from Net Politics and Digital and Cyberspace Policy Program

Cyber Week in Review: December 9, 2016

CFR Cyber Net Politics
CFR Cyber Net Politics

December 9, 2016

CFR Cyber Net Politics
CFR Cyber Net Politics
Blog Post
Blog posts represent the views of CFR fellows and staff and not those of CFR, which takes no institutional positions.

Here is a quick round-up of this week’s technology headlines and related stories you may have missed:

1. Stop trying to influence me! Germany’s domestic intelligence agency reported that it has seen a large increase in Russian disinformation and propaganda campaigns intended to "weaken or destabilize the Federal Republic of Germany." The campaigns include "enormous use of financial resources" to disinform russophones and the wider German public. The uncharacteristically frank announcement comes a few months before the German elections next year and at the same time that the executive and legislative branches in the United States examine Russia’s role in the U.S. election. For its part, Russia is concerned that foreigners are trying to influence its internal affairs according to a revised information security doctrine the Kremlin published on Wednesday. The doctrine identifies "informational-psychological influences" by foreign governments "aimed at the destabilization" of Russia and calls for "a national system of managing the Russian segment of the internet." That line has stoked fears that Russia will attempt to create a purely domestic internet disconnected from the wider web, much like Iran is trying to do with its halal internet project.

2. Does this look like terrorist content to you? After months of pressure, Microsoft, Facebook, Twitter and YouTube announced that they will be partnering in an effort to combat violent extremism online. The companies will share information and create a database of “violent terrorist imagery” that will allow them to cross-reference and detect matching content, facilitating its removal across multiple platforms, analogous to the database used to combat child exploitation. The announcement emphasizes that participation is voluntary and not automated: “matching content will not be automatically removed.” The move has sparked concern that it will escalate to suppression of free speech. The creation of a centralized database that will surely be the target of constant government requests for data raises fears of state-imposed mission creep. The announcement came a day after the EU pressured the same group of companies to respond more quickly in removing or blocking access to hateful speech online.

3. Report: cybersecurity is hard. After nine months of work, the White House’s Commission on Enhancing National Cybersecurity released its study on the future of U.S. cybersecurity. The recommendations range from vague prescriptions like creating a “culture of cybersecurity” to more actionable items like the creation of “nutrition labels” for internet of things devices. Among the salient recommendations: reorganizing cybersecurity responsibilities within the federal government, appointing an ambassador for cybersecurity, and commissioning a study of legal liability for poorly-secured internet-connected devices. It also calls for training and hiring 100,000 federal “cybersecurity practitioners” by 2020. As the study comes at the end of President Obama’s term, implementing it will fall to the Trump Administration. The recommendations have been criticized for being unrealistic, impractical, or duplicative. In particular, the 100,000 cybersecurity practitioners may finish training only to find their jobs have been automated. At least one of the recommendations may come to pass. Representative Michael McCaul announced that he will seek to create a federal agency within the Department of Homeland Security to consolidate the federal government’s cybersecurity operations.