from Net Politics and Digital and Cyberspace Policy Program

Cyber Week in Review: March 20, 2015

CFR Cyber Manuel Valls Net Politics
CFR Cyber Manuel Valls Net Politics

March 20, 2015 1:30 pm (EST)

CFR Cyber Manuel Valls Net Politics
CFR Cyber Manuel Valls Net Politics
Blog Post
Blog posts represent the views of CFR fellows and staff and not those of CFR, which takes no institutional positions.

Here is a quick round-up of this week’s technology headlines and related stories you may have missed:

  • The French government proposed a new law that would require all internet service providers (ISPs) in France as well as online platforms operating in France (e.g. Facebook, Google, Skype, etc.) to collect the metadata of their users’ Internet activity. French Interior Minister Bernard Cazeneuve said that the information would be collected using "black boxes" installed on companies’ networks and used to analyze patterns of online behavior in real time to identify suspicious activity. According to Le Monde, French authorities hope the behavioral analysis will allow them to identify "future" terrorists. The proposal is strikingly similar to Russia’s SORM system, which requires Russian ISPs to install FSB-developed black boxes on their networks. Unlike SORM, however, the French black boxes will only collect metadata, not the content of communications. That distinction is unlikely to mollify the concerns of French privacy activists who have already roundly criticized the bill.
  • The United States and the European Union continue to put pressure on China to change course on its new cybersecurity rules for the banking sector. The rules require technology companies to turn over source codes and encryption keys to the Chinese government, which argues the move is necessary to improve the county’s cybersecurity. Western countries argue the rule is a trade measure aimed at protecting China’s domestic tech industry and keeping foreign firms out. A recent EU report on trade barriers singles out the rule, calling it a "tremendous barrier" for foreign tech firms looking to do business in China.
  • The U.S. Department of Justice is planning to lay charges against the perpetrators of last year’s hack of JPMorgan Chase, according to the New York Times. It turns out that the breach, originally rumored to be the work of the Russian government, was perpetrated by less sophisticated actors, making it easier for authorities to identify them. Unlike last year’s indictment of five officers from the People’s Liberation Army, sources quoted in the Times argue that those responsible for the attack are "gettable," meaning they are located in a country with an extradition treaty with the United States.
  • Cisco announced that it will offer clients the ability to ship hardware to dummy locations to avoid the NSA’s clandestine interception efforts. Last year, Glenn Greenwald revealed that the NSA intercepts networking gear in transit to covertly install implants before they are delivered. Cisco now joins the likes of Apple, Google, Yahoo and others which have announced plans to offer alternatives to clients seeking to thwart the NSA’s collection efforts.