from Net Politics and Digital and Cyberspace Policy Program

Cyber Week in Review: February 17, 2017

A Yahoo logo is pictured in front of a building in Rolle, 30 km (19 miles) east of Geneva, December 12, 2012. (Denis Balibouse/Reuters)

February 17, 2017

A Yahoo logo is pictured in front of a building in Rolle, 30 km (19 miles) east of Geneva, December 12, 2012. (Denis Balibouse/Reuters)
Blog Post
Blog posts represent the views of CFR fellows and staff and not those of CFR, which takes no institutional positions.

Here is a quick round-up of this week’s technology headlines and related stories you may have missed:

1. That looks a bit worn for wear. Can I get a discount? Verizon Communications Inc. is reportedly seeking a discount on its $4.8 billion purchase of Yahoo’s internet properties given the two sizeable security breaches the tech company disclosed last year. Last fall, Yahoo announced in two separate disclosures that security breaches in 2013 and 2014 compromised approximately 1.5 billion accounts. As a result, Yahoo! and Verizon have agreed to shave anywhere between $250 and $300 million off the sale price. In addition, the merged entity, which is going to be called Altaba Inc., will also take on Yahoo’s liability for the breaches. No word yet on whether Verizon will seek a further discount given that Yahoo announced this week that a state actor may have compromised users’ email accounts as a result of a vulnerability in the way Yahoo Mail handled login cookies.

2. A Fifth Geneva Convention. In a keynote address at this week’s RSA conference, Microsoft President Brad Smith called for the creation of a “Digital Geneva Convention” to protect civilians from state action cyberspace. Smith drew an analogy to the fourth Geneva convention which protects civilians in times of war, and said that a similar agreement was necessary to protect critical civilian infrastructure. Of all the tech companies, Microsoft has been the most active in trying to publicly shape the cyber norms debate. In 2014, the company released a proposed set of cybersecurity norms and followed up in 2016 with specifics to implement them. There’s still an ongoing debate among experts whether new international law for cyberspace is necessary, or even desirable.

3. Divided we stand. The European Union is struggling to decide whether Google and other web platforms should pay publishers, like newspapers and magazines, for their content. Last year, the European Commission proposed a rule that would require online platforms to give publishers a cut of their ad revenue, addressing publishers’ concerns that websites like Google News were freeloading off their content to generate profit. That drew a fierce backlash from the tech industry, which argued that linking to publishers’ content actually drove more clicks to their websites and gives them ad revenue. They also argued that compliance with the rule would effectively create a "link tax" to news content, and make it less likely for news and other content to be shared online. According to Politico, the Commission’s proposed rule, which had the backing of France, Italy and Spain and was picking up steam at the end of 2016, has now run into some significant opposition from the United Kingdom, the Netherlands and Estonia, which are siding with the tech companies.

4. About time, Australia! The Register reports that the Australian senate has finally passed data breach notification laws after deliberating on the legislature since 2012. The law, anticipated to come into effect at some point in the next year, will require organizations to report any external data flow potentially harmful to an individual to Australia’s Privacy Commissioner within 30 days of detection.