from Net Politics and Digital and Cyberspace Policy Program

Cyber Week in Review: January 25, 2019

REUTERS/Yves Herman

This week: GDPR hits Google with record fine; the French unveil new cyber doctrine; WhatsApp fights misinformation; and the government shutdown degrades cyber defenses.

January 25, 2019

REUTERS/Yves Herman
Blog Post
Blog posts represent the views of CFR fellows and staff and not those of CFR, which takes no institutional positions.

Here is a quick round-up of this week’s technology headlines and related stories you may have missed: 

GDPR Strikes! France’s privacy watchdog, the National Commission on Informatics and Liberty (CNIL), hit Google with a $56 million penalty, the biggest fine doled out under Europe’s General Data Protection Framework (GDPR) thus far and the first punitive action against a U.S. tech giant for violating GDPR. In a public statement released Monday, CNIL blasted Google for failing to “validly obtaining” user consent for ad personalization, and for providing information on data usage that was “not easily accessible” and “not always clear nor comprehensive.” CNIL’s decision has been hailed internationally by privacy advocates as a win, as well as a signal to Silicon Valley that the days of unbridled user data collection are over. The EU fine also highlights the lack of concrete steps taken by U.S. agencies to protect consumer privacy, although that might change soon: Recent reports suggest that the F.T.C. is considering a “record-setting fine” against Facebook in connection to last year’s Cambridge Analytica scandal.

More on:

Cybersecurity

Privacy

Social Media

Cyber Gaullism. Months after French President Emmanuel Macron touted his ideas for peace and stability in cyberspace, which included proposed arm controls on cyber weapons, France rolled out a new cyber doctrine that delivered a decidedly different message. Speaking at a forum this week, French Defense Secretary Florence Parly declared that the “cyber war had begun” and signaled that France would adopt an offensive doctrine in cyberspace. Parly’s statement was in line with a new document published on French cyber strategy last week, which called for France to accelerate production of cyberweapons (unofficial English translation here). France’s new doctrine clearly mirrors the United States’ ‘defending forward’ doctrine, which has led a handful of countries to adopt an offensive posture in cyberspace. However, France is the first EU and NATO country to openly adopt such a posture.

WhatsApp Also Thinks Your Friends Fwd Too Many Messages. WhatsApp capped the number of times a user can simultaneously forward messages to five this week, a policy tweak intended to combat the spread of misinformation. The change comes after a 6-month pilot in India, which found that “[t]he forward limit significantly reduced forwarded messages around the world.” That could significantly throttle the speed at which rumors and fake news spread on the platform. India, in particular, has seen misinformation on WhatsApp trigger mob lynchings and rising anti-Islamic sentiment. In Brazil, WhatsApp has also been used to spread misinformation in the weeks before the 2018 presidential election, and the platform was recently accused of “skewing” the election in favor of newly-elected Jair Bolsonaro. In addition to this week’s message forwarding cap, WhatsApp has been engaged in large-scale public education campaigns, fact-checking, and other changes to stop misinformation in BrazilPakistan and other countries.

The👏Government👏 Shutdown👏 Is👏 Bad👏 Cyber. As the longest government shutdown in U.S. history appears to have ended after 35 days, federal cybersecurity took significant hits. Even though employees designated as “essential” were still at work, the lack of support staff appeared to be seriously degrading the quality of the IT work being done in the government. The shutdown was also hobbling agencies as they respond to a rare Department of Homeland Security (DHS) emergency directive issued this week, which warned that hackers are attempting to tamper with the Domain Name System (DNS). The order directed the Cybersecurity Infrastructure Security Agency (CISA) to provide technical assistance to counter the attack, though 45% of CISA employees had been furloughed. As Senior Fellow Robert Knake warned this week, "our adversaries are fully supported in their mission to compromise federal networks," even as federal IT security personnel face low morale and a lack of support because of the shutdown.

More on:

Cybersecurity

Privacy

Social Media

Creative Commons
Creative Commons: Some rights reserved.
Close
This work is licensed under Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International (CC BY-NC-ND 4.0) License.
View License Detail
Close