Overnight Cybersecurity: Apple-FBI feud spills over to White House

Welcome to OVERNIGHT CYBERSECURITY, your daily rundown of the biggest news in the world of hacking and data privacy. We’re here to connect the dots as leaders in government, policy and industry try to counter the rise in cyber threats. What lies ahead for Congress, the administration and the latest company under siege? Whether you’re a consumer, a techie or a D.C. lifer, we’re here to give you…

THE BIG STORIES:

–A (WHITE) HOUSE DIVIDED: The fierce iPhone battle between Apple and the FBI is spilling over into the White House, which has been poised to roll out a major policy statement on encryption and when the government should have access to locked smartphones. Tech companies and privacy advocates have come out in full support of Apple’s defiance of a federal court order to unlock the iPhone used by one of the San Bernardino shooters, pitting them against the FBI and the White House, which have supported the bureau’s tactics. The standoff has painted President Obama into a corner. The president has loyalties to Silicon Valley, which helped bankroll his presidential campaigns. But siding with the FBI against Apple, Google, Facebook and other tech powers isn’t the late-term fight he wants. Yet politicians in both parties and broad swaths of the public are pressing the White House to do more to combat the rise of domestic terrorism. Many lawmakers and roughly half of Americans are siding against Apple, arguing federal authorities need to have access to encrypted devices to fight crime and terrorism. The White House has “conflicting political desires,” said Tim Edgar, a former director of privacy and civil liberties for the White House National Security Staff. “On the one hand, they don’t want to be seen as opposing the FBI in a major terrorism case,” he said. “But on the other hand, they don’t want to go out and give more ammunition to the idea that they’re selling out privacy.” Basically, he said, “They’re caught in a bind.” To read our full story, check back tomorrow morning.

{mosads}–ARE YOU DOING THIS ON PURPOSE?: The FBI is facing claims it deliberately selected the emotionally charged case of the San Bernardino terrorist’s iPhone to force a precedent on encryption policy. “I think the FBI is being very selective here and it has much more to do with the emotional value and public relations value of the case than it does with the FBI’s real need for the phone,” former White House counterterrorism and cybersecurity chief Richard Clarke told The Hill. Led by Director James Comey, the FBI has for months advocated different avenues for law enforcement to access locked communications with the appropriate court order. Technologists and privacy advocates have pushed back, insisting that impenetrable encryption is indispensable to online security and privacy. The latest salvo in an increasingly bitter fight came last week, when the agency asked federal judge Sheri Pym to issue a court order demanding Apple write a piece of software to disable certain security features on shooter Syed Rizwan Farook’s county-owned work phone. Farook, with wife Tashfeen Malik, killed 14 in the December massacre. Critics are suggesting the FBI’s choice was calculated. By pressing forward in a case with optics that seem cut and dry, they say, the agency could set a precedent that gives it the controversial guaranteed access Comey has been demanding. “It’s a brilliant tactic,” said Chris Finan, a former Obama administration cybersecurity adviser who now heads California-based financial tech firm Manifold Technology. “They realize the public is going to be on their side.” To read our full piece, check back tomorrow morning.

–GIVE US A HAND HERE, WILL YA? Apple will argue in legal filings this week that Congress should decide whether the tech giant should comply with the FBI and unlock Farook’s encrypted iPhone — an increasingly popular position. Rep. Pat Meehan (R-Pa.) on Wednesday advocated for Congress to resolve the tense stand-off between Apple and the FBI by passing some form of legislation governing encryption. “The parties have to find common ground, and Congress needs to write it into law,” Meehan wrote in an op-ed published in the Philadelphia Inquirer. Meanwhile, a bipartisan pair of lawmakers on Wednesday predicted broad support and swift passage of upcoming legislation to establish a national commission exploring how police can get at encrypted data without endangering Americans’ privacy. The measure, from House Homeland Security Committee Chairman Michael McCaul (R-Texas) and Sen. Mark Warner (D-Va.), is set to drop early next week, the duo said during a Bipartisan Policy Center event. “I predict it gets a lot of momentum,” McCaul said. “I do believe the administration will be supportive.” To read about McCaul and Warner’s bill, click here. To read about Meehan’s op-ed, click here. To read about Apple’s arguments, click here.

 

UPDATE ON CYBER POLICY:

–IT’S IN THE BAG. President Obama on Wednesday signed into law a privacy bill that is a prerequisite for a law enforcement data-sharing “umbrella” agreement reached last fall.

Passing the so-called Judicial Redress Act, which gives EU citizens the right to challenge misuse of their personal data in U.S. court, was also considered integral to a major transatlantic data transfer pact reached the European Union earlier this month.

“We can finally begin to put back together the critical U.S.-EU law enforcement and data sharing protocols we rely on to keep Americans safe,” said bill co-sponsor Sen. Chris Murphy (D-Conn.) in a Wednesday statement. “Each day that Congress delayed passing the Judicial Redress Act was another day closer to catastrophe for our national security and American technology companies who do business abroad.”

The bill had broad bipartisan support, and passed both chambers unanimously after some negotiations.

“The president’s signing of the Judicial Redress Act shows America’s commitment to rebuilding trust between allies and demonstrates our nation’s willingness to act in good faith with our European allies to secure open lines of communication between law enforcement agencies,” said House sponsor Jim Sensenbrenner (R-Wis.). “This is a significant achievement for our country, our allies, and for the safety and security of the United States.”

Read up on our past coverage of the bill, here.

 

LIGHTER CLICK:

–FROM THE ARCHIVE. For when you’re experiencing this, just watch this.

 

WHO’S IN THE SPOTLIGHT:

–THE SONY HACKERS. The perpetrators of the 2014 cyberattack on Sony were not lone-wolf activists or disgruntled employees, according to a coalition of security companies that has been investigating the case.

A report released by the group Wednesday concluded that the attackers were government backed — although it stopped short of endorsing the official U.S. position that North Korea is to blame.

“This is very much supportive of the theory that this is nation-state,” Novetta Chief Executive Peter LaMontagne told Reuters. “This group was more active, going farther back, and had greater capabilities and reach than we thought.”

The attackers also likely had other targets in China, India, Japan and Taiwan, according to the group.

Read on, here.

 

THE WEEK AHEAD:

THURSDAY

–The House Intelligence Committee will hold a hearing at 9 a.m. to examine worldwide threats. Top intelligence officials will testify, including Director of National Intelligence James Clapper, CIA Director James Brennan and FBI Director James Comey.

–The House Judiciary Committee will hold a hearing at 10 a.m. on cross-border data flows.

–The House Oversight Committee will hold a hearing at 10 a.m. on the Obama administration’s proposal to overhaul the security clearance process, which includes handing over security of the network to the Defense Department.

–The House Homeland Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies will hold a hearing at 2 p.m. on emerging cyber threats from China, Russia, North Korea and Iran.

 

IN CASE YOU MISSED IT:

Links from our blog, The Hill, and around the Web.

Apple CEO Tim Cook is affirming his stiff stance against the FBI, drawing a line in the sand over the government’s call for a way around security software. (The Hill)

A new poll in the Apple encryption battle shows how the wording of surveys and their methodology can have a dramatic effect on results. (The Hill)

Thousands of apps running code built by Chinese Internet giant Baidu have collected and transmitted users’ personal information to the company, much of it easily intercepted, researchers say. (Reuters)

The U.S. government on Monday accused Apple of “misleading” statements in a case surrounding a locked phone in New York. (Law360)

Computer hardware maker Asus has agreed to make customers aware of reasonable security steps that may be available to them to resolve an FTC claim. (Law360)

Hackers can control features in Nissan’s Leaf electric cars over the internet, a researcher has found. (The Guardian)

Lawmakers are pursuing a progress report on California’s cybersecurity following an unflattering risk assessment and Gov. Jerry Brown’s establishment of a task force in August. (Redding.com)

If you’d like to receive our newsletter in your inbox, please sign up here: http://goo.gl/KZ0b4A