Hillicon Valley: NSA deletes call records | Tinder swipes right for encryption | Mueller seeks new delay in Flynn sentencing

2018年6月29日星期五

Hillicon Valley: NSA deletes call records | Tinder swipes right for encryption | Mueller seeks new delay in Flynn sentencing

Welcome to Hillicon Valley, The Hill's newsletter detailing all you need to know about the tech and cyber news from Capitol Hill to Silicon Valley.

Follow the cyber team, Olivia Beavers (@olivia_beavers) and Morgan Chalfant (@mchalfant16), and the tech team, Harper Neidig (@hneidig) and Ali Breland (@alibreland).

NSA DELETES CALL RECORDS: The National Security Agency (NSA) is deleting years worth of call records collected for foreign intelligence purposes, saying that "technical irregularities" resulted in the spy agency collecting data it was not authorized to receive.

The NSA issued a statement Thursday revealing that the spy agency started deleting all so-called call detail records (CDRs) collected since 2015 in May of this year. CDRs are obtained from telecommunications providers and contain the numbers and time and duration of phone calls, not the content of the calls themselves. The NSA is authorized to collect the data under the Foreign Intelligence Surveillance Act.

"NSA is deleting the CDRs because several months ago NSA analysts noted technical irregularities in some data received from telecommunications service providers," NSA said. "These irregularities also resulted in the production to NSA of some CDRs that NSA was not authorized to receive."

The revelation comes after an annual transparency report issued by the director of national intelligence (DNI) showed that the NSA collected well over 500 million U.S. call detail records in 2017 -- more than three times the number gathered the previous year.

The NSA said that it is deleting all CDRs gathered since 2015 because it was "infeasible" for the agency to isolate the data it was authorized to receive from the rest of it. The NSA said it notified relevant oversight committees in Congress, as well as the Department of Justice and the independent Privacy and Civil Liberties Oversight Board, of the decision.

The transparency report issued in early May showed that the NSA collected 534 million U.S. call records in 2017, well over the 151 million received in 2016.

At the time, a DNI spokesman said the agency expects the figure to "fluctuate from year to year." A number of factors could influence the number received -- including the number of court-approved selection terms used by a given target and "the dynamics of the ever-changing telecommunications sector."

TINDER SWIPES RIGHT FOR ENCRYPTION: Tinder, the popular online dating application, says it is taking steps to better secure the privacy of its users by encrypting some of its data.

Match Group Inc., the company that operates Tinder, told Sen. Ron Wyden (D-Ore.) in a letter dated Wednesday that its swiping data and images on the application are better protected against malicious hackers looking to access such information.

"We take the security and privacy of our users seriously and employ a network of tools and systems to protect the integrity of our platform, including encryption," wrote Jared Sine, general counsel for Match Group.

The company said on June 19 they padded their swipe data so that "all actions are now the same size" and as of early February, "the images transmitted between the Tinder app and servers are now fully encrypted."

These measures will help prevent hackers from viewing the same photos a Tinder user may be seeing if they were operating their devices on the same wi-fi network -- a vulnerability that cybersecurity researchers first warned about in January.

"As you can imagine, in an effort to avoid tipping off would-be-attackers, we do not publicly disclose our specific security tools or processes or enhancements we implement. But, please know that we are continually working to stop cyber threats and attackers," Sine wrote to Wyden.

STRZOK LAWYER DEMANDS RELEASE OF INTERVIEW TRANSCRIPTS: The lawyer for FBI counterintelligence agent Peter Strzok is calling on the House Judiciary Committee to release the transcript from his recent closed-door testimony before the panel, claiming Republican lawmakers are disseminating false information about his interview.

"We ask again that the Committee release the full, unclassified transcript instead of leaking selective excerpts designed to further a partisan agenda," Strzok's attorney, Aitan Goelman, said in a statement late Thursday.

Strzok has faced a barrage of attacks from President Trump and conservatives after an internal investigation revealed he had been sending messages critical of the then-Republican candidate during the 2016 presidential race to FBI lawyer Lisa Page.

The Judiciary Committee, teeming with some of the fiercest critics of the FBI and Department of Justice (DOJ), grilled Strzok for a grueling 11-hours on Wednesday.

His voluntary testimony came one day before Deputy Attorney General Rod Rosenstein, the top DOJ official overseeing special counsel Robert Mueller's Russia probe, joined FBI Director Christopher Wray in testifying before the committee on FBI and DOJ decisionmaking during the 2016 election. Rosenstein's appearance proved to be an opportunity for GOP lawmakers to press the No. 2 DOJ official about his knowledge of Strzok's conduct, a move that was met with opposition from Strzok's attorney as well as Judiciary Democrats.

"While the Committee chose to hold its hearing behind closed doors and deemed the transcript 'confidential,' it's clear that information (some of which is demonstrably false) is being disclosed by Republican Congressmen in open meetings and shared with the President and his allies," according to the email accompanying Goelman's statement. Read more here.

INVESTIGATE! Rep. Debbie Dingell (D-Mich.) is urging the Federal Communications Commission and the Federal Trade Commission to investigate whether other data collectors "improperly collected and shared" U.S. consumers' viewing and other information with Cambridge Analytica, the data mining firm which improperly obtained data on millions of Facebook users without their knowledge.

Dingell had previously pressed FCC Chairman Ajit Pai on the issue, citing a 2016 interview in which a former employee said the company purchased consumers' viewing data. In response, Pai said it would be appropriate for the FTC to investigate the matter.

In a letter sent this week and released Friday, the Democratic congresswoman signaled she was unsatisfied by his response.

"Your April 27, 2018 response to my inquiry regarding the collection and use of consumers' television viewing information by the data analysis firm Cambridge Analytica raises more questions than answers," Dingell wrote Thursday. "The FCC has clear authority and a responsibility to protect the viewing data of cable and satellite television subscribers. Your punting this matter to the FTC raises questions as to whether the FCC takes seriously its obligation to aggressively and effectively to protect consumer privacy."

In a separate letter to FTC Chairman Joseph Simons, Dingell urged him to investigate the issue.

A LIGHTER TWITTER CLICK: Some people can't seem to get their minds out of the gutter.

ON TAP FOR NEXT WEEK

RECESS: The House and Senate are out. Go read that book you've been meaning to get to or pay a trip to that museum you've been wanting to visit. Just kidding, there are no quiet weeks these days.

NOTABLE LINKS FROM AROUND THE WEB:

Teens are being groomed to become the next 'Cyber Patriots.' (NBC's Today)

Why the term 'hacker' should be redefined. (Motherboard)

Sex workers are leaving Twitter. (Deutsche Welle)

Researchers are working to synchronize computers to the nanosecond. (The New York Times)

A prankster was patched through to President Trump while aboard Air Force One. (Axios)