Multifactor authentication should be a default for companies accessing and transferring customer data, the FTC heard. The agency proposed process-based requirements in April to add to its safeguards rule, which governs how financial institutions keep customer information secure (see 2004200062). Monday’s workshop was meant to gather information for the proposed rulemaking.
Karl Herchenroeder
Karl Herchenroeder, Associate Editor, is a technology policy journalist for publications including Communications Daily. Born in Rockville, Maryland, he joined the Warren Communications News staff in 2018. He began his journalism career in 2012 at the Aspen Times in Aspen, Colorado, where he covered city government. After that, he covered the nuclear industry for ExchangeMonitor in Washington. You can follow Herchenroeder on Twitter: @karlherk
Political pressure in executive orders won’t sway the FTC, Chairman Joe Simons wrote June 29 to Sen. Richard Blumenthal, D-Conn., and Rep. Jan Schakowsky, D-Ill. Blumenthal and Schakowsky wrote Simons June 15 with concerns about political influence from President Donald Trump’s EO (see 2005280060) directing the FTC to police unfair and deceptive practices involving online platforms’ content moderation practices, with language targeting Section 230 of the Communications Decency Act. We received the correspondence via a Freedom of Information Act request to the trade commission.
Standardizing data shared on software components is vital for identifying cyber vulnerabilities and will have an impact across industries, stakeholders told NTIA Thursday. The agency held a virtual meeting on the multistakeholder process on software component transparency (see 2006180024).
Sen. Ron Wyden remains opposed to the Earn It Act because it threatens free speech and security, his spokesperson told us Tuesday when asked if the Oregon Democrat plans to place a hold on the bill (see 2007070060). The spokesperson emailed that the bill won’t do anything to “stop the monsters who produce and spread” child sexual abuse material (CSAM) and “threatens the security and free speech of every American.” Wyden’s Invest in Child Safety Act (S-3629) (see 2007010072) would “provide resources to help protect children from becoming victims and to catch the predators responsible,” his office said.
The wide spectrum of groups against the Earn It Act shows it’s an ill-conceived bill that will repeat the same mistakes as anti-sex trafficking legislation passed in 2018, said representatives from progressive, conservative, industry and academic groups, in interviews. A child advocate noted the wide-ranging support from victims’ rights organizations.
The Senate Judiciary Committee unanimously advanced the Earn It Act (S-3398) (see 2007010058) Thursday. A manager’s amendment from Chairman Lindsey Graham, R-S.C., and Sen. Richard Blumenthal, D-Conn., and another amendment from Sen. Patrick Leahy, D-Vt., passed.
The Senate Judiciary Committee is expected to consider a significant amendment to the Earn It Act (S-3398) from Chairman Lindsey Graham, R-S.C., and Sen. Richard Blumenthal, D-Conn., at Thursday’s markup (see 2006290056). According to a committee aide, Graham intends to introduce a manager’s amendment with Blumenthal that would remove the tech industry’s blanket immunity under Section 230 of the Communications Decency Act from federal civil, state criminal and state civil child sexual abuse material (CSAM) laws: “Service providers will now be treated like everyone else when it comes to combating child sexual exploitation and eradicating CSAM.” The amendment would task a government-backed commission with developing voluntary best practices rather than approving best practices required for certification, as originally drafted. “By allowing any individual state to set laws for internet content, this bill will create massive uncertainty, both for strong encryption and free speech online,” said Sen. Ron Wyden, D-Ore. Wyden’s bill would direct $5 billion for investigations and resources about online child abuse. Offices for Graham and Blumenthal didn't comment. Internet Association Senior Director-Federal Government Affairs Mike Lemon welcomed recognition of Fourth Amendment concerns raised against the original bill. He said the amendment, however, would replace one set of problems with another. It would open the “door to an unpredictable and inconsistent set of standards under state laws that pose many of the same risks to strong encryption,” Lemon said. As Section 230 “does not apply to federal criminal law, these proposals, including a government-backed Internet regulatory commission, can only undermine the ongoing fight against CSAM,” said Computer & Communications Industry Association President Matt Schruers. The bill “makes it possible for one state to undermine encryption nationwide,” said NetChoice Vice President Carl Szabo. The tech industry shouldn’t be immune from lawsuits, whether at the state or federal level, when it’s responsible for injuring people including children, said National Center on Sexual Exploitation General Counsel Benjamin Bull. He said that either industry will self-correct, or the federal government will expose it to litigation. CSAM is illegal under federal law, despite Section 230, emailed Information Technology and Innovation Foundation Vice President Daniel Castro. “Why are some members of Congress so aggressively pursuing this new law? By most accounts, it appears to be because this law can be used to undercut encryption.”
Booking.com is eligible for federal trademark protection, the Supreme Court ruled 8-1 Tuesday. The high court overruled the Patent and Trademark Office’s finding that the domain name is a generic term (see 2005040050). Justice Stephen Breyer dissented, saying the term Booking does nothing more than identify a generic product or service. PTO had refused Booking.com’s registration, saying the combination of a generic word like booking with .com doesn’t make it any less of a generic term for online hotel reservation services.
It’s unlikely Sen. Richard Blumenthal, D-Conn., could offer an amendment to keep the Earn It Act from undermining encryption for millions of Americans, encryption advocates said in interviews about Thursday’s Senate Judiciary Committee markup (see 2006250067). A victims advocate urged the committee to advance the bill, contending government action is the only way to get Big Tech to respond to rampant child exploitation.
Senate Judiciary Committee Chairman Lindsey Graham, R-S.C., told us he wants to debate encryption and Communications Decency Act Section 230 separately. But Sen. Richard Blumenthal, D-Conn., told us he may seek to clarify at the July 2 markup how their Earn It Act affects encryption (see 2006230006). “I’m going to wait till the markup to determine exactly what amendments are necessary, but I think the impact of the bill on encryption has been way exaggerated and distorted, so if we can clarify it, we may do it,” Blumenthal said.