Welcome to Hillicon Valley, The Hill’s newsletter detailing all you need to know about the tech and cyber news from Capitol Hill to Silicon Valley. If you don’t already, be sure to sign up for our newsletter with this LINK.
Welcome! Follow the cyber team, Maggie Miller (@magmill95), and the tech team, Emily Birnbaum (@birnbaum_e) and Chris Mills Rodrigo (@chrisismills).
AMAZON HITS BACK: Amazon is accusing President Trump of exerting “improper pressure” to influence the Pentagon to award a lucrative cloud-computing contract to Microsoft instead of Amazon, which was a clear front-runner before Trump began intervening in the process over the summer.
In a court filing made public on Monday, Amazon Web Services (AWS), Amazon’s cloud-computing arm, alleged that Trump engaged in “public and behind-the-scenes attacks” to steer the contract away from AWS out of spite for his “perceived political enemy — Jeff Bezos,” the CEO and owner of Amazon as well as The Washington Post.
Trump has targeted Bezos, who owns the Post, a newspaper that he has accused of bias against him, and called for a review of the contract over the summer.
“The publicly available record of President Trump’s statements and actions demonstrates that he repeatedly attacked and vilified his perceived political enemy – Mr. Bezos, the founder and CEO of AWS’s parent company, Amazon, and who separately owns the Washington Post and then intervened in this procurement process to thwart the fair administration of DoD’s procurement of technology and services critical to the modernization of the U.S. military,” Amazon wrote in the filing.
Amazon is asking the court to declare that the award was not doled out legally, and is seeking to prevent the Pentagon from moving forward with Microsoft. If Amazon wins its challenge, the Department of Defense (DOD) would have to start the bidding process over.
WE HAVE A PROBLEM: The National Infrastructure Advisory Council (NIAC) published a draft report addressed to President Trump this week that found cyber threats to critical infrastructure pose an “existential threat” to national security and recommended “bold action” in response.
The NIAC, which is made up of industry officials and those from state and local governments involved in critical infrastructure, including former National Security Agency Deputy Director Richard Ledgett, strongly urged Trump to take action to protect energy-, communications- and financial-critical infrastructure.
“Mr. President, escalating cyber risks to America’s critical infrastructures present an existential threat to continuity of government, economic stability, social order, and national security,” the NIAC wrote. “U.S. companies find themselves on the front lines of a cyber war they are ill-equipped to win against nation-states intent on disrupting or destroying our critical infrastructure.”
The members wrote in the draft report that “bold action is needed to prevent the dire consequences of a catastrophic cyber attack on energy, communication, and financial infrastructures. The nation is not sufficiently organized to counter the aggressive tactics used by our adversaries to infiltrate, map, deny, disrupt, and destroy sensitive cyber systems in the private sector.”
In order to combat threats, the NIAC recommended that Trump establish a “Critical Infrastructure Command Center” to help share classified threat information between government agencies and companies at risk and to also make it a top priority of the intelligence community to gather and disseminate information on nation-states and other malicious actors trying to target U.S. critical infrastructure.
AN EYE FOR AN EYE: The Chinese Communist Party has ordered all government offices to remove foreign hardware and software from their systems in the next three years, the Financial Times reported Sunday.
The directive comes amidst a broader trade war between the U.S. and China and on the heels of aggressive efforts by American lawmakers to keep Chinese companies, like Huawei, out of the U.S.
The policy has been nicknamed “3-5-2” because the technology replacement will happen at a pace of 30 percent in 2020, 50 percent in 2021, and 20 percent in 2022, the Times reported, citing analysts from brokerage firm China Securities.
The firm’s analysts told the outlet that as many as 30 million pieces of hardware would need to be replaced in the process.
They also noted that the order had come from the Chinese Communist party’s Central Office earlier this year.
Two cybersecurity firms separately confirmed the details of the directive to the Times based on government clients describing it to them.
GOOGLE UNDER THE MICROSCOPE: The National Labor Relations Board (NLRB) has opened an investigation into Google’s labor practices in the wake of the tech giant’s decision to fire four longtime employees involved in worker activism last month, an agency official confirmed to The Hill on Monday.
The watchdog initiated the investigation in response to a charge brought by the Communication Workers of America on Dec. 5.
The union claims that Laurence Berland, who spent 11 years at Google; Paul Duke, who was with the company for more than eight years; Rebecca Rivers, an employee of four years; and Sophie Waldman, who spent one year and 10 months at Google, were fired in direct response to their labor organizing efforts.
“In response, Google unlawfully promulgated and enforced new data classification policies, data protection policies, data protection guidelines, ‘community guidelines’ and codes of conduct; initiated investigations against the four above named employee leaders based upon retroactive application of such guidelines; interrogated them; and discharged them on November 25, 2019 within minutes of each other,” the charge reads.
TIKTOK IN HOT WATER: The social media app TikTok was hit by two lawsuits in the last week, a new challenge for the company which is already under the intense scrutiny of federal regulators and lawmakers.
The lawsuits are drawing new public attention on the company’s practices and are highlighting critics’ two chief concerns: TikTok’s ties with the Chinese government and how it handles the data of minors.
TikTok, which has seen its popularity soar, has already been downloaded over 110 million times in the U.S. But the company, which was bought and repackaged by a Chinese firm ByteDance, is at a critical stretch as it reportedly faces a federal review over national security concerns and with lawmakers floating legislation to crack down on its data practices.
One of the lawsuits, was quickly settled a day after it was filed, but the company still faces a class-action suit in California.
In that lawsuit, filed in federal court in the Northern District Court of California, Misty Hong, a student, is accusing the company of transferring private user data to China, despite the company publicly denying those claims.
Hong’s lawsuit also alleges that the short-form video app secretly collected information about users, including their locations, ages, private messages, phone numbers, contacts, genders, browsing histories, cell-phone serial numbers and IP addresses.
Hong’s lawsuit was filed on behalf of all American TikTok users.
The company did not respond to requests for comment on the allegations in the lawsuit, but TikTok has said that all user data is stored in Virginia, with a backup server in Singapore.
“None of our data is subject to Chinese law,” the company wrote in an October blog post.
BEST BUDS (NOT EXACTLY): President Trump is defending Google, Facebook and other big tech companies he’s repeatedly railed against when it comes to France’s digital tax, a position that underscores how Trump’s policies on tech don’t always match his fiery, antagonistic rhetoric.
Silicon Valley has applauded the Trump administration for condemning Europe’s efforts to tax the U.S. tech giants, but the situation has made for strange bedfellows as the president continues to galvanize his base by claiming companies like Facebook and Twitter are out to get him.
Some tech industry sources say it’s part of a long-standing dynamic: Trump lambasts the companies in public but his “America first” administration often defends them as valuable U.S. businesses.
“There’s sometimes a delta between the rhetoric and the policy actions,” a tech industry source told The Hill. “But I’d say that’s probably true beyond just the tech industry. The relationship is probably better than people suspect.”
Democrats point to the tension as evidence that his feud with “Big Tech” is largely personal, rather than built around concerns about the corporations’ enormous power and influence.
“It’s not always clear what the president’s basis for criticism [of Big Tech] is,” Rep. David Cicilline (D-R.I.) told reporters this week, saying it seems to come from “personal frustration” rather than concerns about the companies’ “market dominance or anticompetitive behavior.”
On Monday, the U.S. Trade Representative (USTR) proposed billions of dollars in tariffs to retaliate against France’s digital services tax, finding that it unfairly discriminates against U.S. tech companies like Amazon and Google. The French digital services tax will hit about 30 companies, most of which are based in the U.S.
Trump then raised the issue directly with French President Emmanuel Macron, who has vowed to push ahead with the tax despite the threat of tariffs of up to 100 percent on $2.4 billion of French products, including French wines and cheeses.
The USTR is threatening to take similar actions against other European countries considering a digital services tax, throwing the weight of the administration behind the tech industry in a fight with billions of dollars and the future of taxation during the Internet age at stake.
PENSACOLA CYBERATTACK: The city government of Pensacola, Fla., on Monday announced that it had been hit by a cyberattack that affected many city services, including online payments and city government emails.
The city wrote in a Facebook post that it had “disconnected much of our city network until the issue can be resolved,” noting that the city’s Information Technology Department was “working diligently to resolve the issue.”
According to Pensacola officials, other services negatively affected by the cyberattack included city phones, the 311 customer service line and online payments for Pensacola Energy and the City of Pensacola Sanitation Services.
The city noted that no emergency services were affected and that they continued to operate normally.
“Please note that the city remains operational despite the cyber incident,” the city wrote. “We will continue to provide services as we are able to, and we want to emphasize that 911 is NOT impacted.”
The Pensacola News Journal reported that Pensacola Mayor Grover Robinson (R) said during a press conference on Monday that the cyberattack began over the past weekend. Robinson noted that it was still unknown whether it was linked to the fatal shooting that took place at the Naval Air Station in Pensacola late last week.
MORE DISINFORMATION WOES: A coalition of 50 LGBTQ, HIV/AIDS and public health groups on Monday sent a letter to Facebook accusing the social media giant of allowing ads to run on the platform with dangerous misinformation about HIV prevention drugs.
The ads, run on Facebook and Instagram by what seem to be personal-injury lawyers and entities affiliated with them, claim inaccurate side effects of Truvada for PrEP, a preventative pill.
The law firms are allegedly using Facebook’s ad programs to target gay and bisexual men who use the drug to join a lawsuit claiming negative side effects from the pill.
The ads “are convincing at-risk individuals to avoid PrEP, invariably leading to avoidable HIV infections,” according to the groups.
According to the Centers for Disease Control and Prevention, PrEP “reduces the risk of getting HIV from sex by about 99% when taken daily.”
The groups, including GLAAD, the Human Rights Campaign and The Trevor Project, wrote in the letter that they had already contacted Facebook about the ads.
SOCIAL MEDIA VETTING: Two documentary groups this week challenged the Trump administration’s practice of vetting immigrants’ social media accounts when they apply for visas.
Doc Society and the International Documentary Association, the two nonprofits, teamed up to file a lawsuit against Secretary of State Mike Pompeo and acting Homeland Security Secretary Chad Wolf.
The complaint argues that social media vetting has unfairly impacted their foreign collaborators and that filmmakers and activists in other countries are either censoring themselves on social media or declining to apply for visas they would have normally sought.
“We regularly work with filmmakers for whom the ability to maintain anonymity online can be a matter of life and death,” Jess Search, director of Doc Society, said in a statement.
“As an organization committed to filmmaker safety, we believe the registration requirement is deeply troubling and oppressive development, forcing filmmakers to choose between free online expression and their own security. The U.S. government should be championing freedom of expression, not taking actions which will inhibit it,” Search added.
A LIGHTER CLICK: Definitely kid-friendly
AN OP-ED TO CHEW ON: Let’s enact a privacy law that advances economic justice
NOTABLE LINKS FROM AROUND THE WEB:
The cyber speaks: What will actually happen in 2020 (CyberScoop)
Ring’s data map shows the extent of Amazon’s potential for surveillance (Gizmodo)
700,000+ birth certificate applications exposed online (TechCrunch)
Profile of Rep. David Cicilline (D-R.I.), a key figure in antitrust investigations (New York Times)