OPM Breach, USA Freedom Act, Net Neutrality and Other Items
Several short items – The battle over NSA spying is not over, the OPM breach is better or worse than we thought, The first ruling on net neutrality is here, Senator McConnell is trying to insert the cyber protection bill CISA inside the defense appropriations bill in a way that does not allow for debate. Crazy Thursday.
First, The House voted today to defund two NSA backdoor spying programs that Rep. Thomas Massie (R-KY) said are worse than the NSA bulk data collection. The NSA admitted that it sometimes spies on Americans communications under an authority that was intended to apply only to foreigners. The amendment would require the NSA to get a warrant first. The other amendment would block funds for NSA projects to build vulnerabilities INTO security products (see article). These amendments to the NDAA are far from certain as there is a lot of mischief going on in the Capital over the NDAA.
The OPM is now saying that people’s SF-86 security questionnaires were not compromised in the breach. However, AFGE union head David Cox wrote to the OPM saying that based on sketchy information released by the OPM, the target of the hackers was the central personnel repository database, which contains information on every federal employee, retiree and a million former employees. Cox said that the data that the hackers stole included Social Security numbers, birthdays, addresses, military records, job and pay histories, and various insurance information, in addition to age, gender, and race data. Since the OPM is being pretty quiet, we do not yet know the truth (see article).
The U.S. Court of Appeals for the D.C. Circuit has ruled against the telecom and cable companies to block the FCC plan to regulate Internet providers like other telecom carriers (the so called Title II classification). The court did grant the request from both sides to expedite the hearing on the merits, but in the mean time, the rules go into effect on Friday, baring a ruling to the contrary from a higher court (see article).
Sen. Mitch McConnell is at it again. This time he is trying to insert the long delayed cyber security bill known as CISA into the National Defense Authorization Act in a way that does not allow for debate or amendment. The NDAA is a must pass bill, but President Obama has already said me may veto it for other reasons. Adding other, totally unrelated bills into that bill will not improve its chances for passing. McConnell says that because of the OPM breach, he is resorting to this strange approach. The fact that CISA only applies to private companies, which does not include the OPM seems to make this argument misplaced (see article). There are a number of Senators who are not happy with McConnell right now, so stay tuned.
ICANN, The organization that currently manages Internet names and numbers has been talking about giving up control, which currently rests with the Department of Commerce, to an independent international organization. Some folks do not like the U.S. giving up power that it has over the Internet while others think it is a good idea. In any case, ICANN said that there is no way it will be ready to do this by the September 30th target date. September 30th is the end of the current existing contract between DoC and ICANN. ICANN won’t even submit a proposal to the government on how this might work until mid October and who knows how long the evaluation process might take (see article).