Cyber Scene #32 - Globalized Tech: Tightropes Everywhere
Cyber Scene #32
Globalized Tech: Tightropes Everywhere
Various Big Tech giants are grappling with technical and quite thorny privacy issues, ethical decisions regarding expansion in international markets, and how future tech developers can solve these issues.
The ubiquitous two-edge tech sword challenge of Google applications, for better and for worse, continues to crop up. This time, New York Times Jennifer Valentino-DeVries addresses the downside of law enforcement using Google-provided information "... on all devices it recorded" near a murder scene in Phoenix. This led to the arrest of an innocent man whose car had been used in the murder. But Google's massive "Sensorvault" database, used to create a dragnet of cellphone users for law enforcement, raised privacy concerns among all the nearby individuals whose movements were also tracked. The new use of warrants expands this investigative option, but one warrant can potentially pull in locational information on up to hundreds of devices.
Similarly, Wired's Andy Greenberg notes that Cisco's Talos security division reported 74 Facebook groups devoted to the sale of stolen credit card data, identity information, and miscellaneous other cybercrime tools. The marketing was open, and Cisco's director of outreach added that the user group was "basically the size of Tampa." Although he noted that it was rather simple to find these cybercriminals, he added, "If you see 10 cockroaches and you kill them, is that the end of your problem?" Facebook noted that the groups clearly violated Facebook policies, but how far out of the lamp is this genie? This conundrum echoes across the Big Tech world.
The Economist in "Careful what you wish for" (back to that genie) explored Facebook CEO Mark Zuckerman's comments who stated that he wants to protect against harmful content, election tampering, and privacy protection. But the article believes this might look like an attempt to ward off new rules of engagement. The article goes on to criticize allowing advertisers to use racial discrimination to target buyers, but a subsequent study noted that this particular algorithm might have inadvertently done so. Ads are bread and butter to Facebook, which makes fixing this an economic issue as well.
Google also faces an ethical challenge. The same Economist issue, but this one by editorialist "Schumpeter" likens Google's challenge to undergoing Chinese burn treatment torture as it is caught between a US human rights scylla and a Chinese national security ("I spy with my AI") charybdis. Google has had quite an odyssey but Schumpeter notes that this predicament is unprecedented. He/she adds that "the growing importance of technology makes the minefield trickier to negotiate." Indeed, particularly as there is nothing stagnant about US-Chinese relations, and these dilemmas play across all tech giants dealing with the national interests of their "home ports" while negotiating with countries around the world and across all three of these "worlds."
To this last point, the Wall Street Journal's Drew FitzGerald reports that Facebook is working to develop an underwater fiber optic cable that will encircle Africa (all of it!). Huawei is working on subsea cable links to Africa via the Indian Ocean. China already has a lock on the continent's 54 country terrestrial telecommunications.
The Outside Legal View
Lawfare Blog provides a synopsis of a fascinating discussion of very recent cyberlaw developments for those looking for an engaging discussion covering a swath of cyber issues. For aural learners and those seeking "the rest of the story,"listen to the podcast itself.
Hosted by Stewart Baker of foreign policy cornucopia Steptoe and Johnson, LLC, who is also NSA's former General Counsel and DHS's first Assistant Secretary for Policy, an intelligent group of worthies discuss current developments regarding (your author's synopsis):
- Why President Macron is more understanding of China's policy and ambitions and ready to thwart them in accordance with longstanding French diplomatic concerns;
- Why reporting regarding China being on the cusp of using OPM-breach data might be in fact an "oops" disclosure as reported in the press, but why the breach itself is likely the work of a nation state and not criminals with China as the prime suspect;
- Assange and the legal case for applying the Computer Fraud and Abuse Act against him;
- The application of US Treasury's Committee on Foreign Investment in the US (CFIUS) restrictions against a Russian who was trying to buy into a US tech firm that has expertise in phishing, inter alia. Read more about CFIUS (pronounced cif ee oos), whose impact may be ascendant. Moreover, China may also be impacted: the Pentagon is considering the blacklisting of Chinese companies re: foreign ownership in the US. Doing business in China is very difficult now; security issues endure but market decisions may not make the same economic sense with new trade tariffs. The discussants are predicting real change in supply chain with Mexico, Vietnam and India to benefit in rearrangements to com reducing China's role.
Happy Belated Birthday, NATO! Is "Centenarian" in Your Future?
The Economist's "Special Report: NATO at 70" necessarily outlines the birth of the Alliance with 12 member states, the departure (de Gaulle's break in late '60's re: nuclear issues) and reentry of France in 2009, and expansion to 29 with the coming addition of "North" Macedonia, yet another success in burying the Greece-Turkey hatchet at least on one issue to make for an even 30 countries. Of course, not all countries are created equal. One is huge but less reliable than at NATO's birth despite Sec State Pompeo's laudatory comments about the Alliance. Some are tiny (e, g,. the Baltics). One has no Defense Department or standing military (Iceland), several very small budgets and another also lacks military prowess (Luxembourg). All the post-mortem Warsaw Pact countries have joined except one (ask Vlad about that, although he has throngs of reps at NATO HQ and SHAPE (Supreme HQ Allied Powers Europe military facility -- go figure). They all, except the last non-member mentioned, contribute, often in their own individual ways, beyond the dollar figures that have been highlighted again and again, particularly over the last two years.
The Article 5 involvement of NATO to support the US in Afghanistan triggering engagement of nearly 50 countries in ISAF (International Security Afghanistan Forces) from 2001 to December 2014 when command was turned over to Afghanistan seems like a distant memory. Fast-forwarding to the cyber portion of the report, the article parodies the strategist Clausewitz's "On War" reference to war being the continuation of politics by other means in its title "Preparing for conflict by cyber means.” The now French four-star led ACT (Allied Command Transformation) in Norfolk, VA, is in discussion of Article 5 (the one-for-all-and-all-for-one defense pact invoked for the first and only time following 9/11). This time it is projecting the possibility of a cyber-based Article 5. This NATO options was approved in 2016, and ACT is the logical implementation site and expected to have a cyber-doctrine approved by 29 or 30 nations by 2020. (N.B. For any NATO naysayers among the readership, think about your country's interagency process or lack thereof and multiply by 29 or 30. Any Brexiters or Remainers reading this?) A cyber operations centre co-located with SHAPE, the military operations hq in Casteau Belgium, US-led since its first Supreme Allied Commander Europe --someone known as Ike, is now a year old. The two sections of the Special Report examine 1) the weaponization of social media, using as an example the NATO Strategic Communications Centre of Excellence report on a NATO exercise in Latvia involving 10,000 people from NATO nations, 10% of whom were identified in open source and thus vulnerable. The other two small Baltic countries each have their own cyber centres -- Estonia for cyber defense and Lithuania for energy security. These three Baltic countries were formerly part of the Soviet Union and are anxious be secure and retain their "former" title. NATO currently has 25 "centres of excellence" spread across the 29 nations and NATO commands. As noted above, some of the nations are militarily or economically under-resourced; the centres allow for "... one way in which small countries can make an outsized contribution to the alliance." So NATO has survived 70 years whereas the 63 alliances over this period that the Brookings Institution studied averaged a lifetime of 15 years.
The Economist notes that the Alliance has:
- safeguarded peace for 40 years of the Cold War
- protected Western Europe from Communism
- helped stabilize Central Europe after the fall of the Soviet Union
- brought unprecedented prosperity to Europe
and (not listed by the Economist) fought side-by-side with the US for 13 years in ISAF, helped secure peaceful passage of the Indian Ocean (counter-piracy), and many other issues. It is also noteworthy that the UK Brexit has not/not discussed leaving NATO. In fact, the Economist cites a former UK ambassador to NATO: "We are incredibly complacent about the continuous delivery of peace and stability in our lives, and a hell of a lot of that depends on NATO; We tend to take it for granted."