WASHINGTON, January 24, 2020 – Panelists at a Next Century Cities event on Thursday clashed on the appropriate federal role in the regulation of digital privacy, but generally agreed on the importance of minimizing algorithmic bias in targeting a particular racial or ethnic group.
The panel began with a spirited debate on who should take the lead on protecting Americans’ digital privacy.
One of two moderators, former National Telecommunications and Information Administrator David Redl (now president of Salt Point Strategies), said California had set the standard for other states in passing the most sweeping legislation on data privacy. The law went into effect on January 1, 2020.
Laura Moy, executive director of Georgetown Law’s Center on Privacy and Technology, pushed back against the premise that California is an appropriate leader in data privacy. She said that the California law did not go far enough. Moy argued for a blend of federal legislation while also granting cities the flexibility to deal with local issues as they arise.
A moderator then asked the panel whether the federal government has the expertise to deal with the issue. Noting that only 40 to 50 staff employees at the Federal Trade Commission deal with this issue, the moderator emphasized that the agency was not equipped to deal with the significant issue of data privacy.
Tom Lenard, senior fellow of the Technology Policy Institute, countered that the FTC would be the most expert entity in the country to address privacy. Moy, by contrast, argued that the average citizen would know best how to handle their data if empowered by greater disclosure and knowledge.
Sean Perryman of the Internet Association referenced the FTC’s fumbling of the Equifax credit score data breach, and argued that the FTC was inadequate to address privacy issues.
The conversation shifted to the issue of discrimination in algorithmic targeting, particularly in regard to cities’ role in banning facial recognition.
K.J. Bagchi, senior counsel of Asian Americans Advancing Justice, criticized the inclusion of civil rights language in data privacy legislation.
The country needed to have algorithmic accountability and zero detection of bias, he said.
Lenard referenced an MIT study demonstrating that discriminatory advertising could happen even when advertisers have not programmed a specific demographic. Therefore, we would need more proactive measures to get at the root of discriminatory AI, he said.
The panel concluded by considering the most significant privacy issues over the next two years, particularly during the course of the 2020 Census and the inauguration of a president on January 20, 2021.
Jeremy Greenberg, policy fellow at Future of Privacy Forum, suggested deidentification, Lenard highlighted the role of platforms in upgrading privacy, Moy answered discrimination, and Bagchi alluded to transparency. Perryman mentioned equity.
Private Sector Falling Behind on Information Sharing During Cyberattacks, Says Comcast Rep
Comcast’s Noopur Davis says cyber attackers share information better than the private sector.
ASPEN, Colorado, August 23 — In the wake of an influx of ransomware attacks on critical infrastructure and cyberattacks on private carriers, entities across the technology industry are revaluating their strategies and how they share information to prevent such acts.
T-Mobile announced on August 15 that as many as 50 million consumers had their private data compromised during a data breach. Days later, on August 17, as part of Technology Policy Institute’s 2021 Aspen Forum, Noopur Davis, Chief Product and Information Officer at Comcast Cable, sat down for a fireside chat to discuss what the industry was doing to address this event and events like it.
Join in Broadband Breakfast Live Online’s Discussion on “Cybersecurity: Reviewing the Biden Administration’s Executive Order,” on Wednesday, August 25, 2021, at 12 Noon ET.
When Davis was asked how she felt about the current state of cybersecurity, she said it was okay, but that the telecom community at large would have to do more.
She referenced the mean time of comfort—that is, the average duration between the time that a service becomes connected to the internet and when it is targeted by bad actors. While in the early days of the internet cybersecurity experts could expect to have significant mean times of comfort, she stated that this is no longer the case.
“The second you connect [to the internet] you are attacked,” she said.
As soon as a successful breach is recognized, Davis explained that the target companies begin to revaluate their “TTP,” or tactics, techniques, and procedures.
Information sharing is crucial
Though one company may find a remedy to their breach, other companies may remain vulnerable. To combat this, Davis said that it is critical for companies to share information quickly with their counterparts, but she indicated that this is a race that the private sector is currently losing.
“[Attackers] share information better than [the private industry does].”
She went further, revealing that there is now a sophisticated market for malware as a service, where various platforms publish reviews for their products and services and even offer tech support to those struggling to get the most out of their purchases.
Growing market for hacking tools
She pointed to the Colonial Pipeline attack as an example where hackers did not even create the malware themselves—they just purchased it from a provider online. She explained that this marketplace has significantly lowered the barriers of entry and deskilled the activity for would be attackers, and that theoretically anyone could engage in such nefarious acts today.
Though Davis was in favor of collaboration between companies to address these attacks, she made it clear that this would not mean that responses and capabilities would become standardized, and that every company would maintain their own unique strategies to ensure that their services and data remain uncompromised.
Associations Press FCC to Keep Robocall Extension for Facilities-Based Carriers
Organizations say preponderance of illegal calls don’t come from facilities-based providers.
August 11, 2021 – In submissions to the Federal Communications Commission on Monday, associations representing smaller telecom are asking the agency to keep an extension specifically for facilities-based carriers to comply with new robocall rules.
In May, the FCC voted to push up by a year, from 2023 to 2022, the deadline for small carriers to comply with the STIR/SHAKEN regime, which requires telephone service providers to put in place measures – including analytics services to vet calls – to drastically reduce the frequency of scam, illegal robocalls, and ID spoofing that misleads Americans to believe the call is legitimate. Large carriers, however, had a deadline of June 30 this year.
But in submissions to the FCC this week, the Competitive Carriers Association, NTCA, and USTelecom said the preponderance of illegal robocalls come from smaller providers – those with fewer than 100,000 lines – that don’t have networks and, because of that, facilities-based carriers should have the additional year to comply with the rules, which is reportedly a highly technical and complex endeavor.
To appreciate the effort, providers must tag or label all calls on their network, using analytics tools, to ensure that the calls are legitimate. All illegitimate calls must be tagged as potential spam or blocked completely. Even still, the possibility of “false positives” can occur. Failure to comply with the rules could result in hefty penalties.
‘Good faith’ actors shouldn’t be penalized
“Commenters recognize as well that care must be taken to correctly identify this group of small providers in a surgical and precise manner that does not sweep in innocent actors and compel them to adopt this standard on a timeframe they had neither anticipated nor budgeted for,” the NTCA said in its submission to the FCC on Monday.
“A more targeted and effective way of capturing the parties that prompted these proposals can be found in the record – specifically, the Commission should require operators that are not ‘facilities-based’ voice providers…to adopt STIR/SHAKEN on a more accelerated timeframe,” the NTCA continued.
Burden of proof on non-facilities providers to show need for extension
USTelecom, however, added that the non-facilities-based providers – which generally originate calls over the public internet – should be able to request the full two-year extension, but they must show why they need it.
“It’s also critical that they are required to explain in detail and specificity why their robocall mitigation plans are sufficient to protect consumers and other voice service providers from illegal and unwanted robocalls,” USTelecom said in its Monday submission.
“Such a requirement would offer the right balance between affording non-facilities-based small providers the opportunity for the full extension if truly needed, but without creating an opportunity for the small VoIP providers responsible for illegal robocalls to abuse the process in order to continue to send unsigned illegal traffic downstream to the detriment of other providers and consumers,” USTelecom added.
FCC Proposes Measures to Limit Unwanted Access to Numbers, Protect Against Foreign Entities
The agency proposed rules for public comment on that would further restrict illegal use of numbering resources.
August 9, 2021 – The Federal Communications Commission is seeking comment on proposed rules that it expects will reduce access to phone numbers by those running illegal robocalls and to further enhance public safety by adding transparency measures on foreign providers.
At the August Open Meeting on Thursday, the FCC said it is proposing to require voice-over-internet protocol providers to abide by the new robocalling regime, which requires voice service providers to put in place measures to limit spam calls and ID masking or face severe penalties.
To block calls, voice providers must first gather analytics on the origins of the call and essentially tag its authenticity before its routed.
As of the June 30 deadline, all major U.S. phone companies use caller ID authentication system to label calls as part of the regime, known as STIR/SHAKEN. This allows for end-to-end phone calls to be verified with a now common digital tool. AT&T said in June that is it now labelling over one billion calls a month.
Last week’s meeting also yielded other proposals to safeguard limited numbering resources, “protect against national security risks…and further promote public safety” by adding a layer of oversight at the executive branch level to vet those outside the United States trying to access numbering resources. That includes requiring applicants disclose foreign ownership information.
This would add to the federal government’s approach to protecting national security from foreign entities perceived as threats to the country, including legislation introduced recently that would prevent the FCC from approving those companies with ties to the Chinese communist party.
- TPRC Conference to Discuss Definition of Section 230, Broadband, Spectrum and China
- Repealing Section 230 Would be Harmful to the Internet As We Know It, Experts Agree
- Amy Klobuchar Reiterates Need for Funding Agencies to Handle Big Tech
- Technology Policy Institute Introduces Data Index to Help Identify Connectivity-Deprived Areas
- AT&T’s Opens Learning Center in Dallas, Parallel Wireless Expands, AT&T 5G Experiment for National Defense
- Topic 2 at Digital Infrastructure Investment 2021: Last Mile Digital Infrastructure
Signup for Broadband Breakfast
Broadband Roundup1 month ago
Senators Intro App Bill, Groups Drop TracFone Buy Complaint, States Want Shorter Robocall Deadline
Infrastructure3 months ago
AT&T CEO Says $60-$80 Billion in Federal Dollars Should Suffice to Bridge Digital Divide
Infrastructure2 months ago
Lumen Responds to Allegations it Underbuilds While Collecting Public Funds
#broadbandlive4 months ago
Broadband Breakfast Live Online Wednesday June 2, 2021 — Rural Roll-Ups: Has the Rural Digital Opportunity Fund Accelerated Mergers & Acquisitions?
Antitrust3 months ago
Experts Disagree Over Need, Feasibility of Global Standards for Antitrust Rules
Broadband Roundup4 months ago
AT&T Phasing Out 3G, Iowa Expands Broadband Funding, NY Mayor Drags Kids Back To School
Artificial Intelligence4 months ago
Deepfakes Could Pose A Threat to National Security, But Experts Are Split On How To Handle It
Broadband Roundup3 weeks ago
Mapping Comment Deadline Extended, AT&T Gets Federal Contract, 5G and LTE Drive Microwave Demand