Overnight Cybersecurity: Zuckerberg faces trial by fire | Intends to apologize before Congress for data leak | Encryption fight returns | Pompeo gets nomination hearing

View in your browser       Welcome to OVERNIGHT CYBERSECURITY, your daily rundown of the biggest news in the world of hacking and data privacy. We're here to connect the dots as leaders in government, policy and industry try to counter the rise in cyber threats. What lies ahead for Congress, the administration and the latest company under siege? Whether you're a consumer, a techie or a D.C. lifer, we're here to give you ...   THE BIG STORIES: --ZUCKERBERG SET FOR TRIAL BY FIRE: Facebook CEO Mark Zuckerberg is facing the biggest political test of his career as he prepares to testify in back-to-back congressional hearings on Tuesday and Wednesday. The stakes couldn't be higher for both Zuckerberg, 33, and his company, with the public and members of Congress demanding answers about Facebook's privacy practices in the wake of the Cambridge Analytica scandal. Lawmakers are likely to come armed with tough questions for Zuckerberg, whom they have long wanted to see in the hearing room. He has never before testified to Congress despite having run the social media giant for well over a decade. Experts who have coached individuals preparing for congressional testimony said that for Zuckerberg to walk away with minimal damage to Facebook's reputation and his own, he needs to accept that he can't try to beat lawmakers on their own turf. The key, they said, is for Zuckerberg to show remorse and let lawmakers have their say. "I think style and demeanor are very important. He's got to try to be authentic and humble and avoid any degree of arrogance and glibness," said Lanny Davis, an author, attorney and crisis communications expert. Zuckerberg has been forced reluctantly into the spotlight by the revelation that the data firm Cambridge Analytica, which did work for President Trump's campaign, obtained data on upwards of 87 million Facebook users in the United States without their consent. After he and other top Facebook officials were initially criticized for not publicly addressing the crisis, Zuckerberg and his allies have mounted a public relations offensive that has included several high-profile issues.  To read more of the hearing preview, click here   Dressing for the occasion... Zuckerberg was spotted on Capitol Hill Monday for meetings with senators in advance of the hearing, sporting a suit. President Trump's chief economic adviser earlier Monday mocked the Facebook chief's normally casual attire, advising him not to wear "hoodies and dungarees" before Congress.   --THE GAUNTLET: The Facebook CEO is slated to appear before the Senate Judiciary and Commerce Committees on Tuesday and the House Energy and Commerce Committee on Wednesday. The House panel released his prepared remarks early on Monday, revealing that Zuckerberg will apologize for the Cambridge Analytica controversy. In the prepared testimony, the Facebook CEO says that the company did not fully realize its responsibility to users when it comes to privacy or disinformation campaigns on its platform. "We didn't take a broad enough view of our responsibility, and that was a big mistake," Zuckerberg plans to say during the Wednesday hearing before the panel. "It was my mistake, and I'm sorry. I started Facebook, I run it, and I'm responsible for what happens here." Zuckerberg will also promise to lawmakers a full audit of Cambridge's handling of that data. Facebook has said that it received assurances in 2015 that the trove was destroyed, and Cambridge has denied any wrongdoing and said that the information was not used to aid Trump's campaign. The Facebook founder will also discuss the changes the company is making to crack down on abuse of user data and to increase transparency about its data practices. But he'll also be defending the platform amid mounting questions about its business model, which critics say exploits users' personal information to generate ad revenue.   --WHAT ELSE WE KNOW: The prepared remarks also indicate that Zuckerberg will reveal that Facebook shut down accounts linked to hackers widely believed to be operating on the Russian government's behalf before the 2016 presidential election. In summer 2016, Facebook identified accounts linked to APT 28, a cyber espionage group also known as "Fancy Bear" that the U.S. intelligence community and some private security firms have linked to Russian military intelligence or the Russian government. Zuckerberg will testify that the accounts "created fake personas that were used to seed stolen information to journalists" under the name of DCLeaks, in reference to the website that published hacked emails from the Democratic National Committee (DNC) in summer 2016. "We shut these accounts down for violating our policies," Zuckerberg will say. The U.S. intelligence community has accused the GRU, Russia's military intelligence arm, of using DCLeaks, the Guccifer 2.0 persona, and WikiLeaks to release hacked Democratic emails in the months leading up to the election. To read more about Zuckerberg's prepared remarks, click here and here, and keep an eye out for our live blog on Tuesday.     A LEGISLATIVE UPDATE:  THE ENCRYPTION FIGHT IS BACK. The debate around encryption is poised to heat up in Washington. Administration officials and lawmakers are taking another crack at resolving the "going dark" problem and finding a way to give law enforcement access to encrypted communications in criminal investigations. The Trump administration is said to be meeting with security researchers on the potential for a technical fix that would allow law enforcement access in some cases to encrypted devices. Officials are also mulling whether to ask Congress for legislation that would require tech companies to build such tools -- which critics call "back doors" -- into their devices, according to The New York Times. Separately, Senate Judiciary Committee staffers have been engaging with technology industry representatives on the issue of encryption in recent weeks, sources say, an early sign that new legislation could be forthcoming. The issue has long been a source of tension between law enforcement and the tech community, culminating in a public tug of war between the FBI and Apple in 2016 over access to an iPhone belonging to one of the San Bernardino terror attack suspects. At the time, President Trump, then a candidate, sided with the FBI. Apple fought an order to help provide access to the device, and the FBI eventually paid a third-party firm $900,000 to hack into the phone. The issue has re-emerged in recent months, as Justice Department and FBI officials have stepped up their public rhetoric about the challenge posed by encryption. They often emphasize that the bureau was unable to access thousands of devices last year despite having court orders. "Being unable to access nearly 7,800 devices is a major public safety issue," FBI Director Christopher Wray said during remarks at Boston College on March 7. The officials' public appeals are attracting attention in the Senate, where staffers of Sens. Chuck Grassley (R-Iowa) and Dianne Feinstein (D-Calif.), the leaders of the Senate Judiciary Committee, have begun meeting with tech lobbyists and others on the issue of encryption, sources say. According to CyberScoop, which first reported on the discussions Tuesday, there have also been internal discussions about potential encryption legislation at various federal departments, including Justice, Commerce, Homeland Security, and the National Security Agency. Sources with knowledge of the recent Senate discussions say the efforts are in the very early stages, and there is no clear picture of what legislation would look like. A spokeswoman for Feinstein referred The Hill to Grassley's office. His spokesman declined to confirm the discussions. Manhattan District Attorney Cyrus Vance, who has advocated for legislation that would force tech companies to make their devices accessible to law enforcement agencies pursuant to a warrant, also recently met with Senate staffers on encryption, the Feinstein spokeswoman confirmed. Vance's office declined to comment on Friday. To read more from our piece, click here.   A REPORT IN FOCUS: Roughly two-thirds of links to popular websites shared on Twitter are posted by automated accounts or "bots," according to research released by the Pew Research Center on Monday. The study also found that a small group of "highly active" bot accounts are responsible for a large share of the links to popular sites shared on Twitter. Specifically, Pew researchers discovered that 500 of the most active accounts believed to be bots are responsible for nearly a quarter of the links shared on Twitter.   Political bias? The study did not conclude that bot accounts show a particular political bias in their sharing of news outlets overall. Specifically, the researchers found that, when analyzing the news sites producing political material, bots share 44 percent of links to sites primarily shared by liberal users, and 41 percent of links to those primarily shared by conservatives. To read more of the key takeaways from Pew, click here.   A LIGHTER CLICK:  A new set of wheels: Uber acquires a bike-share startup. (The Verge)   WHO'S IN THE SPOTLIGHT:  MIKE POMPEO: CIA Director Mike Pompeo will appear before a key Senate panel in the coming week as part of his nomination to be secretary of State. Sen. Bob Corker (R-Tenn.), the chairman of the Foreign Relations Committee, announced that he will hold a hearing on Thursday. The hearing is a first step in the Senate's consideration of Pompeo's nomination to the position. Pompeo met with Corker before Congress left for a two-week break. Several aides for Democratic members of the committee told The Hill on Friday that their bosses are scheduled to meet with him this week. Pompeo was expected to get a hearing this month. Corker said immediately following Pompeo's nomination that the two had a "very good conversation" and the committee would "consider his nomination as expeditiously as possible." Sen. Rand Paul (R-Ky.) has already said he will oppose Pompeo's nomination, complicating his path to a Senate floor vote. Republicans have a one-seat advantage on the panel. If every Democrat opposes him, it would result in a 10-11 vote.   Pompeo is likely to face a wide range of questions when he appears before the panel, including those related to former Secretary of State Rex Tillerson's controversial reorganization plan. Among the most criticized facets of the plan was Tillerson's decision to shutter the State Department's cybersecurity coordinator office. It is unclear to what extent Pompeo will continue with the reorganization should he be confirmed.  To read more, click here.   IN CASE YOU MISSED IT: Links from our blog, The Hill, and around the Web. Feds charge Backpage execs with promoting prostitution, money laundering. (The Hill)  Trump administration slaps sanctions on Russian oligarchs. (The Hill) Facebook launches project to study social media's impact on elections. (The Hill) OP-ED: Like the early web, cryptocurrency represents big risks and major opportunities. (The Hill) '60 Minutes' aired an in-depth report on Russia's efforts to target states ahead of the 2016 election. (CBS) Official says that Arizona's election database was not targeted by Russian hackers, but rather criminals. (Reuters) Consumer groups accuse YouTube of improperly collection data on children. (New York Times) Army, Navy to deploy cyber mission teams early. (Federal News Radio) Iran was hit with a cyberattack that warned against messing with elections. (Reuters) The Internet of Things (IoT) faces a slew of threats. (Wired) If you'd like to receive our newsletter in your inbox, please sign up here.           Did a friend forward you this email? Sign up for Cybersecurity Newsletters     Forward Cybersecurity Newsletters       Privacy Policy  |  Manage Subscriptions  |  Unsubscribe  |  Email to a friend  |  Sign Up for Other Newsletters   The Hill 1625 K Street, NW 9th Floor, Washington DC 20006 ©2016 Capitol Hill Publishing Corp., a subsidiary of News Communications, Inc.