Warner Urges Internet Networking Device Vendors to Ensure Security of Consumer Internet Connectivity Products
Mar 25 2020
WASHINGTON – Today, U.S. Sen. Mark R. Warner (D-VA) urged six internet networking device vendors to help ensure that their internet connectivity products remain secure as Americans across the nation ramp up their use of these devices for remote work, health, and education purposes as part of COVID-19 social distancing efforts. In letters to Google, Netgear, Belkin, Eero, Asus, and Commscope, Sen. Warner urged vendors to help ensure that their wireless access points, routers, modems, mesh network systems, and related connectivity products remain secure and cannot be easily exploited to attack consumer systems and workplace networks.
“As the COVID-19 pandemic unfolds, Americans will depend on connectivity products to receive telehealth; remain connected with family, colleagues, employers, and friends; and to receive news reports, and guidance from government and public health officials,” wrote Sen. Warner. “During this time, the security of consumer devices and networks will be of heightened importance.”
He continued, “I request your attention and diligence to help protect the consumer devices you sell. Both new and older devices in use deserve protection from cybersecurity threats, including timely updates to mitigate vulnerabilities and exposures.”
As the COVID-19 outbreak continues to spread, and workplaces, schools, and businesses shut their doors as part of social distancing efforts, Americans are increasingly relying on their home networks and personal internet connectivity devices. However, without proper cybersecurity measures, these home devices can pose a risk to larger workplace systems, potentially creating a door for bad actors to infiltrate these networks.
According to CNBC, cyberthreats – including phishing and other cyber scams – have increased amid the COVID-19 outbreak, as online criminals look to take advantage of home network vulnerabilities and stressed IT systems.
In the letters, Sen. Warner urged vendors to continue to issue timely security updates in order to mitigate known cybersecurity vulnerabilities. Additionally, he stressed the importance of having vendors notify consumers who may own devices that are no longer able to receive critical updates and are therefore no longer protected from cybersecurity threats.
Sen. Warner also highlighted his Internet of Things (IoT) Cybersecurity Improvement Act – a bipartisan bill he introduced last year that would improve the cybersecurity of Internet-of-Things devices and help ensure that vendors of key information technology products maintain coordinated vulnerability programs.
A full list of Sen. Warner’s work to protect Americans amid the COVID-19 outbreak is available here.
Mar 17 2020
WASHINGTON – Today, U.S. Sens. Mark R. Warner (D-VA) and Richard Blumenthal (D-CT) expressed deep concern that Google – despite claiming to ban ads that capitalize on novel coronavirus (COVID-19) fears – continues to run ads for products such as face masks and hand sanitizer, which not only exploit fear for profit but also serve to trigger shortages of essential health care products at a time of critical need. In their letter to the Federal Trade Commission (FTC), the Senators slammed Google’s inattention to the misuse of its advertising platform and urged the FTC to intervene in order to protect the public and the nation’s supply chains.
“Browsing in incognito mode across a range of different devices, our staffs were consistently served dozens of ads for protective masks and hand sanitizer – in each case while on a page related to COVID-19,” the Senators wrote. “Scrutinizing the targeting information that Google provides pursuant to the AdChoices program, it became clear that these ads were targeted to users specifically because they were browsing articles on COVID-19. In other words, using browsing data that Google collects through its third-party web trackers, unscrupulous and predatory advertisers were able to directly target consumers browsing content on the outbreak in order to exploit their fear for profit.”
“Google has made repeated representations to consumers that its policies prohibit ads for products such as protective masks. Yet the company appears not to be taking even rudimentary steps to enforce that policy, such as easily automated and scalable actions like flagging ads with relevant terms in the outbound URL. These misrepresentations generate direct harm to consumers, exploiting their legitimate fears over the COVID-19 outbreak to over-charge them for products. They also create widespread social harms to our nation’s response to this crisis, such as by contributing to shortages of products essential to the health care workers on the front lines of the COVID-19 response,” they continued. “Consumers should be able to rely on representations regarding a company’s business practices – particularly in cases, such as this, where Google has acknowledged that offending ads pose harm to consumers. If consumers cannot rely on a company’s representations, then the FTC must intervene.”
Earlier this month, the Department of Health and Human Services (HHS) announced that in light of the COVID-19 outbreak, it would need roughly 300 million N95 respirator masks – 270 million more masks than it currently has stockpiled. Due to this shortage, the U.S. Surgeon General urged the public to stop buying protective masks in order to ensure that health care workers have access to the resources they need to stay safe.
On March 10, after several outlets reported that Google was serving these ads despite a policy that prohibits content that capitalizes off sensitive events, Google stated that it would formally ban ads for protective facemasks. However Google’s advertising platform continues to be exploited for fraudulent activity with these ads continuing to run, notably even on news articles reporting Google’s new policies.
In their letter, the Senators also highlighted previous efforts to encourage the FTC to address Google’s inattention to abuse and expressed disappointment with the FTC’s inaction.
The Honorable Joseph J. Simons
Federal Trade Commission
600 Pennsylvania Avenue, NW
Washington, D.C. 20530
Dear Chairman Simons,
The COVID-19 pandemic has impaired the global supply chain in myriad ways, but perhaps most notably by creating a shortage of products like protective face masks, which are needed by health care workers responding to this crisis. Major manufacturers like 3M are ramping up production in the wake of consumer-led shortages that are impacting supplies for the health care sector. In early March, the Department of Health and Human Services stated that while the U.S. has a stockpile of roughly 30 million N95 respirator masks, it needs roughly 300 million as the COVID-19 outbreak worsens. In light of this, the U.S. Surgeon General has urged the public to stop buying protective masks.
Despite these pleas, a range of bad actors have continued to exploit fears surrounding the COVID-19 crisis for monetary gain. Earlier this month, CNBC and other outlets reported that Google was continually serving ads for products marketed as precautions for COVID-19 (including protective masks and hand sanitizer), despite a policy prohibiting content that capitalizes off of “sensitive events” such as natural disasters, conflicts, or death. On March 10th, Google announced a formal ban on ads for protective face masks and claimed it would “take action as needed to protect users.”
Almost immediately, however, our staffs became aware that Google continued to serve ads for these masks – including, notably, on news articles reporting Google’s new policies. Browsing in incognito mode across a range of different devices, our staffs were consistently served dozens of ads for protective masks and hand sanitizer – in each case while on a page related to COVID-19. Scrutinizing the targeting information that Google provides pursuant to the AdChoices program, it became clear that these ads were targeted to users specifically because they were browsing articles on COVID-19. In other words, using browsing data that Google collects through its third-party web trackers, unscrupulous and predatory advertisers were able to directly target consumers browsing content on the outbreak in order to exploit their fear for profit.
These ads, from a range of different advertisers, were served by Google on websites for outlets such as The New York Times, The Boston Globe, The Washington Post, CNBC, The Irish Times, and myriad local broadcasting affiliates. In several hours of testing, our staffs were not served a single ad for such masks from other advertising platforms – yet generated several dozen from Google. Reporting by CNBC appears to confirm that other ad platforms seemed not to be serving such predatory ads.
Upon contacting the company, Google claimed it would need a full click string to detect these violations – a request that seemed odd in light of the sheer number of ads violating these policies and the ease with which our staffs were able to generate offending ads, across multiple devices and sites. Most disturbingly, the ad content included explicit references to “Protective Masks” and included a range of representations such as “Medical-Grade N95 filter mask.” The majority of these ads also suggested that consumers should take immediate action in light of “limited supplies.” Virtually every single outbound URL associated with these ads also contained clear indications that the ads violated the company’s policies – with “N95,” “mask,” “medical-grade,” and “3M-Mask” explicitly in the URL string. In addition to the social harm associated with contributing towards scarcity of these masks, the ads also appear to engage in price-gouging – with individual masks in many ads selling for $9.99 or $12.99.
For several years now, we have encouraged the FTC to address Google’s inattention to abuse, harmful activity, and fraud within the ad ecosystem that it largely dominates. As one of us wrote your agency in 2018, “The FTC’s failure to act has had the effect of allowing Google to structure its own market; through a series of transactions, the company has accomplished a level of vertical integration that, in effect, allows it to act as the equivalent of market-maker, commodities broker, and commodities exchange for digital advertising… While the company controls each link in the supply chain and therefore maintains the power to monitor activity in the digital advertising market from start to finish, it has continued to be caught flat-footed in identifying and addressing digital ad fraud.”
Google’s inattention to the misuse of its advertising platform extends beyond digital ad fraud and predatory ads: in 2012, the Department of Justice announced one of the largest forfeitures in U.S. history, forcing Google to disgorge $500 million generated by unlawful ads marketing opioids to Americans. Unfortunately, we have continued to see Google’s advertising platform exploited for abusive and fraudulent activity.
Google has made repeated representations to consumers that its policies prohibit ads for products such as protective masks. Yet the company appears not to be taking even rudimentary steps to enforce that policy, such as easily automated and scalable actions like flagging ads with relevant terms in the outbound URL. These misrepresentations generate direct harm to consumers, exploiting their legitimate fears over the COVID-19 outbreak to over-charge them for products. They also create widespread social harms to our nation’s response to this crisis, such as by contributing to shortages of products essential to the health care workers on the front lines of the COVID-19 response.
Consumers should be able to rely on representations regarding a company’s business practices – particularly in cases, such as this, where Google has acknowledged that offending ads pose harm to consumers. If consumers cannot rely on a company’s representations, then the FTC must intervene. The FTC routinely pursues enforcement actions against companies that don’t live up to the self-regulatory commitments they make, including in a 2012 case against Google for failing to follow the National Advertising Initiative code of conduct.
Given the Department of Justice (DOJ)’s successful work in combatting similar misuse of the company’s advertising platform, we have provided a carbon copy of this letter to the DOJ to address this pattern of misbehavior in light of the FTC’s inaction.
Attorney General William Barr
Commissioner Rohit Chopra
Commissioner Rebecca Slaughter
Commissioner Noah Phillips
Commissioner Christine Wilson
Statement of U.S. Sen. Mark R. Warner on Medicare Coronavirus Telehealth Expansion, following passage of Warner-Authored Legislation
Mar 17 2020
WASHINGTON – Today, U.S. Sen. Mark R. Warner (D-VA) released the following statement after the Center for Medicare and Medicaid Services (CMS) announced plans to pay clinicians across the country for telehealth services to Medicare beneficiaries during the coronavirus outbreak. This decision was enabled by passage earlier this month of provisions from Sen. Warner's bipartisan CONNECT for Health Act of 2019, as part of the initial $8.3 billion coronavirus response package.
“I am relieved that Medicare is quickly moving to take advantage of the telehealth authorities Congress has given it through my legislation. There is no doubt that, if properly implemented, this technology will be a crucial tool for protecting American seniors during the coronavirus outbreak,” said Sen. Warner. ”The key now is for Medicare to take clear and decisive steps to swiftly put this technology in the hands of doctors and seniors at this critical moment in the COVID-19 outbreak. While it is unfortunate that it took a public health crisis to push these important telehealth provisions through, I am hopeful that, with proper implementation, this experience will eventually lead to a full expansion of telehealth for Medicare beneficiaries through passage of the bipartisan CONNECT for Health Act.”
The Warner-authored language in the first coronavirus response bill cuts restrictions on Medicare's use of telehealth for the COVID-19 public health emergency response. CMS Administrator Seema Verma announced Medicare's telehealth expansion yesterday at the White House during a Coronavirus Task Force press conference.
“These changes allow seniors to communicate with their doctors without having to travel to a healthcare facility so that they can limit risk of exposure and spread of this virus,” Administrator Verma said at the press conference. “Clinicians on the frontlines will now have greater flexibility to safely treat our beneficiaries.”
The Creating Opportunities Now for Necessary and Effective Care Technologies (CONNECT) for Health Act of 2019 builds on the progress made in recent years to increase the use of telehealth through Medicare. Specifically, the legislation would:
- Provide the Secretary of Health and Human Services (HHS) the authority to waive telehealth restrictions when necessary;
- Remove geographic and originating site restrictions for services like mental health and emergency medical care;
- Allow rural health clinics and other community-based health care centers to provide telehealth services; and
- Require a study to explore more ways to expand telehealth services so that more people can access health care services in their own homes.
Sen. Warner has been a longtime advocate for increased access to health care through telehealth. Last year, he successfully included a provision to expand telehealth services for substance abuse treatment in the Opioid Crisis Response Act of 2018. In 2003, then-Gov. Warner expanded Medicaid coverage for telemedicine statewide, including evaluation and management visits, a range of individual psychotherapies, the full range of consultations, and some clinical services, including in cardiology and obstetrics. Coverage was also expanded to include non-physician providers. Among other benefits, the telehealth expansion allowed individuals in medically underserved and remote areas of Virginia to access quality specialty care that isn’t always available at home.
A list of Sen. Warner’s work to protect and support Virginians during the coronavirus outbreak is available here.
Mar 16 2020
WASHINGTON – Today, U.S. Sen. Mark R. Warner (D-VA) joined Sen. Chris Van Hollen (D-MD), and 25 of his colleagues, in sending a letter to President Trump urging him to immediately issue an executive order directing agencies to utilize telework capabilities to the maximum possible extent. While the Administration has issued guidance recommending agencies expand their telework capabilities, too many federal employees are still required to come to work in-person when they can do their job from home. As the Centers for Disease Control and other public health experts recommend practicing social-distancing, the federal government should lead by example and cease all policies that could endanger the health and safety of its employees and exacerbate the spread of the coronavirus.
The Senators write, “I urge you to immediately issue an executive order directing agencies to use telework to the maximum extent practicable in light of the COVID-19 emergency. The Office of Management and Budget issued guidance for agencies to increase telework flexibility in the National Capital Region, but your order should be a clear direction – rather than general guidance – and it should be worldwide in scope.”
They underscore, “Your order should direct federal agencies to allow all telework-eligible federal workers to telework full-time, unless there is a clear and compelling reason not to do so for the effective operation of government. You should also order federal agencies to evaluate whether non-telework-eligible employees can be telework-eligible, and to do so for all employees where there is not a clear and compelling reason that telework is not compatible with the performance of their job functions.”
The Senators close the letter, noting, “Voluntary guidance is not enough – agencies need clear orders. In the absence of a clear order, agencies and managers have been hesitant to take major actions to shift towards telework and I hear from increasingly anxious federal workers in my state on a daily basis.”
In addition to Senator Van Hollen, the letter was signed by Senators Ben Cardin (D-Md.), Mark Warner (D-Va.), Tim Kaine (D-Va.), Edward Markey (D-Mass.), Sherrod Brown (D-Ohio), Dick Durbin (D-Ill.), Angus King (I-Maine), Ron Wyden (D-Ore.), Kamala Harris (D-Calif.), Elizabeth Warren (D-Mass.), Richard Blumenthal (D-Conn.), Tammy Duckworth (D-Ill.), Cory Booker (D-N.J.), Bernie Sanders (I-Vt.), Chuck Schumer (D-N.Y.), Tom Carper (D-Del.), Tom Udall (D-N.M.), Jacky Rosen (D-Nev.), Jack Reed (D-R.I.), Jeanne Shaheen (D-N.H.), Maggie Hassan (D-N.H.), Gary Peters (D-Mich.), Mazie Hirono (D-Hawaii), Amy Klobuchar (D-Minn.), Catherine Cortez Masto (D-Nev.), and Robert Menendez (D-N.J.).
The full text of the letter is available here and below:
Dear President Trump,
We urge you to immediately issue an executive order directing agencies to use telework to the maximum extent practicable in light of the COVID-19 emergency. The Office of Management and Budget issued guidance for agencies to increase telework flexibility in the National Capital Region, but your order should be a clear direction – rather than general guidance – and it should be worldwide in scope. State and local governments have been far more proactive than the federal Executive Branch in making arrangements for their employees to telework where possible. We have maximized teleworking in our Senate Offices. You should order Executive agencies to do the same. We must lead by example.
Your order should direct federal agencies to allow all telework-eligible federal workers to telework full-time, unless there is a clear and compelling reason not to do so for the effective operation of government. You should also order federal agencies to evaluate whether non-telework-eligible employees can be telework-eligible, and to do so for all employees where there is not a clear and compelling reason that telework is not compatible with the performance of their job functions.
You should order agencies to immediately rescind all cuts to telework made since 2016. In 2017, the most recent year for which data are available, 21% of federal employees participated in telework – a slight decline after years of steady increases from 14% in 2012. In 2017, 43% of employees were telework-eligible, so allowing all of them to telework during this emergency would make an immediate difference.
These telework directives should apply to federal workers throughout the United States and to other countries where there are cases of COVID-19. In the National Capital Region, 40% of Metro commuters during morning rush hour are federal employees, and these crowded trains and buses pose a major risk for COVID-19 transmission. But COVID-19 is a global pandemic, and only 15% of federal employees work in the National Capital Region. The federal government should not wait until an area already has widespread community transmission of COVID-19 to act.
Voluntary guidance is not enough – agencies need clear orders. In the absence of a clear order, agencies and managers have been hesitant to take major actions to shift towards telework and we hear from increasingly anxious federal workers in our states on a daily basis.
Thank you for your attention to this critical matter.
WASHINGTON – U.S. Sen. Mark R. Warner (D-VA) applauded announcements today by several major internet service providers that they adopt practices that will better accommodate the use of remote technologies that students, workers and public health officials will rely upon during the coronavirus (COVID-19) outbreak. On Thursday, Sen. Warner led 17 Senators in writing to the nation’s eight largest providers, calling on them to suspend data caps and overage fees that could present a barrier to telepresence services, and urging the companies to provide free or at-cost broadband options for students affected by the virus who otherwise lack broadband access for online learning during school closures caused by the outbreak. The letter also encouraged the companies to take proactive steps to provide under- and unserved households with broadband access, including through access to broadband hotspots.
“The coronavirus outbreak is already creating an unprecedented need for teleworking, telehealth and online education technology,” Sen. Warner said today. “I’m glad to see certain companies quickly responding to our letter and putting a pause on restrictive caps, fees and other policies that could interfere with online access during this critical time. I’m also pleased to see companies committing to expanding broadband access for students who may not have it so that their educations are not completely disrupted during school closures. I call on those internet providers that have not taken similar steps to do so immediately, in order to assist their fellow Americans during this time of great national strain.”
Since receiving the Senator’s letter, AT&T, Charter, CenturyLink, Comcast, T-Mobile, Verizon, Sprint and Cox, among others, have each announced a variety of new policies to help ensure Americans have reliable access to online services during the outbreak of COVID-19, such as service upgrades, fee waivers, free access to Wi-Fi hotspots, more affordable plans, free support services, and more. AT&T, CenturyLink and Comcast announced they would temporarily suspend data caps, along with other service changes. In response to the letter, Charter (which emphasized that its plans do not have data caps) announced that it would provide 60 days of free broadband to households with K-12 or college students currently without service – and, drawing from the letter’s recommendations, pledged to work with school districts to make eligible households aware of the offer. T-Mobile announced that it would provide unlimited smartphone data to all current subscribers and increase the data allowance to schools and students using their digital learning programs. Cox announced that it would changes to its Connect2Compete plan for low-cost broadband, including increasing speeds and providing one month of free service to new customers. Sprint announced it would provide all its subscribers with unlimited data for 60 days, along with other billing and service changes to cushion the impact of COVID-19. Verizon (whose wireline operations do not include caps) announced it would increase capacity and accelerate network investments, among other billing and service changes.
A list of Sen. Warner’s work to protect and support Virginians during the coronavirus outbreak is available here.
Portman, Warner, Bipartisan Colleagues Express Concern About China’s Use of Artificial Intelligence-Based Technologies to Oppress Uyghur Muslims, Urge Secretary Pompeo to Work With Allies to Prevent Its Spread Internationally
Mar 12 2020
WASHINGTON, DC – Today, U.S. Senators Rob Portman (R-OH) and Mark Warner (D-VA) led a letter urging Secretary of State Mike Pompeo to continue to prioritize American leadership in talks about international standards for artificial intelligence, and to build an international coalition to preserve the integrity of international standards setting bodies. The letter responds to efforts by China, and technology companies closely aligned with the Chinese Communist Party, to utilize international standards setting bodies, such as the International Telecommunications Union (ITU), to advance and legitimize artificial intelligence-based technologies, such as facial recognition technologies, that have been used to oppress Uyghur Muslims. The United States must ensure that American values remain a part of the international conversation about artificial intelligence and facial recognition.
“We are writing to share our concerns regarding efforts by China, and technology companies closely aligned with the Chinese Communist Party, to utilize international standards setting bodies, such as the International Telecommunications Union (ITU), to internationalize standards for advanced surveillance technology. The evidence from Xinjiang Province of how artificial intelligence-based technologies, such as facial recognition technologies, are used to oppress Uyghur Muslims makes clear that standards setting bodies should not be used to advance or legitimize such practices. We urge you to continue to prioritize American leadership on this issue, and build an international coalition to preserve international standards setting bodies as technical economic fora,” wrote the senators.
Portman and Warner were joined in sending the letter by Senators Tom Cotton (R-AR), Richard Blumenthal (D-CT), Cory Gardner (D-CO), Chris Coons (D-DE), Steve Daines (R-MT), Chris Murphy (D-CT), Mike Braun (R-IN), Ed Markey (D-MA), John Cornyn (R-TX), Gary Peters (D-MI), Josh Hawley (R-MO), Jeanne Shaheen (D-NH), Marco Rubio (R-FL), Brian Schatz (D-HI), and Jacky Rosen (D-NV).
The full text of the letter to Secretary Pompeo can be found below and here.
Dear Secretary Pompeo,
Thank you for your efforts to draw attention to, and address, the ever growing number of concerns about totalitarian activities by the People’s Republic of China. We are writing to share our concerns regarding efforts by China, and technology companies closely aligned with the Chinese Communist Party, to utilize international standards setting bodies, such as the International Telecommunications Union (ITU), to internationalize standards for advanced surveillance technology. The evidence from Xinjiang Province of how artificial intelligence-based technologies, such as facial recognition technologies, are used to oppress Uyghur Muslims makes clear that standards setting bodies should not be used to advance or legitimize such practices. We urge you to continue to prioritize American leadership on this issue, and build an international coalition to preserve international standards setting bodies as technical economic fora.
International standards setting bodies are foundational to international trade and commerce. Without them, a litany of technical and logistical barriers to trade erected by different countries – with divergence on things as wide-ranging as food labeling, construction materials, and wireless communications standards – would balkanize our global economy. Thanks to American industry’s leadership, the United States has consistently set the bar for international standards setting. We believe it is vital for our economy, and foreign policy, to maintain that leadership.
Unfortunately, China has indicated a willingness to use standard setting bodies in perverse ways to normalize global opinions about Orwellian surveillance technology. By shaping the debate about the legitimate uses of artificial intelligence and facial recognition, China can expand opportunities for countries, particularly those in the developing world, to utilize Chinese surveillance technology. According to the Carnegie Endowment for International Peace, Chinese companies have supplied AI-based surveillance systems to 63 countries, including 36 of which are part of China’s Belt and Road Initiative.
With respect to the Uyghurs, China is using technology in ways never seen before. China use facial recognition to profile Uyghur individuals, classify them on the basis of their ethnicity, and single them out for tracking, mistreatment, and detention. The machine learning techniques used in Xinjiang Province, and throughout China, which are designed specifically, and intentionally, to classify people on the basis of physical traits harken back to troubling practices related to phrenology and eugenics. And these technologies are deployed in service of a dystopian vision for technology governance, that harnesses the economic benefits of the internet in the absence of political freedom and sees technology companies as instruments of state power.
As you know, China is currently working to use standards setting bodies to gain the imprimatur of international legitimacy and support across a range of emerging technologies. China’s censorship and surveillance technologies are the envy of autocratic regimes around the world, with China exporting both its technology and its technology governance vision to countries such as Venezuela, Ethiopia, Pakistan, Rwanda, Mongolia, and Zimbabwe. China’s efforts to steer standards setting bodies towards work in service of this anti-democratic vision for technology undermines the apolitical purposes standard setting bodies serve.
At the same time, we have seen our position as a global leader on technology issues weakened by a retreat of the United States from the global stage. The United States and its allies must build international support for rules and standards that address the internet’s potential for censorship and repression, presenting alternatives that explicitly embrace a free and open internet. To that end, we urge you to work closely with other countries to ensure China cannot use the ITU to advance its techno-nationalist agenda.
Some argue that China has an inherent advantage over the United States with respect to artificial intelligence because of China’s lax privacy standards and lack of respect for human rights—we disagree. We believe privacy and human rights protections are features, not bugs, of our democracy and our culture of innovation; they make America stronger, and more likely to win any “artificial intelligence race” going forward. Ultimately, technology is shaped by the norms of its development. Thank you for your consideration of our views on the intersection of human rights and artificial intelligence in China, and we look forward to working with you to ensure that the American values remain part of the international conversation about artificial intelligence and facial recognition.
Warner Leads Colleagues in Urging Internet Service Providers to Suspend Service Terms Affecting Telepresence Services During Coronavirus Outbreak
Mar 12 2020
WASHINGTON – Today, U.S. Sen. Mark R. Warner (D-VA) led 17 of his colleagues in sending a letter to the CEOs of eight major internet service providers (ISPs) calling on the companies to take steps to accommodate the unprecedented reliance we will likely see on telepresence services, including telework, online education, telehealth, and remote support services.
In the letter, sent to the CEOS of AT&T, CenturyLink, Charter Communications, Comcast, Cox Communications, Sprint, T-Mobile, and Verizon, the Senators call on companies to suspend restrictions and fees that could limit telepresence options. With disruptions likely to reveal the full extent of the nation’s broadband gaps, they also call on the companies to provide free or at-cost broadband options for students affected by the virus who otherwise lack broadband access for online learning during the outbreak.
“As organizations around the country formulate their responses to the recent outbreak and spread of the novel coronavirus, or COVID-19, we write to discuss the steps that your company is taking to accommodate the unprecedented reliance we will likely see on telepresence services, including telework, online education, telehealth, and remote support services,” wrote the Senators. “Specifically, we ask that you temporarily suspend broadband caps and associated fees or throttling for all communities affected by COVID-19 and work with public school districts, colleges, and universities to provide free, or at-cost, broadband options for students whose schools close due to COVID-19 who don’t have access at home.”
The novel coronavirus has sickened more than 113,000 people around the world, and killed more than 4,000 people to date. In the letter, the Senators emphasize the unprecedented demand for telepresence services that will likely occur during the coronavirus outbreak. The letter also highlights data from the Joint Economic Committee that nearly 12 million children live in homes lacking a broadband connection. According to Education Week, over 1.3 million students have already been impacted thus far by the coronavirus outbreak.
“No one should be penalized or suffer financial duress for following guidance from the CDC, their employer, local public health officials, or school leaders. Unfortunately, many Americans are subject to restrictive data caps for their home broadband service – caps that could be particularly onerous given the more intensive broadband usage of households practicing social distancing measures and the economic uncertainty for which too many people without paid sick leave are already bracing,” the Senators continued. “While it’s likely that your networks will experience significantly greater traffic as a consequence of social distancing measures, we encourage you to forebear from application of broadband caps and associated fees or throttling as workers and families cope with the effects of this health emergency.”
In addition to Sen. Warner, the letter was signed by Sens. Tim Kaine (D-VA), Michael Bennet (D-CO), Cory Booker (D-NJ), Tammy Baldwin (D-WI), Richard Blumenthal (D-CT), Jeff Merkley (D-OR), Elizabeth Warren (D-MA), Mazie Hirono (D-HI), Angus King (I-ME), Patty Murray (D-WA), Bernie Sanders (I-VT), Robert Menendez (D-NJ), Dick Durbin (D-IL), Jack Reed (D-RI), Ron Wyden (D-OR), Ed Markey (D-MA), and Gary Peters (D-MI).
March 12, 2020
Chief Executive Officer
208 S. Akard Street
Dallas, TX 75201
Chairman and Chief Executive Officer
Charter Communications, Inc.
400 Atlantic Street 10th floor
Stamford, CT 06901
President and Chief Executive Officer
1025 Eldorado Boulevard
Broomfield, CO 80021
President and Chief Executive Officer
Comcast Cable Communications, LLC
One Comcast Center
1701 JFK Boulevard
Philadelphia, PA 19103
President and Chief Executive Officer
6205-B Peachtree Dunwoody Road
Atlanta, GA 30328
President and Chief Executive Officer
6200 Sprint Parkway
Overland Park, KS 66211
Chief Executive Officer
12920 SE 38th Street
Bellevue, WA 98006
Chairman and Chief Executive Officer
Verizon Communications Inc.
One Verizon Way
Basking Ridge, NJ 07920
Dear Messrs. McElfresh, Esser, Rutledge, Combes, Storey, Legere, Watson, Vestberg:
As organizations around the country formulate their responses to the recent outbreak and spread of the novel coronavirus, or COVID-19, we write to discuss the steps that your company is taking to accommodate the unprecedented reliance we will likely see on telepresence services, including telework, online education, telehealth, and remote support services. Specifically, we ask that you temporarily suspend broadband caps and associated fees or throttling for all communities affected by COVID-19 and work with public school districts, colleges, and universities to provide free, or at-cost, broadband options for students whose schools close due to COVID-19 who don’t have access at home.
The novel coronavirus has sickened more than 113,000 people around the world, and killed more than 4,000 people to date. While this situation is rapidly evolving, including in the United States and Europe, the U.S. Centers for Disease Control and Prevention has said the potential public health threat posed by COVID-19 is very high and the spread of the disease in other countries shines a light on the need for a whole-of-society response.
On March 3, 2020, the CDC issued an interim guidance recommending that specific community actions be taken to limit exposure to the virus, on top of previously recommended community-based interventions in the event of a COVID-19 outbreak such as school dismissals, event cancellations, social distancing, and creating employee plans to work remotely. While the spread of COVID-19 is likely to affect different individuals, families, and communities differently, it is increasingly likely that a significant number of Americans will need to practice social distancing in some way.
During this period, it’s likely that we’ll see historic numbers of American students and their teachers relying on data-intensive services such as video teleconferencing, remote learning courses, and virtual mental health services. According to UNESCO, a “record number of school children are not attending school or university because of temporary or indefinite closures mandated by governments.” Selected schools have closed in at least 21 states and that number seems likely to rise as the number of new confirmed cases of COVID-19 increases. According to Education Week, over 1,300,000 students have been impacted thus far. Millions of workers have already begun teleworking in an effort to mitigate the spread of COVID-19; as evidence of the unprecedented demand for telework that we can expect to continue, videoconferencing software company Zoom has already added more active users this year than it did in all of 2019. To effectively contain the disruptive impact that social distancing measures will have on our economy and on American students, it will be essential that these students, teachers, and workers – including patients and providers using telehealth in place of in-person care – have access to affordable broadband.
No one should be penalized or suffer financial duress for following guidance from the CDC, their employer, local public health officials, or school leaders. Unfortunately, many Americans are subject to restrictive data caps for their home broadband service – caps that could be particularly onerous given the more intensive broadband usage of households practicing social distancing measures and the economic uncertainty for which too many people without paid sick leave are already bracing. While it’s likely that your networks will experience significantly greater traffic as a consequence of social distancing measures, we encourage you to forebear from application of broadband caps and associated fees or throttling as workers and families cope with the effects of this health emergency.
These disruptions are also likely to acutely highlight the broadband gap that too many American households still face. According to some estimates, nearly one-third of American households lack meaningful broadband access, either because their homes are unserved or because they cannot afford broadband service. Nearly 12 million children, for instance, live in homes lacking a broadband connection— a gap that highlights wider inequities facing rural Americans, American communities of color, and economically disadvantaged communities. Without meaningful broadband access, students from these communities could be set back months in their learning – further exacerbating the socio-economic disparities these communities face. To that end, we encourage you to make efforts to work with local school districts, community colleges, and universities to provide under- and unserved households with free, or at-cost, broadband options, including through the provision of mobile hotspots.
We look forward to hearing swiftly from you about what steps you will take to help limit the economic and social disruption that COVID-19 is posing at this challenging time. Containing the health impact of COVID-19 will depend on observance of social distancing measures outlined by CDC and public health authorities. But containing the economic and social impact of COVID-19 requires a whole-of-society effort. At this time of great strain on our economic and education systems, we encourage you to do everything you can to cushion the impacts on American workers and students.
Thank you in advance for your prompt attention to this matter. We are anxious to hear your response.
 “Interim US Guidance for Risk Assessment and Public Health Management of Persons with Potential Coronavirus Disease 2019 (COVID-19) Exposures,” Centers for Disease Control and Prevention (March 7, 2020), available at: https://www.cdc.gov/coronavirus/2019-ncov/php/risk-assessment.html
 “Preventing COVID-19 Spread in Communities,” Centers for Disease Control and Prevention (March 20, 2020), available at: https://www.cdc.gov/coronavirus/2019-ncov/community/index.html?CDC_AA_refVal=https%3A%2F%2Fwww.cdc.gov%2Fcoronavirus%2F2019-ncov%2Fpreparing-individuals-communities.html
 “COVID-19 Educational Disruption and Response,” United Nations Educational, Scientific, and Cultural Organization (UNESCO) (March 11, 2020), available at: https://en.unesco.org/themes/education-emergencies/coronavirus-school-closures
 “Map: Coronavirus and School Closures,” Education Week (March 11, 2020), available at: https://www.edweek.org/ew/section/multimedia/map-coronavirus-and-school-closures.html
 Jordan Novet, “Zoom Has Added More Videoconferencing Users This Year Than in All of 2019 Thanks to Coronavirus, Bernstein Says,” CNBC (February 26, 2020), available at: https://www.cnbc.com/2020/02/26/zoom-has-added-more-users-so-far-this-year-than-in-2019-bernstein.html
 Brian Heater, “Nearly A Third of US Households Don’t Have A Broadband Connection,” TechCrunch (July 25, 2019), available at: https://techcrunch.com/2019/07/25/nearly-a-third-of-u-s-households-dont-have-a-broadband-connection/
 “America’s Digital Divide,” Democratic Staff of the U.S. Congress Joint Economic Committee (September 2017), available at: https://www.jec.senate.gov/public/_cache/files/ff7b3d0b-bc00-4498-9f9d-3e56ef95088f/the-digital-divide-.pdf
Warner Calls on VP Pence to Combat Online Coronavirus Misinformation, Correct the Record on Mixed Trump Administration Messages
Mar 11 2020
WASHINGTON – Today, U.S. Sen. Mark R. Warner (D-VA) urged Vice President Mike Pence to take steps to both combat online misinformation related to the coronavirus outbreak and to correct false and misleading statements by the President and other members of the Administration, in the interest of public health. This letter follows reports of widespread misinformation on social media about the novel coronavirus (COVID-19) – from conspiracies about the virus’ inception, to false claims about products that were said to provide immunity or cures.
“I am deeply concerned that despite the seriousness of the novel coronavirus (COVID-19) outbreak, your coronavirus taskforce and members of the Administration have failed to consistently counter the significant amount of misinformation conveyed to the American public. In many instances, we have seen misinformation spread by those seeking to profit from untested and potentially dangerous products misrepresented as effective treatments for the virus,” wrote Sen. Warner. “Of even greater concern, false or misleading information has also come directly from prominent members of the Administration, up to and including the President.”
“The President’s injudicious and false statements could gravely undermine ongoing public health efforts to contain the outbreak. His statements directly conflict with the advice and recommendations of your own coordinated federal response and leading public health experts and will likely exacerbate economic uncertainty and discourage individuals from seeking needed care. To date, I am not aware of any steps your Administration has taken to publicly correct this false narrative,” he continued. “Simply put – this conflicting messaging and misinformation will weaken our ability to respond to COVID-19 and significantly undermine ongoing public health efforts. I strongly encourage you to publicly withdraw and correct President Trump’s statements and other false statements made by members of the Administration. In addition I ask that, moving forward, the coronavirus taskforce proactively monitor and develop a comprehensive strategy to counter widespread misinformation, including campaigns by foreign actors or parties seeking to profit from fraudulent health treatments. Information conveyed to the public must accurately reflect the latest guidance from public health experts and other authorities.”
Around the world, the novel coronavirus has sickened more than 113,000 people and killed more than 4,000 people to date. In the Commonwealth of Virginia alone, there have been nine identified cases of the virus.
In his letter, Sen. Warner noted that the President’s false statements “stoke and legitimize already widespread online misinformation concerning the virus.” He also highlighted indications “that at least some of the misinformation is derived from, or at least amplified by, malicious foreign actors.”
The Honorable Michael R. Pence
Vice President of the United States of America
The White House
1600 Pennsylvania Avenue, NW
Washington, D.C. 20500
Dear Vice President Pence:
I am deeply concerned that despite the seriousness of the novel coronavirus (COVID-19) outbreak, your coronavirus taskforce and members of the Administration have failed to consistently counter the significant amount of misinformation conveyed to the American public. In many instances, we have seen misinformation spread by those seeking to profit from untested and potentially dangerous products misrepresented as effective treatments for the virus. Of even greater concern, false or misleading information has also come directly from prominent members of the Administration, up to and including the President. I believe that, left unaddressed, this misinformation and conflicting messaging will undermine our ability to respond to COVID-19 by reducing public confidence in ongoing public health efforts, creating economic uncertainty and causing the public to respond in counterproductive ways.
As you know, the novel coronavirus (COVID-19) has sickened more than 118,000 people around the world, and killed more than 4,200 people to date. While this situation is rapidly evolving in the United States, the Centers for Disease Control and Prevention (CDC) has said the potential public health threat posed by COVID-19 is very high. It is essential that the Administration communicate timely and accurate information to the American public. This should include a coordinated effort to address potentially harmful misinformation spread through social media and other sources.
On March 4, 2020, during a phone call televised to millions of viewers, President Donald J. Trump indicated that Americans who fear they may have COVID-19 should continue going to work and not seek medical care, and told viewers that the World Health Organization’s (WHO) estimates of the virus’ deadliness were false. In addition, on February 26, 2020 the President carelessly downplayed the seriousness of this outbreak by telling the American public that COVID-19 cases in the U.S. were “going very substantially down, not up” and that the existing 15 cases in the U.S. “is going to be down to close to zero” in two days. As you know, cases have increased exponentially since that time.
The President’s injudicious and false statements could gravely undermine ongoing public health efforts to contain the outbreak. His statements directly conflict with the advice and recommendations of your own coordinated federal response and leading public health experts and will likely exacerbate economic uncertainty and discourage individuals from seeking needed care. To date, I am not aware of any steps your Administration has taken to publicly correct this false narrative.
In addition, such remarks stoke and legitimize already widespread online misinformation concerning the virus. There are indications that at least some of the misinformation is derived from, or at least amplified by, malicious foreign actors. Additional misleading statements from members of the Administration, combined with intentional falsehoods pushed by these malicious actors, will only make matters worse.
Successfully combatting COVID-19 will require that public officials, health care providers and the American public act in a coordinated and responsible manner and, should the need arise, follow recommendations of public health experts to social distance, self-quarantine and take additional safety measures. This will not be possible if the Administration does not take proactive steps to counter false information and consistently relay trusted, accurate and timely information to the American public.
Simply put – this conflicting messaging and misinformation will weaken our ability to respond to COVID-19 and significantly undermine ongoing public health efforts. I strongly encourage you to publicly withdraw and correct President Trump’s statements and other false statements made by members of the Administration. In addition I ask that, moving forward, the coronavirus taskforce proactively monitor and develop a comprehensive strategy to counter widespread misinformation, including campaigns by foreign actors or parties seeking to profit from fraudulent health treatments. Information conveyed to the public must accurately reflect the latest guidance from public health experts and other authorities. Thank you for your attention to this request and I look forward to your response.
WASHINGTON- U.S. Senator John Cornyn (R-TX), Senate Select Committee on Intelligence Chairman Richard Burr (R-NC), and Vice Chairman Mark Warner (D-VA) issued the following statements after their Secure 5G and Beyond Act, which would require the President to develop a strategy and implementation plan to ensure the security of next-gen mobile telecommunications systems and infrastructure in the United States, passed the House of Representatives:
“Securing our telecommunications infrastructure from foreign interference is a priority as we work to keep the United States on the cutting-edge of 5G technology,” said Sen. Cornyn. “I appreciate the House of Representatives for swiftly passing this legislation, and I look forward to it becoming the law of the land soon.”
“5G is the next great technological evolution for the telecommunications industry,” said Sen. Burr. “The same features that make 5G a powerful tool for growth and innovation – its incredible speed and wide reach – also pose an unprecedented national security challenge. Now is the time for the U.S. to develop a real strategy for confronting these challenges, and I applaud Congress for advancing us toward that goal.”
“5G promises to usher in a new wave of innovations, products, and services. At the same time, the greater complexity, density, and speed of 5G networks relative to traditional communications networks will make securing these networks harder and more complex. It’s why we need a coherent, national strategy to harness the advantages of 5G in a way that addresses those risks,” said Sen. Warner. “I’m glad that the House has passed our bill and is sending it on to the President’s desk for his signature.”
Background on the Secure 5G and Beyond Act:
- Requires the President to create an inter-agency strategy to secure 5th generation and future generation technology and infrastructure in the United States and with our strategic allies.
- Designates NTIA to assist the President in managing the implementation plan in coordination with: the Chairman Federal Communications Commission, the Secretary of Homeland Security, the Director of National Intelligence, the Attorney General, the Secretary of State and the Secretary of Defense.
- Ensures that the strategy and implementation plan do not include a recommendation to nationalize 5th generation deployment or future generations of mobile telecommunications infrastructure in the United States.
Senator John Cornyn, a Republican from Texas, is a member of the Senate Finance, Intelligence, and Judiciary Committees.
WASHINGTON- U.S. Senator John Cornyn (R-TX), Senate Select Committee on Intelligence Chairman Richard Burr (R-NC), and Vice Chairman Mark Warner (D-VA) issued the following statements after the Senate passed their legislation, the Secure 5G and Beyond Act, yesterday to require the President to develop a strategy to ensure the security of next-gen mobile telecommunications systems and infrastructure in the United States, as well as assist allies in maximizing the security of their systems, infrastructure, and software:
“As our telecommunications technology advances, we must have plans in place to keep it secure from foreign interference,” said Sen. Cornyn. “I’m grateful to my colleagues for recognizing the risks that come along with the rewards of 5G technology, and I urge the House to pass this legislation as soon as possible.”
“It’s imperative we not only understand the revolutionary value of next-gen communications, but also the security measures required to ensure the deployment of safe and secure 5G networks,” said Sen. Burr. “I’m proud to work with my colleagues on this important legislation, which will bring together a variety of industry experts, further protect Americans’ privacy rights, and better equip our nation with a comprehensive strategy as we continue to be a global leader in technology.”
“5G promises to usher in a new wave of innovations, products, and services. At the same time, the greater complexity, density, and speed of 5G networks relative to traditional communications networks will make securing these networks harder and more complex. It’s why we need a coherent, national strategy to harness the advantages of 5G in a way that addresses those risks,” said Sen. Warner.
Background on the Secure 5G and Beyond Act:
- Requires the President to create an inter-agency strategy to secure 5th generation and future generation technology and infrastructure in the United States and with our strategic allies.
- Designates NTIA to coordinate implementation of the plan in coordination with: the Chairman of the FCC, the Secretary of Homeland Security, the Director of National Intelligence, the Attorney General, Secretary of State and the Secretary of Defense.
- Ensures that the strategy and implementation plan do not include a recommendation to nationalize 5th generation deployment or future generations of mobile telecommunications infrastructure in the United States.
Senator John Cornyn, a Republican from Texas, is a member of the Senate Finance, Intelligence, and Judiciary Committees.
Feb 26 2020
WASHINGTON – Today, U.S. Sen. Mark R. Warner (D-VA), Vice Chairman of the Senate Select Committee on Intelligence and co-chair of the bipartisan Senate Cybersecurity Caucus, stressed the importance of vulnerability disclosure programs, such as the one at the Department of Defense (DoD) that recently allowed a researcher to report malware that was actively exploiting a security misconfiguration on a DoD server. In a letter to the DoD’s Chief Information Officer, Sen. Warner highlighted his Internet of Things (IoT) Cybersecurity Improvement Act, noting that the piece of legislation would help advance similar coordinated vulnerability programs and work in conjunction with the procedures in place at DoD.
The bipartisan, bicameral legislation, which successfully passed through the Senate Homeland Security and Governmental Affairs Committee in June, would improve the cybersecurity of Internet-connected devices and require that devices purchased by the U.S. government meet certain minimum security requirements.
“This incident demonstrates the inherent value of vulnerability disclosure programs for information technology products operated by federal agencies,” wrote Sen. Warner. “These programs are a crucial force multiplier for federal cybersecurity efforts. Clear guidelines and a process for security researchers to find and share vulnerabilities enabled this malware discovery, and ultimately prompt remedial action by DoD. Continuing to encourage the responsible discovery and disclosure of bugs or vulnerabilities on federal information technology systems with both internal and outside security researchers can only strengthen the cybersecurity posture of federal and DoD systems.”
According to ZDNet, a security researcher searching for bots discovered that a DoD automation server running on an Amazon Web Services (AWS) cloud-computing platform was publicly accessible and did not require login credentials. Later on, the researcher discovered that the server had been compromised and was being used to mine cryptocurrency by a botnet.
In his letter, the Senator also emphasized the need to utilize proper cybersecurity measures and monitoring, including on commercial cloud-computing platforms and open source software, such as the server involved in the DoD incident.
“I am hopeful that DoD will take the lessons from this incident seriously and reassess current processes as necessary. It is crucial to ensure that future incidents involving open vulnerabilities and improper access configurations that permit malware installation on federal information technology systems cannot reoccur, including on systems hosted by commercial cloud service providers,” he continued. “I also hope to continue to work with you on passing my legislation and continuing to push for strong, thoughtful, cybersecurity policies.”
A copy of the letter can be found here and below.
Chief Information Officer
U.S. Department of Defense
1300 Defense Pentagon
Washington, DC 20301-1300
Dear Mr. Deasy:
I write about some recently reported cybersecurity issues at DoD. In particular, I read about malware actively exploiting a security misconfiguration that was recently discovered on a Department of Defense (DoD) web server. From the current analysis and reporting of the incident, the malware was part of a botnet that apparently mined cryptocurrency using DoD resources and IT systems and raises broader cybersecurity concerns.
According to news reports, a security researcher first found the vulnerability on a DoD-managed cloud computing system exposed to the internet. The researcher then discovered that malware associated with mining Monero cryptocurrency was installed and operating on the same server. In January, once the security certificate identified the web server as an official DoD resource, the researcher reported the vulnerability and subsequent malware discovery under DoD’s official vulnerability disclosure program.
This incident demonstrates the inherent value of vulnerability disclosure programs for information technology products operated by federal agencies. These programs are a crucial force multiplier for federal cybersecurity efforts. Clear guidelines and a process for security researchers to find and share vulnerabilities enabled this malware discovery, and ultimately prompt remedial action by DoD. Continuing to encourage the responsible discovery and disclosure of bugs or vulnerabilities on federal information technology systems with both internal and outside security researchers can only strengthen the cybersecurity posture of federal and DoD systems.
There is pending bipartisan, bicameral legislation that I have introduced which would ensure that vendors of key information technology products, such as Internet of Things devices, maintain coordinated vulnerability programs. This bill would serve as a complement to the procedures DoD already employs.
While the use of commercial cloud computing can be a cost effective method to deploy and manage information technology and services, the use of a cloud itself does not ensure cybersecurity. Rigorous cybersecurity defensive measures and monitoring remain crucial for systems, even when DoD resources are deployed on commercial cloud computing platforms. While open source software, such as the automation server employed in this incident, may be beneficial, it is also essential to monitor all software for vulnerabilities and ensure they are promptly mitigated. Likewise, continuous use of software requires an effective continuous monitoring process for addressing newly discovered vulnerabilities in the software. And perhaps most importantly in the shared security model of commercial cloud computing, ensuring safe and secure configurations related to access is a key concern.
I am hopeful that DoD will take the lessons from this incident seriously and reassess current processes as necessary. It is crucial to ensure that future incidents involving open vulnerabilities and improper access configurations that permit malware installation on federal information technology systems cannot reoccur, including on systems hosted by commercial cloud service providers. I also hope to continue to work with you on passing my legislation and continuing to push for strong, thoughtful, cybersecurity policies.
As always, I appreciate your service in this important role.
Feb 13 2020
WASHINGTON – Today, the U.S. Eastern District of New York announced charges against Huawei Technologies Co., LTD and several of its subsidiaries. Senate Select Committee on Intelligence Chairman Richard Burr (R-NC) and Vice Chairman Mark Warner (D-VA) released the following statement:
“Today's announcement by the Eastern District of New York is an important step in combatting Huawei's state-directed and criminal enterprise. The indictment paints a damning portrait of an illegitimate organization that lacks any regard for the law. Intellectual property theft, corporate sabotage, and market manipulation are part of Huawei's core ethos and reflected in every aspect of how it conducts business. It uses these tactics indiscriminately against competitors and collaborators alike. Huawei's unlawful business practices are a threat to fair and open markets, as well as to legitimate competition in a tech space that is critical for the global economy. We commend the men and women of the FBI who pursued this investigation, and the prosecutors in New York who brought this indictment.”
Statement of Senate Intel Vice Chair Mark R. Warner on Charges Against Chinese Spies for Hacking Equifax
Feb 10 2020
WASHINGTON – U.S. Sen. Mark R. Warner (D-VA), Vice Chairman of the Senate Select Committee on Intelligence and co-chair of the Senate Cybersecurity Caucus, issued the following statement after federal prosecutors today charged four Chinese intelligence officers with hacking Equifax in one of the largest data breaches in history:
“I’m glad the DOJ has moved to formally indict the Chinese intelligence officers associated with the hack of Equifax. For years, the Chinese government has targeted western commercial firms. It is disappointing that despite a lot of rhetoric President Trump’s recent agreement with China does nothing to address this specific issue.
“That said, the indictment does not detract from the myriad of vulnerabilities and process deficiencies that we saw in Equifax’s systems and response to the hack. A company in the business of collecting and retaining massive amounts of Americans’ sensitive personal information must act with the utmost care – and face any consequences that arise from that failure. The legislation I have with Senator Warren would subject data brokers to a higher standard of care and is an important first step in data protection.”
Sen. Warner has been outspoken about the importance of protecting consumers from data theft by employing adequate cybersecurity practices. He has previously introduced legislation to hold large credit reporting agencies – including Equifax – accountable for data breaches involving sensitive consumer data.
Statement of U.S. Sen. Mark R. Warner on the UK's decision to allow Huawei to help build its 5G network
Jan 28 2020
WASHINGTON – U.S. Sen. Mark R. Warner (D-VA), Vice Chairman of the Senate Select Committee on Intelligence and co-chair of the Senate Cybersecurity Caucus, issued the following statement after the United Kingdom announced its decision to allow Chinese equipment provider Huawei to help build its 5G wireless network:
"I am disappointed by the UK’s decision today, especially since the security risks are so well understood. But under current circumstances, I remain committed to working with the UK and other key allies to build more diverse and secure telecommunication options that provide competitive alternatives to Huawei. I have introduced legislation that seeks to accomplish that, including a Multilateral Telecommunications Security Fund, and hope the UK will commit to partnering on this effort in the coming months. It is critical that countries committed to building and maintaining secure networks come together. Current financial support by China for Huawei puts any Western alternative at a serious disadvantage.”
Sen. Warner, a former telecommunications entrepreneur, has been outspoken about the dangers of allowing the use of Huawei equipment in U.S. telecommunications infrastructure, and that of U.S. allies. Earlier this month, Sen. Warner and a bipartisan group of leading national security Senators introduced legislation to encourage and support U.S. innovation in the race for 5G, providing over $1 billion to invest in Western-based alternatives to Chinese equipment providers Huawei and ZTE. Last year, he and Sen. Marco Rubio (R-FL) warned the Trump Administration against using Huawei as a bargaining chip in trade negotiations, and urged Canadian Prime Minister Justin Trudeau to reconsider Huawei’s inclusion in Canada’s 5G development, introduction and maintenance.
Jan 14 2020
WASHINGTON – Today, a bipartisan group of leading national security Senators introduced legislation to encourage and support U.S. innovation in the race for 5G, providing over $1 billion to invest in Western-based alternatives to Chinese equipment providers Huawei and ZTE.
Heavily subsidized by the Chinese government, Huawei is poised to become the leading commercial provider of 5G, with far-reaching effects for U.S. economic and national security. With close ties to the Communist Party of China, Chinese state-directed technology companies present unacceptable risks to our national security and to the integrity of information networks globally. However, U.S. efforts to convince foreign partners to ban Huawei from their networks have stalled amid concerns about a lack of viable, affordable alternatives.
Today’s bipartisan legislation, the Utilizing Strategic Allied (USA) Telecommunications Act, would reassert U.S. and Western leadership by encouraging competition with Huawei that capitalizes on U.S. software advantages, accelerating development of an open-architecture model (known as O-RAN) that would allow for alternative vendors to enter the market for specific network components, rather than having to compete with Huawei end-to-end.
“Every month that the U.S. does nothing, Huawei stands poised to become the cheapest, fastest, most ubiquitous global provider of 5G, while U.S. and Western companies and workers lose out on market share and jobs. Widespread adoption of 5G technology has the potential to unleash sweeping effects for the future of internet-connected devices, individual data security, and national security. It is imperative that Congress address the complex security and competitiveness challenges that Chinese-directed telecommunication companies pose,” said Sen. Mark R. Warner (D-VA), who co-founded the wireless company Nextel before entering public service and currently serves as Vice Chairman of the Senate Select Committee on Intelligence. “We need to move beyond observing the problem to providing alternatives for U.S. and foreign network operators.”
“When it comes to 5G technology, the decisions we make today will be felt for decades to come. The widespread adoption of 5G has the potential to transform the way we do business, but also carries significant national security risks. Those risks could prove disastrous if Huawei, a company that operates at the behest of the Chinese government, military, and intelligence services, is allowed to take over the 5G market unchecked. This legislation will help maintain America’s competitive advantage and protect our national security by encouraging Western competitors to develop innovative, affordable, and secure 5G alternatives,” said Sen. Richard Burr (R-NC), Chairman of the Senate Select Committee on Intelligence.
“The Trump Administration’s lecturing of our allies about the dangers of relying on the Chinese for 5G is no replacement for the development of 5G alternatives,” said Sen. Bob Menendez (D-NJ), Ranking Member of the Senate Foreign Relations Committee. “This bill, which will supply the U.S. government with resources to help the private sector create viable 5G alternatives from all ends of the supply chain, is a long overdue step in the right direction. As I’ve said over and over again, confronting China is not the same as being competitive with China. It is time we do just that.”
“We are at a critical point in history for defining the future of the U.S.-China relationship in the 21st century, and we cannot allow Chinese state-directed telecommunications companies to surpass American competitors,” Sen. Marco Rubio (R-FL), a member of the Senate Intelligence and Foreign Relations Committees, said. “It is not only in our national security interests to support American competition in the 5G market, but it is also in our economic interests to continue to build and support an economy that leverages American strengths and creates American jobs in the industries of the future without relying on malign Chinese state-directed actors like Huawei and ZTE.”
“We should not accept a world that is forced to rely on Chinese telecommunication companies to unlock the benefits of 5G and next generation wireless technologies,” said Sen. Michael Bennet (D-CO), a member of the Senate Intelligence Committee. “It is imperative for America’s competitiveness and security that we develop alternatives for U.S. and foreign network operators. This $1 billion investment will send a strong, bipartisan signal that the United States is committed to developing viable, secure, and cutting-edge alternatives to China’s 5G technology while eliminating dependence on technology that poses real security threats.”
“5G technology presents a host of opportunities to transform American telecommunications,” Sen. John Cornyn (R-TX), a member of the Senate Intelligence Committee, said. “By helping to spur innovations in 5G, we can inoculate ourselves against the threat posed by China and encourage the development of technology that is secure, affordable, and economically beneficial to our allies.”
The Utilizing Strategic Allied (USA) Telecommunications Act would:
- Require the Federal Communications Commission (FCC) to direct at least $750 million, or up to 5 percent of annual auction proceeds, from new auctioned spectrum licenses to create an O-RAN R&D Fund to spur movement towards open-architecture, software-based wireless technologies, funding innovative, ‘leap-ahead’ technologies in the U.S. mobile broadband market. The fund would be managed by the National Telecommunications and Information Administration (NTIA), with input from the FCC, Defense Advanced Research Project Agency (DARPA), and National Institute of Standards and Technology (NIST), among others;
- Create a $500 million Multilateral Telecommunications Security Fund, working with our foreign partners, available for 10 years to accelerate the adoption of trusted and secure equipment globally and to encourage multilateral participation, and require reports for Congress on use of proceeds and progress against goals to ensure ample oversight;
- Create a transition plan for the purchase of new equipment by carriers that will be forward-compatible with forthcoming O-RAN equipment so small and rural carriers are not left behind;
- Increase U.S. leadership in International Standards Setting Bodies (ISSBs) by encouraging greater U.S. participation in global and regional telecommunications standards forums and requiring the FCC write a report to Congress with specific recommendations;
- Expand market opportunities for suppliers and promote economies of scale for equipment and devices by encouraging the FCC to harmonize new commercial spectrum allocations with partners where possible, thus promoting greater alignment with allies and driving down the cost of Huawei alternatives.
“VMware is very supportive of the Utilizing Strategic Allied (USA) Telecommunications Act. Moving towards an open, virtualized RAN infrastructure will speed up 5G network integration and rollout, while decreasing deployment costs. We thank Senator Warner for his approach, which will foster U.S.-led innovation in the mobile technology space and give carriers more secure options to buildout our next-generation wireless infrastructure,” said Allwyn Sequeira, SVP & GM of Telco Edge Cloud Products for VMware.
“The security of America's communications networks is an essential component in ensuring our nation's economic leadership, now and in the future. It requires all of us -- the industry, the government and those who live and work here – collaborating on efforts to build and maintain smart and secure communications. Verizon appreciates the forward-thinking, bipartisan Members of Congress that introduced this bill today. We look forward to working with Congress as we move forward with this important measure,” said Robert Fisher, SVP Federal Government Relations, Verizon.
“AT&T applauds Senator Warner, Senator Burr and the bipartisan group of cosponsors for introducing legislation that will promote the development and deployment of open standards-based advanced telecommunications networks. We look forward to working with Congress through the legislative process to see this measure enacted,” said Tim McKone, Executive Vice President, Federal Relations, AT&T.
“Juniper Networks supports the ‘USA Telecommunications Act’ introduced by Senator Mark Warner, Senator Richard Burr and the bipartisan group of original cosponsors. The development of open standards and deployment of open standards-based interoperable equipment are crucial to the building of secure 5G networks. The Trust Funds that the Warner-Burr bill proposes would boost R&D spending as well as U.S. leadership in 5G. We look forward to working with Congress and the Administration to get this bill enacted into law and implemented," said Manoj Leelanivas, Executive Vice President and Chief Product Officer, Juniper Networks.
Bill text is available here.
Jan 07 2020
WASHINGTON – Today, U.S. Sens. Mark R. Warner (D-VA) and Sen. Deb Fischer (R-NE) announced two new bipartisan co-sponsors for their legislation to protect consumers from being tricked into giving away their personal data online. Sens. Amy Klobuchar (D-MN) and John Thune (R-SD), two senior members of the Senate Commerce Committee, have co-sponsored the Warner-Fischer legislation to prohibit large online platforms from using deceptive user interfaces, known as “dark patterns” to trick consumers into handing over their personal data.
“Whether you bought Christmas gifts online, downloaded a new messaging app, or tried to navigate a major browser’s byzantine privacy settings, chances are you were a victim of a dark pattern. In fact, if you wanted to score that extra discount at checkout, these design tactics most likely manipulated you into handing over more than just your email address to get that deal,” Sen. Warner. “I’m grateful to have the support of Sen. Klobuchar and Sen. Thune on this important bill to make sure Americans have more transparency about, and control over, their interactions online.”
“Nearly every time Americans use a new app on our smart phones or browse social media from our laptops, we run into dark patterns. These unethical tricks online platforms use as they battle to capture attention and manipulate users must be stopped. I am pleased to have expanded bipartisan support for this legislation that combats risks to consumer choice and privacy online,” said Sen. Fischer.
“Dark patterns are manipulative tactics used to trick consumers into sharing their personal data. These tactics undermine consumers’ autonomy and privacy, yet they are becoming pervasive on many online platforms,” said Sen. Klobuchar. “This legislation would help prevent the major online platforms from using such manipulative tactics to mislead consumers, and it would prohibit behavioral experiments on users without their informed consent.”
“We live in an environment where large online operators often deploy manipulative practices or ‘dark patterns’ to obtain consent to collect user data, so I’m glad this bills takes meaningful steps to advance consumer transparency,” said Sen. Thune. “I particularly applaud the provisions of this bill that require large online operators to be more transparent about when users are subject to behavioral or psychological research for the purpose of promoting engagement on their platforms. I want to thank Sens. Warner and Fischer for leading this effort, and I’m glad to join them and Sen. Klobuchar in cosponsoring this important legislation.”
The bipartisan Deceptive Experiences To Online Users Reduction (DETOUR) Act aims to curb manipulative dark pattern behavior by prohibiting the largest online platforms (those with over 100 million monthly active users) from relying on user interfaces that intentionally impair user autonomy, decision-making, or choice. Specifically, the legislation:
- Enables the creation of a professional standards body, which can register with the Federal Trade Commission (FTC), to focus on best practices surrounding user design for large online operators. This association would act as a self-regulatory body, providing updated guidance to platforms on design practices that impair user autonomy, decision-making, or choice, positioning the FTC to act as a regulatory backstop.
- Prohibits segmenting consumers for the purposes of behavioral experiments, unless with a consumer’s informed consent. This includes routine disclosures for large online operators, not less than once every 90 days, on any behavioral or psychological experiments to users and the public. Additionally, the bill would require large online operators to create an internal Independent Review Board to provide oversight on these practices to safeguard consumer welfare.
- Prohibits user design intended to create compulsive usage among children under the age of 13 years old.
- Directs the FTC to create rules within one year of enactment to carry out the requirements related to informed consent, Independent Review Boards, and Professional Standards Bodies.
Sen. Warner has been raising concerns about the implications of social media companies’ reliance on dark patterns for several years. In 2014, Sen. Warner asked the FTC to investigate Facebook’s use of dark patterns in an experiment involving nearly 700,000 users designed to study the emotional impact of manipulating information on News Feeds.
Sen. Warner is also recognized as one of Congress’ leading voices in an ongoing public debate around social media and user privacy. He has written and introduced a series of bipartisan bills designed to protect consumers and promote competition in social media. The Designing Accounting Safeguards to Help Broaden Oversight And Regulations on Data (DASHBOARD) Act will require data harvesting companies such as social media platforms to tell consumers and financial regulators exactly what data they are collecting from consumers, and how it is being leveraged by the platform for profit.? The Honest Ads Act will help prevent foreign interference in future elections and improve the transparency of online political advertisements. The Augmenting Compatibility and Competition by Enabling Service Switching (ACCESS) Act is a bipartisan bill to encourage market-based competition to dominant social media platforms by requiring the largest companies to make user data portable – and their services interoperable – with other platforms, and to allow users to designate a trusted third-party service to manage their privacy and account settings, if they so choose.
WASHINGTON – Today, U.S. Sen. Mark R. Warner (D-VA) released the following statement after President Trump signed into law a bill sponsored by Sen. Warner to crack down on illegal robocall scams:
“The truth is, folks in Virginia and across the nation are sick and tired of receiving unsolicited robocalls at all hours of the day,” said Sen. Warner. “These calls are intrusive and often set up by scammers looking to pray on vulnerable individuals. I’m proud to have sponsored this legislation and am very excited to see it signed into law so that it can start giving individuals some peace of mind. Personally, I know I won’t miss these annoying robocalls, and I have a feeling other Virginians won’t either.”
The Telephone Robocall Abuse Criminal Enforcement and Deterrence (TRACED) Act gives regulators more time to find scammers, increases civil forfeiture penalties for those who are caught, requires service providers to adopt call authentication and blocking, and brings relevant federal agencies and state attorneys general together to address impediments to criminal prosecution of robocallers who intentionally break laws. Sen. Warner sponsored the Senate version of the bill, which passed the Senate in 97-1 vote in May 2019. After the House passed an amended version of the bill earlier this month, the Senate unanimously voted to send the bill to the President’s desk for signature on December 18.
The TRACED Act:
- Broadens the authority of the Federal Communications Commission (FCC) to levy civil penalties of up to $10,000 per call on people who intentionally flout telemarketing restrictions.
- Extends the window for the FCC to catch and take civil enforcement action against intentional violations to four years after a robocall is placed. Under current law, the FCC has only one year to do so, and the FCC has told the committee that “even a one-year longer statute of limitations for enforcement” would improve enforcement against violators.
- Brings together the Department of Justice, FCC, Federal Trade Commission, Department of Commerce, Department of State, Department of Homeland Security, the Consumer Financial Protection Bureau, and other relevant federal agencies, as well as state attorneys general and other non-federal entities to identify and report to Congress on improving deterrence and criminal prosecution at the federal and state level of robocall scams.
- Requires voice service providers to adopt call authentication technologies, enabling a telephone carrier to verify that incoming calls are legitimate before they reach consumers’ phones.
- Directs the FCC to initiate a rulemaking to help protect subscribers from receiving unwanted calls or texts from callers.
- Directs the FCC to initiate a rulemaking process to protect consumers from “one-ring” scams.
- Requires the FCC to establish a working group to issue best practices to prevent hospitals from receiving illegal robocalls.
Dec 04 2019
WASHINGTON – U.S. Sens. Mark R. Warner (D-VA) and John Cornyn (R-TX) today introduced the UIGHUR Protection Act, which would place export controls on critical technologies to China, such as facial recognition software, that can be used to facilitate mass surveillance and detention.
“As we have seen from extensive reporting and leaked Chinese government documents, the Chinese government is undertaking systematic repression and internment of Uighurs and other ethnic minorities in the Xinjiang Uighur Autonomous region in the People’s Republic of China. This behavior extends beyond Xinjiang to other regions and online communities. We need to ensure that US companies are not enabling these efforts, intentionally or inadvertently, by selling specific technology items that provide critical capabilities to the Chinese government for their surveillance, censorship, and social control efforts,” said Sen. Warner.
“For years, members of China’s Uighur population have been unjustly detained and surveilled by the Chinese government,” said Sen. Cornyn. “American technology should not be used for the oppression of ethnic minority groups by foreign governments, and this legislation would ensure that the United States has no part in these despicable practices.”
The UIGHUR Protection Act would require the President, no later than 120 days after enactment, to identify and place items and technologies on the Commerce Control List that provide a critical capability to the Chinese government for suppressing human rights. Special licenses may be granted by the President for the export, re-export, or in-country transfer to or within China for these critical technologies but the bill would require a presumption of denial.
Uighurs, or Uyghurs, are an ethnic group living primarily in the Xinjiang Uyghur Autonomous Region (XUAR) in China’s northwest. Since an outbreak of demonstrations and ethnic unrest in 2009 and clashes involving Uyghurs and Xinjiang security personnel that spiked between 2013 and 2015, the Chinese Community Party (CCP) began a policy of mass internment through labor camps they refer to as “reeducation camps.”
According to various estimates, Xinjiang authorities have detained over one million Turkic Muslims, mostly ethnic Uyghurs, and Kazakhs, in these camps without formal charges, trials or hearings, and with no timetable for release. According to former detainees, treatment and conditions in the camps include beatings, food deprivation, and crowded and unsanitary conditions.
Nov 19 2019
WASHINGTON – Today, the bipartisan leadership of several key Senate committees urged President Trump’s national security adviser to designate a senior coordinator dedicated to leading the nation’s effort to develop and deploy next-generation communications technologies. In a letter to Robert O’Brien, who was appointed as national security adviser in September, the top Republican and Democratic Senators on the Senate Select Committee on Intelligence, the Senate Homeland Security and Governmental Affairs Committee, the Senate Foreign Relations Committee and the Senate Armed Services Committee stressed the urgent need for the Trump administration to develop a national strategy for 5G, and to prioritize across government agencies the nation’s effort to develop and deploy the technology.
“While we appreciate the progress being made within and across departments and agencies, we are concerned that their respective approaches are not informed by a coherent national strategy. In our view, the current national level approach to 5G comprises of a dispersed coalition of common concern, rather than a coordinated, interagency activity. Without a national strategy, facilitated by a common understanding of the geopolitical and technical impact of 5G and future telecommunications advancements, we expect each agency will continue to operate within its own mandate, rather than identifying national authority and policy deficiencies that do not neatly fall into a single department or agency. This fractured approach will not be sufficient to rise to the challenge the country faces. We hope that you, as the new National Security Adviser, will make this issue a top priority. We would further urge you to designate a dedicated, senior individual focused solely on coordinating and leading the nation’s effort to develop and deploy future telecommunications technologies. We believe that having a senior leader would position the United States to lead on telecommunications advancements, ensure the United States is appropriately postured against this strategic threat, and demonstrate to our allies the seriousness with which the nation considers the issue,” wrote Sens. Mark R. Warner (D-VA) and Richard Burr (R-NC), the Vice Chairman and Chairman of the Intelligence Committee; Sens. Ron Johnson (R-WI) and Gary Peters (D-MI), the Chairman and Ranking Member of the Homeland Security and Governmental Affairs Committee; Sens. Jim Risch (R-ID) and Bob Menendez (D-NJ), the Chairman and Ranking Member of the Foreign Relations Committee; and Sens. Jim Inhofe (R-OK) and Jack Reed (D-RI), the Chairman and Ranking Member of the Armed Services Committee.
The Senators stressed the dangers of allowing China to continue to lead the development of 5G technology. Maintaining White House focus on 5G is especially important in light of last week’s decision to eliminate the emerging technologies directorate at the National Security Council.
“While the United States has led in the development and deployment of previous telecommunications evolutions, 5G represents the first evolutionary step for which an authoritarian nation leads the marketplace for telecommunications solutions. China’s leadership, combined with the United States’ increased reliance on high-speed, reliable telecommunications services to facilitate both commerce and defense, poses a strategic risk for the country. We cannot rely exclusively on defensive measures to solve or mitigate the issue, but rather we must shape the future of advanced telecommunications technology by supporting domestic innovation through meaningful investments, leveraging existing areas of U.S. strength, and bringing together like-minded allies and private sector expertise through a sustained effort over the course of decades, not months. A challenge of this magnitude requires a more ambitious response than traditional agency processes can support,” wrote the Senators.
A copy of the letter is available here.
Warner Requests Update on V-A, DoD Efforts to Protect Veterans & Servicemembers from Foreign Disinformation online
Nov 13 2019
WASHINGTON – U.S. Sen. Mark R. Warner (D-VA), Vice Chairman of the Senate Intelligence Committee, joined his Senate colleagues in requesting information from the U.S. Department of Veterans Affairs (VA) and the U.S. Department of Defense (DoD) on the agencies' efforts to educate veterans and servicemembers about online disinformation campaigns and other malign influence operations by Russian, Chinese, and other foreign entities. Today’s letters follow a two-year investigation by Vietnam Veterans of America (VVA) that documented persistent, pervasive, and coordinated online targeting of American servicemembers, veterans, and their families by foreign entities seeking to disrupt American democracy.
In particular, the VVA report found that the Russian Internet Research Agency (IRA) specifically targeted American veterans and the social media followers of several congressionally-chartered veterans service organizations during and after the 2016 election. The report also revealed that foreign entities are targeting servicemembers and veterans for the purpose of interference in the upcoming federal election.
Virginia is home to roughly 714,000 veterans, approximately 130,000 active duty servicemembers, and their families.
In their letter to VA Secretary Robert Wilkie, the Senators noted that while the VA has prioritized the security of its information systems and infrastructure – including veterans' personal information – the VA does not appear to have an established strategy for educating veterans about online disinformation efforts targeting them. The Senators urged Secretary Wilkie to consider implementing the VVA report's recommendations.
“While countering disinformation targeting veterans is not a core VA function, identifying these tactics helps improve veterans' cyber security and their ability to detect and avoid falling prey to scams and other forms of manipulation,” the Senators wrote in their letter to VA.
In their letter to Defense Secretary Mark Esper, the senators acknowledged DoD has worked to deter online disinformation and other malign influence campaigns by foreign adversaries, but they also called on the Department to implement VVA's recommendations, consistent with existing efforts to counter foreign malign influence operations.
“Malicious foreign actors are targeting servicemembers using disinformation through social media platforms and other online tools and ... countering foreign interference in American elections is critical to protecting the integrity of our democracy,” the Senators wrote in their letter to DoD.
The VVA report's recommendations for addressing online disinformation targeting servicemembers include directing DoD to “create a working group to study the security risks inherent in the use of common personal electronic devices and apps at home and abroad by servicemembers,” and to “direct commanders to include personal cybersecurity training and regular cyber-hygiene checks for all servicemembers.”
The report also recommended that the VA immediately develop plans to make the cyber-hygiene of veterans an urgent priority within the VA, and educate and train veterans on personal cyber security, “including how to identify instances of online manipulation.”
In addition to Sen. Warner, the letter was led by Sen. Elizabeth Warren (D-MA) and cosigned by Sens. Sherrod Brown (D-OH), Tammy Duckworth (D-IL), Richard Blumenthal (D-CT), Edward J. Markey (D-MA), Chris Van Hollen (D-MD), Richard Durbin (D-IL), Democratic Whip, Catherine Cortez Masto (D-NV), Tom Udall (D-NM), Bernie Sanders (I-VT), Tammy Baldwin (D-WI), Doug Jones (D-AL), Ron Wyden (D-OR), Robert Menendez (D-NJ), Ranking Member of the Senate Foreign Relations Committee, Mazie Hirono (D-HI), Kirsten Gillibrand (D-NY), Jack Reed (D-RI), Ranking Member of the Senate Armed Services Committee, Amy Klobuchar (D-MN), Ranking Member of the Senate Rules Committee, and Kamala Harris (D-CA).
Following Russia’s unprecedented use of social media to sow discord and influence the 2016 presidential elections, Sen. Warner wrote a social media white paper highlighting ways to protect users on social media against misinformation and disinformation campaigns. Sen. Warner has also written and introduced a series of bipartisan bills designed to protect consumers and reduce the power of giant social media platforms like Facebook. His work as Vice Chairman of the Senate Select Committee on Intelligence helped uncover Russia’s extensive efforts to exploit social media in the 2016 elections.
WASHINGTON – Today, U.S. Sens. Mark R. Warner (D-VA), Josh Hawley (R-MO) and Richard Blumenthal (D-CT) will introduce the Augmenting Compatibility and Competition by Enabling Service Switching (ACCESS) Act, bipartisan legislation that will encourage market-based competition to dominant social media platforms by requiring the largest companies to make user data portable – and their services interoperable – with other platforms, and to allow users to designate a trusted third-party service to manage their privacy and account settings, if they so choose.
“Social media has enormous benefits. But, as we've seen, the tremendous dominance of a handful of large platforms also has major downsides – including few options for consumers who want to use social media to connect with friends, store their photos or just watch cat videos, but who face a marketplace with just a few major players and little in the way of real competition,” said Sen. Warner, a former technology entrepreneur and venture capitalist. “As a former cell phone guy, I saw what a game-changer number portability was for that industry. By making it easier for social media users to easily move their data or to continue to communicate with their friends after switching platforms, startups will be able to compete on equal terms with the biggest social media companies. And empowering trusted custodial companies to step in on behalf of users to better manage their accounts across different platforms will help balance the playing field between consumers and companies. In other words – by enabling portability, interoperability, and delegatability, this bill will help put consumers in the driver’s seat when it comes to how and where they use social media.”
“Your data is your property. Period. Consumers should have the flexibility to choose new online platforms without artificial barriers to entry. This bill creates long-overdue requirements that will boost competition and give consumers the power to move their data from one service to another,” said Sen. Hawley.
“The exclusive dominance of Facebook and Google have crowded out the meaningful competition that is needed to protect online privacy and promote technological innovation. As we learned in the Microsoft antitrust case, interoperability and portability are powerful tools to restrain anti-competitive behaviors and promote innovative new companies. The bipartisan ACCESS Act would empower consumers to finally stand up to Big Tech and move their data to services that respect their rights,” said Sen. Blumenthal.
Online communications platforms have become vital to the economic and social fabric of the nation, but network effects and consumer lock-in have entrenched a select number of companies’ dominance in the digital market and enhanced their control over consumer data. The Augmenting Compatibility and Competition by Enabling Service Switching (ACCESS) Act would increase market competition, encourage innovation, and increase consumer choice by requiring large communications platforms (products or services with over 100 million monthly active users in the U.S.) to:
- Make their services interoperable with competing communications platforms.
- Permit users to easily port their personal data in a structured, commonly used and machine-readable format.
- Allow users to delegate trusted custodial services, which are required to act in a user’s best interests through a strong duty of care, with the task of managing their account settings, content, and online interactions.
“One very real nightmare scenario for the future of the internet is users facing a meaningless choice among a few fully-integrated silos of technology, and the end of independent innovation and creativity. We all need to prevent that from happening. This legislation could help us take a huge step forward towards a better internet future,” said Chris Riley, Director of Public Policy at the Mozilla Corporation.
“Markets work when consumers have a choice and know what's going on. The ACCESS Act is an important step toward reestablishing this dynamic in the market for tech services. We must get back to the conditions that make markets work: when consumers know what they give a firm and what they get in return; and if they don't like the deal, they can take their business elsewhere. By giving consumers the ability to delegate decisions to organizations working on their behalf, the ACCESS Act gives consumers some hope that they can understand what they are giving up and getting in the opaque world that the tech firms have created. By mandating portability, it also gives them a realistic option of switching to another provider,” said Paul Romer, New York University Professor of Economics and Nobel Prize winner in Economics.
“We’re thrilled to see a concrete legislative proposal to provide interoperability for consumers. Built on a solid foundation of privacy and security protections, interoperability enables users to communicate across networks promoting competition among social media platforms. Interoperability ensures that users benefit from increased competition, and it helps new competitors grow by reaching users that are locked-in to their current provider. Senator Warner’s interoperability bill lays out an excellent, practical framework for making interoperability a reality while preserving a role for states to go even further,” said Charlotte Slaiman, Senior Policy Counsel at Public Knowledge.
“All of us at USV believe in decentralized, emergent, market driven innovation. The shared communications infrastructure of the open Internet and a vibrant competitive market triggered the Cambrian explosion of new Web services we all now enjoy. But today, a small number of companies capitalize on their exclusive control over our data - the data we contribute as we interact with their services - to dominate markets, stifling competition and limiting consumer choice. While this is widely understood, most policy makers propose prescriptive regulation that would only further entrench the dominant platforms. The ACCESS Act targets the specific market failure - exclusive control over consumer data - that has led to the consolidation of market power on the Web. Ensuring that consumers have access to their data is an elegant way to restore competition without burdensome regulation,” said Brad Burnham, Partner and Co-Founder at Union Square Ventures.
Previously, Sens. Warner and Hawley have partnered on the DASHBOARD Act, legislation to require data harvesting companies such as social media platforms to disclose how they are monetizing consumer data, as well as the Do Not Track Act, which would allow users to opt out of non-essential data collection, modeled after the Federal Trade Commission’s (FTC) “Do Not Call” list.
WASHINGTON, D.C. – Today, Senate Select Committee on Intelligence Chairman Richard Burr (R-NC) and Vice Chairman Mark Warner (D-VA) released a new report titled, “Russia’s Use of Social Media.” It is the second volume released in the Committee’s bipartisan investigation into Russia’s attempts to interfere with the 2016 U.S. election.
The new report examines Russia’s efforts to use social media to sow societal discord and influence the outcome of the 2016 election, led by the Kremlin-backed Internet Research Agency (IRA). The analysis draws on data provided to the Committee by social media companies and input from a Technical Advisory Group comprising experts in social media network analysis, disinformation campaigns, and the technical analysis of complex data sets and images to discern the dissemination of disinformation across social media platforms.
Statement from Chairman Burr:
“Russia is waging an information warfare campaign against the U.S. that didn’t start and didn’t end with the 2016 election. Their goal is broader: to sow societal discord and erode public confidence in the machinery of government. By flooding social media with false reports, conspiracy theories, and trolls, and by exploiting existing divisions, Russia is trying to breed distrust of our democratic institutions and our fellow Americans. While Russia may have been the first to hone the modern disinformation tactics outlined in this report, other adversaries, including China, North Korea, and Iran, are following suit.
“Any solution has to balance America’s national security interests with our constitutionally-protected right to free speech. Social media companies, federal agencies, law enforcement, and Congress must work together to address these challenges, and I am grateful for the cooperation our Committee has gotten from both the Intelligence Community and the tech industry. My hope is that by continuing to shine a light on this issue, we will encourage more Americans to use social media responsibly, as discerning and informed consumers.”
Statement from Vice Chairman Warner:
“The bipartisan work that this Committee has done to uncover and detail the extent of that effort has significantly advanced the public’s understanding of how, in 2016, Russia took advantage of our openness and innovation, exploiting American-bred social media platforms to spread disinformation, divide the public, and undermine our democracy. Now, with the 2020 elections on the horizon, there’s no doubt that bad actors will continue to try to weaponize the scale and reach of social media platforms to erode public confidence and foster chaos. The Russian playbook is out in the open for other foreign and domestic adversaries to expand upon – and their techniques will only get more sophisticated.
“As was made clear in 2016, we cannot expect social media companies to take adequate precautions on their own. Congress must step up and establish guardrails to protect the integrity of our democracy. At minimum, we need to demand transparency around social media to prevent our adversaries from hiding in its shadows. We also need to give Americans more control over their data and how it’s used, and make sure that they know who’s really bankrolling the political ads coming across their screens. Additionally, we need to take measures to guarantee that companies are identifying inauthentic user accounts and pages, and appropriately handling defamatory or synthetic content. It’s our responsibility to listen to the warnings of our Intelligence Community and take steps to prevent future attacks from being waged on our own social media platforms.”
The Committee has held five open hearings on Russia’s use of social media, including a September 2018 open hearing with Facebook’s Chief Operating Officer Sheryl Sandberg and Twitter’s Chief Executive Officer Jack Dorsey. In December 2018, the Committee released two independent analyses of IRA activity, produced by New Knowledge and Graphika and the University of Oxford.
The Committee released the first volume of its Russia investigation in July 2019. You can read, “Volume I: Russian Efforts Against Election Infrastructure,” here.
You can read, “Volume II: Russia’s Use of Social Media,” here.
Key Findings and Recommendations:
- The Committee found that the IRA sought to influence the 2016 U.S. presidential election by harming Hillary Clinton’s chances of success and supporting Donald Trump at the direction of the Kremlin. The Committee found that IRA social media activity was overtly and almost invariably supportive of then-candidate Trump to the detriment of Secretary Clinton’s campaign.
- The Internet Research Agency’s (IRA) targeting of the 2016 U.S. election was part of a broader, sophisticated, and ongoing information warfare campaign designed to sow discord in American politics and society. While the IRA exploited election-related content, the majority of its operations focused on exacerbating existing tensions on socially divisive issues, including race, immigration, and Second Amendment rights.
- The Committee found the IRA targeted African-Americans more than any other group or demographic. Through individual posts, location targeting, Facebook pages, Instagram accounts, and Twitter trends, the IRA focused much of its efforts on stoking divisions around hot-button issues with racial undertones.
- The IRA engaged with unwitting Americans to further its reach beyond the digital realm and into real-world activities. For example, IRA operatives targeting African-Americans convinced individuals to sign petitions, share personal information, and teach self-defense courses. Posing as U.S. political activists, operatives sought help from the Trump Campaign to procure campaign materials and to organize and promote rallies.
- The Committee found IRA activity increased, rather than decreased, after Election Day 2016. Analysis of IRA-associated accounts shows a significant spike in activity after the election, increasing across Instagram (238 percent), Facebook (59 percent), Twitter (52 percent), and YouTube (84 percent). Researchers continue to uncover IRA-associated accounts that spread malicious content.
- The Committee recommends social media companies work to facilitate greater information sharing between the public and private sector. Because information warfare campaigns are waged across a variety of platforms, communication between individual companies, government authorities, and law enforcement is essential for fully assessing and responding to them. Additionally, social media companies do not consistently provide a notification or guidance to users who have been exposed to inauthentic accounts.
- The Committee recommends Congress consider ways to facilitate productive coordination and cooperation between social media companies and relevant government agencies. Congress should consider whether any existing laws may hinder cooperation and whether information sharing should be formalized. The Committee also recommends Congress consider legislation to ensure Americans know the source behind online political advertisements, similar to existing requirements for television, radio, and satellite ads.
- The Committee recommends the Executive Branch publicly reinforce the danger of attempted foreign interference in the 2020 election. The Executive Branch should establish an interagency task force to monitor foreign nations’ use of social media platforms for democratic interference and develop a deterrence framework. A public initiative to increase media literacy and a public service announcement (PSA) campaign could also help inform voters.
- The Committee recommends candidates, campaigns, and other public figures scrutinize sourcing before sharing or promoting new content within their social media network. All Americans should approach social media responsibly to prevent giving “greater reach to those who seek to do our country harm.” The Committee recommends that media organizations establish clear guidelines for using social media accounts as sources to prevent the spread of state-sponsored disinformation.
WASHINGTON – U.S. Sens. Mark R. Warner (D-VA), Vice Chairman of the Senate Select Committee on Intelligence, and Marco Rubio (R-FL), member of the Senate Select Committee on Intelligence, have expressed concern over the growing threat posed by deepfakes – sophisticated audio and video technologies that allow users to create fake audio and/or video files that falsely depict someone saying or doing something. In letters to 11 social media companies, including Facebook, Twitter, and YouTube, Sens. Warner and Rubio urged the platforms to develop industry standards for sharing, removing, archiving, and confronting the sharing of synthetic content as soon as possible, in light of foreign threats to the upcoming U.S. election. The letters also encouraged the platforms to develop clear policies to ensure their platforms are not exploited to spread disinformation or misinformation, including through authenticating media, labeling and archiving synthetic media content, and providing access to qualified outside researchers.
“As concerning as deepfakes and other multimedia manipulation techniques are for the subjects whose actions are falsely portrayed, deepfakes pose an especially grave threat to the public’s trust in the information it consumes; particularly images, and video and audio recordings posted online,” wrote the Senators. “If the public can no longer trust recorded events or images, it will have a corrosive impact on our democracy.”
“Despite numerous conversations, meetings, and public testimony acknowledging your responsibilities to the public, there has been limited progress in creating industry-wide standards on the pressing issue of deepfakes and synthetic media,” they continued. “Having a clear strategy and policy in place for authenticating media, and slowing the pace at which disinformation spreads, can help blunt some of these risks. Similarly, establishing clear policies for the labeling and archiving of synthetic media can aid digital media literacy efforts and assist researchers in tracking disinformation campaigns, particularly from foreign entities and governments seeking to undermine our democracy.”
Deepfake technologies allow users to superimpose existing images and videos onto unrelated images or videos, essentially giving users the ability to create false and defamatory content that can be easily spread on social media.
In their letters to Facebook, Twitter, YouTube, Reddit, LinkedIn, Tumblr, Snapchat, Imgur, TikTok, Pinterest, and Twitch, the Senators emphasized that more than two-thirds of Americans get their news from social media sites, and stressed that online media platforms must assume a heightened responsibility for safeguarding public confidence. They also posed the following series of questions about each company’s ability to prevent, detect, and address deepfakes and other synthetic media:
- What is your company’s current policy regarding whether users can post intentionally misleading, synthetic or fabricated media?
- Does your company currently have the technical ability to detect intentionally misleading or fabricated media, such as deepfakes? If so, how do you archive this problematic content for better re-identification in the future?
- Will your company make available archived fabricated media to qualified outside researchers working to develop new methods of tracking and identifying such content? If so, what partnerships does your company currently have in place? Will your company maintain a separate, publicly accessible archive for this content?
- If the victim of a possible deepfake informs you that a recording is intentionally misleading or fabricated, how will your company adjudicate those claims or notify other potential victims?
- If your company determines that a media file hosted by your company is intentionally misleading or fabricated, how will you make clear to users that you have either removed or replaced that problematic content?
- Given that deepfakes may attract views that could drive algorithmic promotion, how will your company and its algorithms respond to, and downplay, deepfakes posted on your platform?
- What is your company’s policy for dealing with the posting and promotion of media content that is wholly fabricated, such as untrue articles posing as real news, in an effort to mislead the public?
Warner Raises Questions about Cybersecurity Practices Amid Breaches Involving Sensitive Biometric Data
Sep 16 2019
WASHINGTON – Today, U.S. Sen. Mark R. Warner (D-VA), Vice Chairman of the Senate Intelligence Committee and former tech entrepreneur, wrote to U.S. Customs and Border Protection (CBP) and South Korean company Suprema HQ, following separate but alarming incidents that impacted both entities and exposed Americans’ personal, permanently identifiable data. In a letter to CBP, Sen. Warner inquired about the information security practices of CBP contractors, in light of a June cyberattack that resulted in the theft of tens of thousands of facial images belonging to U.S. travelers. In a separate letter, Sen. Warner requested more information from Suprema HQ, the company that owns web-based biometric lock system, Biostar 2, which experienced a cyber incident in August, resulting in the exposure of permanently identifiable biometric data belonging to at least one million people worldwide.
“While all of the stolen information was sensitive and required protection, facial image data is especially sensitive, since such permanent personal information cannot be replaced like a password or a license plate number,” wrote Sen. Warner to Acting CBP Commissioner Mark Morgan. “It is absolutely critical that federal agencies and industry improve their track records, especially when handling and processing biometric data. Americans deserve to have their sensitive information secured, regardless of whether it is being handled by a first or a third-party.”
In June, CBP announced the theft of at least 100,000 traveler ID photos from a CBP subcontractor that had improperly transferred copies of these photos from CBP servers to its own company database. In addition to facial images, the cyberattack resulted in the theft of several gigabytes of data, including license plate photos, confidential agreements, hardware blueprints for security systems, and budget spreadsheets.
In the letter to CBP, Sen. Warner expressed alarm regarding the failure of federal agencies to ensure that Americans’ sensitive information is safe in the hands of contractors. He also asked CBP to provide timely answers to a series of questions regarding the information security practices of CBP contractors and subcontractors. Among these questions, Sen. Warner requested details on CBP’s third-party contractual requirements concerning database encryption, biometric data management, vulnerability management, logging data retention, and identity and access management, among other security measures.
Similarly, in his letter to Suprema HQ, Sen. Warner raised concerns about the Biostar 2 incident, which exposed permanently identifiable biometric data, including user photos.
“Unlike passwords, email addresses and phone numbers, biometric information in voices, fingerprints, and eyes are unique data that are impossible to reset. Biometric data can be used effectively for unauthorized surveillance and access to secure facilities, to steal identities, and is even valuable in developing deepfake technologies,” wrote Sen. Warner to Suprema HQ CEO James Lee. “It is my understanding that your customers use your biometric security system to provide access to secure facilities, and that the product has also been integrated into Nedap’s AEOS access control systems, which are used by at least 5,700 organizations in 83 countries, including banks and foreign law enforcement entities. Given the sensitivity of this information, it is absolutely critical that companies like yours exercise exceptional due care when collecting and securing biometric information, and when contracting with customers that collect permanent personal information.”
The Biostar 2 breach resulted in the online exposure of more than one million fingerprint records, in addition to user images, personal details, usernames and passwords, and employee security clearances. The breach also revealed that large portions of the Biostar 2 database were unprotected and unencrypted. In the letter, Sen. Warner asked Suprema HQ to list which U.S. businesses are served by the company. He also requested more information on the company’s practices regarding server security, biometric data storage security, and database encryption.
Sen. Warner has been a champion for cybersecurity throughout his career, and has been an outspoken critic of poor cybersecurity practices that compromise Americans’ personal information. In May, Sen. Warner introduced bold legislation to hold credit reporting agencies accountable for data breaches. He also introduced legislation earlier this year to empower state and local government to counter cyberattacks, and to increase cybersecurity among public companies.
Warner Secures $15 Million for Unmanned Systems Integration Research at Virginia Tech Transportation Institute
Sep 11 2019
WASHINGTON – U.S. Sen. Mark R. Warner (D-VA) today announced that the Virginia Tech Transportation Institute (VTTI) in Blacksburg, Va. will receive $15 million in federal funding to support research on safe automated driving integration. The funding, from the United States Department of Transportation (DOT), follows aggressive advocacy by Sen. Warner, who personally pressed Transportation Secretary Elaine L. Chao to grant Virginia the maximum award possible to continue the Commonwealth’s leadership in the growing unmanned systems industry.
“I’ve long called for increased funding for unmanned systems research because I know that innovation and advancement in this field can boost U.S. competitiveness, increase efficiency, and ultimately, improve lives across the globe,” said Sen. Warner, a former technology entrepreneur. “With new technologies, and particularly with automated driving systems, it’s important to get safety right the first time. That’s why I’m so excited to announce that this federal funding will support VTTI in continuing to safely blaze the trail for the future of transportation.”
“New technologies like automated vehicles create exciting opportunities, as well as some challenges, and there is no better place to hone our understanding of these issues than the Virginia Tech Transportation Institute. From auto safety testing to road design to the incorporation of new technology into our transportation network, VTTI is the gold standard, and these grants will go toward research that will incur long-term benefits for the Commonwealth and beyond,” said U.S. Sen. Tim Kaine (D-VA).
“Receiving these prestigious awards from the U.S. Department of Transportation is an honor and fantastic for Virginia Tech and Virginia. Over the years, VTTI has established itself as a global leader for automated vehicle evaluation and development. We are very happy to take these important steps to move automated vehicles forward to save lives, improve mobility across the population, and reduce the impact of vehicle emissions,” said Tom Dingus, director of VTTI and endowed professor of biomedical engineering and mechanics at Virginia Tech.
The funding is comprised of two $7.5 million grants that will support two VTTI projects. One project will seek to define, develop, and demonstrate key dynamic scenarios and their potential solutions for safe interaction of vehicles equipped with automated driving systems in a Northern Virginia corridor optimized for vehicle automation. The other will seek to develop and demonstrate a Fleet Concept of Operations to provide the trucking industry with clear guidelines on how to safely implement, and benefit from trucks equipped with automated driving systems.
The grants were awarded through the Automated Driving System (ADS) Demonstration Grants program, which provides federal funding to demonstration projects that test the safe integration of automated driving systems into the Nation’s on-road transportation system. These grants aim to gather significant safety data to inform rulemaking, foster collaboration amongst state and local government and private partners, and test the safe integration of ADS on U.S. roads.
Sen. Warner has been a longtime advocate for research and investment in unmanned systems, including driverless cars, drones, and unmanned maritime vehicles. Last year, he helped ensure Virginia’s participation in the Federal Aviation Administration (FAA) Unmanned Aircraft Systems (UAS) Integration Pilot Program (IPP). He also introduced a successful bipartisan amendment to double funding for unmanned aircraft systems and introduced bipartisan legislation designed to advance the development of unmanned aircraft systems (UAS).
Last month, Sen. Warner joined local and industry leaders at Lonesome Pine Airport in Wise, Va. to unveil a sign marking the first FAA-approved unmanned aircraft system delivery in the United States in 2015.