee will hold a hearing titled “Cleaning Up Online Marketplaces: Protecting Against Stolen, Counterfeit, and Unsafe Goods.”
§ 3 November
o The Senate Homeland Security and Governmental Affairs Committee will markup a number of bills and nominations, including:
§ The “Federal Cybersecurity Workforce Expansion Act” (S.2274)
§ The “Improving Cybersecurity of Small Organizations Act of 2021” (S.2483)
§ The “Defense of United States Infrastructure Act of 2021” (S.2491)
§ The “CISA Technical Corrections and Improvements Act of 2021” (S.2540)
§ The “CISA Cyber Exercise Act” (S.2993)
§ The “GOOD AI Act of 2021” (S.3035)
o The Senate Foreign Relations Committee will hold a closed briefing on United States cybersecurity with Assistant Secretary of State for Intelligence and Research Brett Holmgren
o The House Homeland Security Committee will hold a hearing titled “Evolving the U.S. Approach to Cybersecurity: Raising the Bar Today to Meet the Threats of Tomorrow” with National Cyber Director Chris Inglis and Cybersecurity and Infrastructure Security Agency Director Jen Easterly
o The House Select Committee on Economic Disparity and Fairness in Growth will hold a hearing titled “Our Changing Economy: The Economic Effects of Technological Innovation, Automation and the Future of Work.”
o The House Intelligence Committee’s Counterterrorism, Counterintelligence, and Counterproliferation Subcommittee will hold a hearing titled “Countering Domestic Terrorism.”
§ 4 November
§ 8 November
o The National Institute of Standards and Technology (NIST) will hold a workshop to “discuss the approach that NIST is taking to support Section 4e of the President’s Executive Order (EO) on “Improving the Nation’s Cybersecurity (14028)” issued on May 12, 2021. This EO charged multiple agencies – including NIST– with enhancing cybersecurity through a variety of initiatives related to the security and integrity of the software supply chain.”
§ 16 November
o The Senate Judiciary Committee will hold a hearing titled “Oversight of the Department of Homeland Security.”