Welcome to Hillicon Valley, The Hill’s newsletter detailing all you need to know about the tech and cyber news from Capitol Hill to Silicon Valley. If you don’t already, be sure to sign up for our newsletter with this LINK.
Welcome! Follow the cyber team, Maggie Miller (@magmill95), and the tech team, Emily Birnbaum (@birnbaum_e) and Chris Mills Rodrigo (@chrisismills).
HOUSE APPROVES ANTI-ROBOCALL BILL: The House of Representatives on Wednesday approved an anti-robocall bill in an almost unanimous vote.
The measure also enjoys support in the Senate, making it likely the legislation reaches President Trump’s desk before the end of the year.
The Pallone-Thune Telephone Robocall Abuse Criminal Enforcement and Deterrence (TRACED) Act, named after its sponsors in the House and Senate, Rep. Frank Pallone Jr. (D-N.J.) and Sen. John Thune (R-S.D.), was approved by a 417-3 margin.
Reps. Justin Amash (I-Mich.), Andy Biggs (R-Ariz.) and Thomas Massie (R-Ky.) voted against the legislation. Massie had previously opposed robocall legislation, expressing concern about giving the Federal Communications Commission (FCC) too much authority.
“Today the House will take strong bipartisan action to protect consumers from illegal robocalls,” Pallone said on the House floor Wednesday.
Senate’s up next: Thune told reporters Tuesday that the Senate will vote on the bill, a result of months of bipartisan negotiations, either this week or next.
The TRACED Act would require phone companies to block robocalls without charging customers any extra money and require most carriers in the U.S. ensure that calls are coming from real numbers. It would give government regulators more time to find scammers and penalize them more aggressively.
It would also require the FCC to deliver reports to Congress about what action they are taking against illegal robocalling operations and oversee a group of companies tasked with investigating where robocalls are coming from in the first place.
The compromise bill comes as lawmakers and regulators have been fielding an escalating wave of complaints about robocalls, spam calls that dial up U.S. consumers often with the intention of stealing their personal information. More than 49 billion robocalls have been placed in the U.S. so far this year, with more than 5 billion in October alone, according to YouMail.
Reps. Debbie Dingell (D-Mich.) and Michael Burgess (R-Texas) successfully introduced an amendment to the TRACED Act which would compel the FCC to establish a Hospital Robocall Working Group tasked with developing best practices to combat robocalls.
AMERICA, WE HAVE A PROBLEM: Senators from both sides of the aisle sounded the alarm Wednesday on the dangers posed to small businesses and government entities by ransomware cyber attacks following a classified briefing from a key Department of Homeland Security (DHS) official.
The Senate Cybersecurity Caucus, led by Sens. Mark Warner (D-Va.) and Cory Gardner (R-Colo.), hosted the meeting with Christopher Krebs, director of DHS’ Cybersecurity and Infrastructure Security Agency (CISA), who briefed members on threats posed by ransomware attacks.
Ransomware attacks have been an increasing threat nationwide over the past year, according to experts. The attacks involve an individual or group gaining access to a system, encrypting it and then demanding money before unlocking it for the owner.
City governments including Baltimore and Atlanta have spent millions recovering their systems after ransomware attacks, while nearly two dozen small town governments in Texas were also the victims of a coordinated ransomware attack. State agencies in Louisiana have also been attacked, as well as school districts in several states in separate debilitating attacks.
Following the briefing Wednesday, Warner said in a statement that “the continued prevalence of ransomware should really capture our attention.”
“Ransomware and its destructive cousin wiperware are designed to inflict fear and uncertainty, disrupt vital services, and sow distrust in public institutions,” Warner said.
A PUBLIC AFFAIR ON PRIVACY: Senators argued for their dueling proposals for a federal privacy law during a highly anticipated hearing on Wednesday, marking the first time key Republicans and Democrats have taken their disputes public after months of closed-doors negotiations.
The Senate Commerce Committee hearing underlined the significant daylight between the parties over how Congress should approach the country’s first comprehensive privacy bill, which will create new safeguards around how businesses collect personal information about Americans — once lawmakers are able to resolve their long-standing disagreements.
“It is my hope that we can ultimately work together on a bipartisan basis to produce legislation that puts consumers’ interests first while still allowing the private sector to innovate and grow,” said Sen. John Thune (R-S.D.), who has been involved in the committee’s bipartisan negotiations around a potential bill, during the hearing. “Only a bipartisan proposal has the chance of clearing the Senate and becoming law.”
The hearing came about a week after Senate Commerce Committee Chairman Roger Wicker (R-Miss.) and ranking member Maria Cantwell (D-Wash.) dropped opposing partisan privacy bills, revealing the parties still have not been able to resolve two key issues: whether any federal legislation should empower individuals to sue companies that violate their privacy and whether it should override incoming state privacy laws.
Wicker acknowledged there are “unresolved issues between my draft and the ranking member’s draft.”
Democrats on Wednesday argued that enabling Americans to sue companies like Facebook or Google would add an extra layer of protection for people whose personal information has been stolen or misused by private companies.
“If your privacy rights are violated … you need to have the power to do something about it,” Cantwell said.
Republicans, backing the tech industry’s position, said that it would result in frivolous and costly lawsuits.
But in recent days, top Republicans and Democrats on the committee — including Wicker — have signaled a willingness to settle on a pared-down private right of action.
“A revisit on the private right of action is something that needs to be done,” Sen. Marsha Blackburn (R-Tenn.) told reporters later.
“There was a difference of opinion on that,” she acknowledged, but noted she wouldn’t characterize the dispute as “insurmountable.”
Read more on the hearing here.
MNUCHIN ON DIGITAL TAXES: Treasury Secretary Steven Mnuchin is raising concerns about ideas being considered in international discussions over how to address the tax challenges of the digital economy.
Mnuchin said in a letter Tuesday to the Organization for Economic Cooperation and Development (OECD), the group holding the discussions about international tax rules, that the U.S. has “serious concerns” about potential mandatory departures from “longstanding pillars of the international tax system upon which U.S. taxpayers rely.”
The letter comes after the U.S. Trade Representative (USTR) on Monday found that France’s digital services tax is discriminatory and proposed tariffs of up to 100 percent on $2.4 billion in French products. The USTR also said that it’s considering opening investigations into digital services taxes in other countries.
U.S. policymakers and tech companies have criticized countries interested in country-specific digital services taxes, arguing that they unfairly target American tech businesses. They have instead been hoping that the OECD can reach an agreement on international tax rules. The OECD is hoping to come out with an agreement by the end of next year to prevent more countries from acting unilaterally.
In his letter, Mnuchin said that the U.S. “firmly opposes” digital services taxes, arguing that they’re inconsistent with the principles in current international tax rules. He urged “all countries to suspend digital services tax initiatives, in order to allow the OECD to successfully reach a multilateral agreement.”
ABOUT THOSE TAXES: The long-running fight between the U.S. and Europe over how to tax American tech giants is heating up.
The Trump administration on Monday proposed retaliating against France for a tax on digital services, floating $2.4 billion in tariffs, and Paris is vowing to hit back.
The dispute is raising pressure on international negotiators to develop a framework for taxing tech companies whose businesses span the globe. But as the complicated talks unfold, the U.S. is threatening to launch more investigations.
The tech industry has pushed back aggressively at all efforts to impose digital taxes on a region-by-region basis, claiming that it would be unfair to “double-” or “triple-tax” U.S. companies offering free services around the world.
CompTIA, a tech trade group, said in a statement that its membership “strongly opposes the [digital services tax] and those proposed like it.”
“This discriminatory tax targets many of the world’s most innovative companies by taxing their profits twice and will ultimately harm job and economic growth in France and elsewhere,” said Cinnamon Rogers, CompTIA’s executive vice president of advocacy.
The Organization for Economic Cooperation and Development (OECD) has been working to develop solutions to address tax challenges in the digital economy. The group, which includes the U.S. and France, is aiming to reach an agreement by the end of next year in order to prevent more companies from acting unilaterally.
The tech industry has thrown its support behind the OECD process, which will help them avert the prospect of facing separate taxes from a variety of countries.
“I’d just hope that with the stakes being as clear as they are, this sense that there could be a multiyear conflict around all of this, that just puts the OECD negotiation appropriately in the correct light,” said Jennifer McCloskey, vice president of policy at the Information Technology Industry Council, a trade group that represents Amazon, Apple and Google.
THINKING OF THE CHILDREN: Instagram announced Wednesday that it will begin requiring new users of the photo-sharing application to provide their birthdays in an effort to “build a safer experience for the youngest members of our community.”
Information about users’ birthdays will be used to tailor privacy settings and generate in-app information about staying safe online, Instagram said in a blog post.
Users previously were required to be at least 13 years old but were not widely required to provide exact birthdays unless they were merging their Facebook and Instagram accounts.
Minors in the European Union did have to submit their birthdays to comply with the General Data Protection Regulation (GDPR).
Current users will not have to add their birthdays, and users’ birthdays will not be displayed on their profiles.
The new requirement comes amid criticism from lawmakers and family safety groups that claim children are being exposed to inappropriate content on Instagram.
The social media site also unveiled a new feature Wednesday allowing users to block direct messages from people they do not follow.
Read more on the announcement here.
TIKTOK LAWSUIT: Two Illinois children and their mothers sued the social media company TikTok and its parent company on Tuesday for allegedly collecting the personal information of minors without parental consent.
TikTok and ByteDance Technology allegedly tracked, collected, and disclosed information to a third party about the children that used the companies’ Musical.ly app, according to a lawsuit filed in the U.S. District Court for Northern Illinois.
ByteDance purchased Musical.ly in 2017, then rebranded it as TikTok.
The lawsuit alleges that Musical.ly “failed to deploy appropriate safeguards” to prevent minors from using their application.
At the same time, the app asked users for personally identifiable information like their email address, phone number, username, first and last name, short bio, and a profile picture to register.
The suit also alleges that between December 2015 and October 2016 the app collected location data on users, a feature that “enabled Defendants and other users of the App to identify where a user was located.”
The suit also notes that profiles were set as public by default, and even if users set their accounts on private, “their profiles, including usernames, profile pictures, and bios, remained public and searchable by other users.”
DEAR FERC: Six senators on Wednesday sent a letter to the Federal Energy Regulatory Commission (FERC) urging the body to combat threats posed by using technology from Chinese telecommunications giant Huawei.
“As you know, the Intelligence Community has issued repeated warnings to regulators and political leaders about the dangers associated with using Huawei equipment on the nation’s telecommunications network,” the senators, lead by Sen. Tom Cotton (R-Ark.), wrote in a letter to FERC chair Neil Chatterjee, who oversees the country’s electrical grid.
“Congress and the Trump Administration have taken steps to eliminate Huawei products from national security sensitive applications, citing concerns with the company’s links to the Chinese Communist party, including its intelligence services,” the letter continues.
While it’s known for cellphones, Huawei also develops solar panel and energy storage technology.
Huawei announced in June that it would exit the American solar market, but the Republican lawmakers and Sen. Angus King (I-Maine) expressed some skepticism.
“While Huawei announced earlier this year that it intended to exit the U.S. solar market, there are no guarantees,” they wrote in the letter.
A LIGHTER CLICK: The never-ending question
AN OP-ED TO CHEW ON: Enhancing protections for sensitive information in congressional investigations
NOTABLE LINKS FROM AROUND THE WEB:
FBI asked Sony for data on user who allegedly used PlayStation network to sell cocaine (Motherboard)
Technology ambassadors and how Europe plans to tame Big Tech (Forbes)
Toxic air and gridlock: India’s tech cities are choking on their success (CNN)
Candidate in UK’s Labour Party says he was targeted by Russian hackers (CyberScoop)