The Trump administration’s reported plan to create a COVID-19 data surveillance program with healthcare and tech companies lacks transparency, Democratic lawmakers wrote the White House Friday. They noted the industry's “checkered history” protecting patient and user privacy. Some stakeholders also raised concerns.
Karl Herchenroeder
Karl Herchenroeder, Associate Editor, is a technology policy journalist for publications including Communications Daily. Born in Rockville, Maryland, he joined the Warren Communications News staff in 2018. He began his journalism career in 2012 at the Aspen Times in Aspen, Colorado, where he covered city government. After that, he covered the nuclear industry for ExchangeMonitor in Washington. You can follow Herchenroeder on Twitter: @karlherk
Big data could be used to track and curtail COVID-19, Senate Commerce Committee leaders from both parties said Thursday, noting the need to scrutinize pandemic data collection (see 2004080068). Lack of a federal privacy law is undermining efforts, witnesses told the committee during a "paper hearing." Groups highlighted potential data pitfalls that need to be avoided. There was no real-time testimony, but documents were exchanged.
Expect the Senate Commerce Committee to scrutinize industry and government data sharing as the two sides collaborate on COVID-19 response, various groups said in advance of Thursday’s paper hearing (see 2004030076). Democrats will want to know what data is shared with government and how people are being tracked, Interactive Advertising Bureau Executive Vice President-Public Policy Dave Grimaldi told us Wednesday. He will testify and expects Republicans to explore public safety, economic and consumer benefits.
The U.S. is shifting toward privacy by design and building safeguards into products from the outset rather than into disclosure statements consumers don’t read, FTC Office of Policy Planning Senior Economic and Technology Adviser Liad Wagman told the Technology Policy Institute Tuesday. He noted he was speaking only for himself, which the commission reiterated after his appearance.
DOJ can investigate without weakening end-to-end encryption for messaging apps, representatives from BSA|The Software Alliance and Internet Society said in interviews, after Telegram told us the messaging app is under FBI investigation. Attorney General William Barr has repeatedly attacked end-to-end encryption (see 1910030058, 1910040035 and 2001220054), citing the dark web. The FBI is “obsessed” with breaking public encryption, said Cato Research Fellow Patrick Eddington. He cited bureau efforts since the 1990s and more recent interest in Facebook’s WhatsApp.
At least three state attorneys general raised privacy and security concerns about Zoom video conferencing. Offices for New York's Letitia James (D), Connecticut's William Tong (D) and Florida's Ashley Moody (D) confirmed last week they contacted the company. The U.S. attorney's office for the Eastern District of Michigan raised concerns Friday about “Zoom-bombing” video hacking that shares pornography and hate. James sent a letter to Zoom with questions to ensure the company is protecting privacy and security, her spokesperson confirmed: “With so many businesses and schools relying on Zoom to move their operations forward, it is vital we ensure that appropriate safety and security measures are in place.” Tong is alarmed by the incidents and is “seeking more information from the company about its privacy and security measures in coordination with other state attorneys general,” a spokesperson said. Moody’s office has had contact with Zoom and is “working with other states on this matter,” a spokesperson said. The office for Nevada AG Aaron Ford (D) is “happy” to coordinate with other AGs to ensure that Nevadans’ privacy interests are protected, a spokesperson emailed. “If you interfere with a teleconference or public meeting in Michigan, you could have federal, state, or local law enforcement knocking at your door,” U.S. Attorney for Eastern Michigan Matthew Schneider said. House Commerce Committee Democrats contacted the company Friday about privacy and security protections. They raised questions about company policy and company data collection: “Our new dependency on such solutions raises important questions about the privacy practices of the companies many of us are interacting with for the first time.” Dozens of other AG offices didn’t comment. Zoom is “deeply upset” about the incidents, a spokesperson emailed, noting the company has actively educated users about protection and training since March 20: “We are listening to our community of users to help us evolve our approach.”
Privacy advocates fear COVID-19 is creating a surveillance state that will outlast the pandemic. Experts during streamed events Wednesday disagreed how much access the U.S. government will have to data, given constitutional protections.
The FBI has exhibited extensive flaws in Foreign Intelligence Surveillance Act applications, DOJ Inspector General Michael Horowitz reported Tuesday. There were “apparent errors or inadequately supported facts” in all 25 randomly sampled applications. There were known issues with the investigation of Carter Page, a former Trump campaign aide (see 2003300055). Senate Judiciary Committee Chairman Lindsey Graham, R-S.C., plans to have Horowitz testify. Disclosure of exculpatory information to a FISA court is a basic due process right, said Sens. Patrick Leahy, D-Vt., and Mike Lee, R-Utah, jointly. They will introduce an amendment for the Senate to consider to “expand amicus protections and address the issues identified.” Sen. Chuck Grassley, R-Iowa, urged the FBI to take procedures seriously: The bureau doesn’t have “carte blanche to routinely erode the liberties of Americans without proper justification.” For four of the 29 applications examined, the FBI wasn’t able to locate pertinent files involving Woods procedures, which require DOJ officials to verify information submitted to the FISA court matches FBI investigatory data. The findings raise “significant questions” about FBI compliance for ensuring applications are “scrupulously accurate,” the IG wrote, noting he doesn’t have confidence the FBI followed the procedures. This shows systemic FISA issues, said American Civil Liberties Union Senior Legislative Counsel Neema Singh Guliani: It’s “disappointing that despite repeated examples of deficiencies with our surveillance laws, Congress has failed to advance a strong surveillance reform bill.” Berkeley Center for Law & Technology Executive Director Jim Dempsey noted the report showed the “flaws are not politically motivated,” which makes them harder to solve: “The problems on display in the Carter Page process are widespread, calling into question the FBI's overall commitment to painting a full and fair picture in its FISA applications.”
COVID-19 highlights the need for the FTC to scrutinize children's data collection, advocates repeated this week as privacy attorneys dismissed calls for industry to alter regimes. The agency should compel information from technology, media and educational tech companies collecting kids' data, the Campaign for a Commercial-Free Childhood and Center for Digital Democracy wrote the agency Thursday (see 2003260011). The commission received the letter.
At the direction of intelligence officials, the Privacy and Civil Liberties Oversight Board refused to release its deep dive report on a key intelligence-related executive order, according to a Freedom of Information Act response. The Cato Institute filed the FOIA request seeking PCLOB reports on executive order No. 12333 to determine if agencies are abusing their authority. Senate Intelligence Committee Chairman Richard Burr, R-N.C., said earlier this month the president can use 12333 to exercise surveillance authorities without congressional approval, including controversial authority central to the USA Freedom Act debate (see 2003180042).