Hillicon Valley: Facebook ad freeze lifted for Georgia runoffs | More branches hit in massive cyberattack | Krebs to testify on election security
Welcome to Hillicon Valley, The Hill’s newsletter detailing all you need to know about the tech and cyber news from Capitol Hill to Silicon Valley. If you don’t already, be sure to sign up for our newsletter with this LINK.
Follow our cyber reporter, Maggie Miller (@magmill95), and tech team, Chris Mills Rodrigo (@chrisismills) and Rebecca Klar (@rebeccaklar_), for more coverage.
Virtual Event Announcement: 1:00 ET Wednesday 12/16 — COVID-19, Tech and Economic Resilience
Significant advances in communication and information technology have lifted many, and buffered others, during a crushing pandemic. As a new administration prepares to take charge, which technology shifts are here to stay? How can policymaking keep pace to ensure the American economy retains its competitive edge? In the first of three virtual events, The Hill discusses the role of technology in re-energizing the American economy. Sen. Tim Scott, Rep. Suzan Delbene, Janet Napolitano, Amb. Ron Kirk, FCC Commissioner Jessica Rosenworcel, Microsoft’s Fred Humphries. RSVP for event reminders (https://techpolicyandresilience.splashthat.com/)
FACEBOOK LIFTS AD BAN FOR GEORGIA: Facebook will allow political advertisements related to the Senate runoffs in Georgia starting Wednesday, partially lifting a post-election ban.
The company announced Tuesday that advertisers who have completed Facebook’s ad authorizations process will be able to begin running ads again.
Ads that target locations outside of Georgia or are not related to the runoff elections will be rejected, the company said in a blog post.
Facebook had initially told advertisers that the ban — meant to minimize the spread of political misinformation in the aftermath of the election — would last a week.
The company notified advertisers last month that the pause would last “another month, though there may be an opportunity to resume these ads sooner.”
MORE AGENCIES HIT BY HACKERS: Branches of the Department of Defense and the State Department were among the agencies hacked as part of a massive espionage attack aimed at the federal government by a nation state that came to light this week.
The New York Times reported that both agencies were among the groups successfully breached by hackers as part of the attack on IT company SolarWinds, an Austin, Texas-based organization that said this week that hackers had accessed its Orion software between March and June of this year.
SolarWinds counts all five branches of the military among its customers, along with many other federal agencies and 425 of the U.S. Fortune 500 companies.
Reuters first reported on Sunday that the company had been hacked by a nation state, and that the Treasury Department and a Commerce Department agency had been among those successfully breached. On Monday, reports emerged that the Department of Homeland Security (DHS) had also been successfully breached.
Defense Department spokesperson Russell Goemaere said in a statement to The Hill that “the DoD is aware of the reports and is currently assessing the impact.”
Goemaere pointed to guidance and directives recently issued by the National Security Agency and the Joint Force Headquarters Department of Defense Information Network to help agencies defend against cyber threats.
“For operational security reasons the DoD will not comment on specific mitigation measures or specify systems that may have been impacted,” Goemaere said.
A spokesperson for the State Department declined to comment Tuesday.
The Washington Post reported Sunday that a Russian military intelligence hacking group known as “Cozy Bear” was responsible. The same group was previously accused of hacking into the State Department during the Obama administration, and of targeting COVID-19 vaccine research earlier this year.
Secretary of State Mike Pompeo on Monday described the incident as a “consistent effort by the Russians to try to get into American servers, not only those of government agencies but of businesses” during an interview with Breitbart News Radio on SiriusXM Patriot.
KREBS TO TESTIFY: Christopher Krebs, the nation’s former top cybersecurity official who was fired by President Trump last month, will testify Wednesday during a Senate committee hearing on election security and the 2020 election process.
The hearing will mark the first time that Krebs, the former director of the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA), will testify on Capitol Hill since he left the agency.
Krebs was fired after both he and CISA took steps to push back against Trump’s unsubstantiated claims of voter fraud and election interference in the 2020 presidential election.
Those efforts included CISA setting up a “rumor control” webpage to address disinformation and misinformation, and putting out a statement with state and local officials describing the 2020 election as the “most secure in American history.”
Senate Homeland Security and Governmental Affairs Committee ranking member Gary Peters (D-Mich.) announced that Krebs would testify during what is expected to be a controversial hearing.
EU’S BIG TECH CRACKDOWN: Big tech companies are facing further break-up threats as part of sweeping new compliance rules regarding content and competition regulation unveiled by the European Commission on Tuesday.
“The two proposals serve one purpose: to make sure that we, as users, have access to a wide choice of safe products and services online. And that businesses operating in Europe can freely and fairly compete online just as they do offline,” Margrethe Vestager, the EU commissioner leading the charge on tech, said in a statement.
“This is one world. We should be able to do our shopping in a safe manner and trust the news we read. Because what is illegal offline is equally illegal online,” Vestager added.
If tech giants don’t comply with the new competition rules, proposed under the Digital Markets Act, they can face fines of up to 10 percent of their total worldwide annual turnover or be forced to sell off portions of their businesses. Businesses that don’t comply with the content rules, proposed under the Digital Services Act, can face fines of up to 6 percent of their global revenues.
PORNHUB REMOVES UNVERIFIED CONTENT: Pornhub on Monday removed all videos uploaded by unverified users, purging more than half the platform’s content overnight.
The crackdown follows the publication of an opinion piece in The New York Times that found videos of children being assaulted on the platform. Visa and Mastercard subsequently cut off service.
Pornhub appears to have taken down more than 10 million videos, according to Motherboard, which first reported the takedowns. The site reportedly hosted 13.5 million videos Sunday night but had fewer than 3 million Tuesday morning.
The company announced last week that it would be removing unverified content.
“As part of our policy to ban unverified uploaders, we have now also suspended all previously uploaded content that was not created by content partners or members of the Model Program,” Pornhub said in a statement Monday. “This means every piece of Pornhub content is from verified uploaders, a requirement that platforms like Facebook, Instagram, TikTok, YouTube, Snapchat and Twitter have yet to institute.”
FACEBOOK TAKES DOWN FRENCH, RUSSIAN NETWORKS: Facebook announced Tuesday that it has taken down three distinct networks that targeted a number of African nations for violating the platform’s policy on coordinated inauthentic behavior.
One of the takedowns marked the first time that Facebook has singled out individuals linked to a Western government or military. That network involved people affiliated with the French military meddling in politics in the Central African Republic (CAR) and Mali.
The platform did not find evidence that the French military itself had directed the action.
The French network included 84 Facebook accounts, 14 Instagram accounts and a handful of pages and groups.
The network posed as Africans supportive of French military action in the region, while also sharing political commentary about former colonial nations.
The two other networks identified Tuesday were tied to Russians, including some people previously affiliated with the Internet Research Agency, which gained notoriety for its interference in the 2016 American presidential election.
MODERNA VACCINE DATA ACCESSED IN ATTACK: A cyberattack on the European Medicines Agency (EMA) resulted in data related to Moderna’s COVID-19 vaccine candidate being accessed by hackers, the company said Monday.
Reuters reported that a company spokesperson confirmed that its data was among the files accessed in the breach, which is under investigation by European authorities. The EMA confirmed the attack last week, but has given little information about it.
“EMA has been the subject of a cyberattack. The Agency has swiftly launched a full investigation, in close cooperation with law enforcement and other relevant entities,” the European Union (EU) agency said in a statement.
“EMA cannot provide additional details whilst the investigation is ongoing. Further information will be made available in due course,” added the agency.
EU FINES TWITTERS: Twitter on Tuesday became the first U.S. tech firm to be fined for violating a European Union privacy law that went into effect more than two years ago.
Ireland’s Data Protection Commission said it is fining Twitter 465,000 euros, about $546,000, for not promptly disclosing or documenting a data breach in 2019 within 72 hours, as required by the EU’s General Data Protection Regulation, which went into effect in 2018.
The failure to notify the regulator of the breach in the required 72-hour window was an operational error, according to Twitter.
The company’s chief privacy officer, Damien Kieran, said in a statement the delay in the notification was due to an “unanticipated consequence of staffing between Christmas Day 2018 and New Years’ Day.”
“We take responsibility for this mistake and remain fully committed to protecting the privacy and data of our customers,” Kieran added.
The data breach involved an issue Twitter publicly disclosed in January 2019. The company said an issue with its “Protect your Tweets” function for Android users meant that between 2014 and 2019 some users who applied settings to have private tweets may have had their data exposed to the public.
PINTEREST SETTLES: Pinterest is paying $22.5 million to settle a gender discrimination and retaliation lawsuit brought by its former chief operating officer, Francoise Brougher, according to a joint announcement released by Pinterest and Brougher.
The settlement includes $2.5 million to be invested in charitable organizations that “promote women and underrepresented communities,” Brougher said in a series of tweets announcing the settlement on Monday.
Pinterest does not have to admit any liability as part of the agreement, a company spokesperson confirmed.
GOODBYE, PERISCOPE: Twitter said Tuesday it will be shutting down its live streaming service Periscope as a separate app next year.
The Periscope app will be removed from app stores by March 2021 and no users will be able to create a new account in the app starting with the next app update, the company said in a blog post.
Twitter said the decision was made because the app has been in an unsustainable maintenance-mode state for a while, with declining usage and increasing support costs.
Users will be able to download an archive of their Periscope broadcasts and date before the app is removed in March.
Lighter click: Simmering feud to watch
An op-ed to chew on: Congress must modernize itself
NOTABLE LINKS FROM AROUND THE WEB:
This Stanford professor is confronting tech’s billionaire philosophers (Protocol / Hirsh Chitkara)
Pornhub crackdown by credit card companies cuts off sex workers’ livelihoods (NBC News / Olivia Solon)
Perez Hilton vs. the Fan Armies (New York Times / Taylor Lorenz)
Copyright 2023 Nexstar Media Inc. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed. Regular the hill posts