Facebook and Cambridge Analytica. By now we know the basic facts: Aleksandr Kogan, purporting to be a researcher, developed an authorized Facebook application. As was Facebook’s practice at the time, when users connected the app to their Facebook accounts, the app scooped up not only the users’ personal information, but also their friends’ personal information. In this manner, Dr. Kogan was able to amass information about 50 million Facebook users – even though only 270,000 individuals used the app. Dr. Kogan then, exceeding his authorized use of the data, funneled that information to Cambridge Analytica, a firm that purported to engage in “psychographics” to influence voters on behalf of the Trump campaign.
Last week, the House of Representatives approved H.R. 4986 -- a bill that, among other things, reauthorizes the Federal Communications Commission and approves the agency’s funding for fiscal years 2019 and 2020. House passage followed an announcement that the bipartisan leadership of the Senate Commerce Committee and the House Energy & Commerce Committee had reached an agreement to support the legislation -- framing the bill as reauthorizing the FCC and spurring deployment of 5G wireless networks across the nation.
Today, Representative Marsha Blackburn (R-TN) introduced a bill in response to the Federal Communications Commission’s repeal of net neutrality last week. The bill would prevent Internet Service Providers from blocking and throttling online content, but would still allow for paid prioritization of content, and would remove almost all other FCC consumer protection authority over broadband networks.
Today the White House released the Vulnerabilities Equities Policy and Process (VEP) Charter. The Charter establishes a Vulnerabilities Equities Review Board to oversee the government’s disclosure of vulnerabilities that are not publicly known in information technology products and systems. Public Knowledge commends the government for increasing the transparency of its approach to disclosing hardware and software vulnerabilities.