More than 25 groups, including privacy advocates, wrote to House leadership and Appropriations Committee and Defense Appropriations Subcommittee leaders Wednesday urging them to support an amendment to the Department of Defense Appropriations Act of 2016 (HR-2685) offered by Reps. Zoe Lofgren, D-Calif., and Thomas Massie, R-Ky. The amendment would “defund warrantless government searches of the database of information collected under Section 702 of the Foreign Intelligence Surveillance Act of 1978 using U.S. person identifiers, absent certain circumstances,” the letter said. The amendment would also “prohibit the use of appropriated funds to require or request that United States persons and entities build security vulnerabilities into their products or services in order to facilitate government surveillance, except as provided for by the Communications Assistance for Law Enforcement Act,” the groups said. The amendment proposed this year is “identical to the Massie-Lofgren amendment that passed the House of Representatives by an overwhelming 293-vote majority in 2014, although it was not included in the omnibus appropriations bill that ultimately was enacted into law,” the letter said. Groups that signed the letter include the Center for Democracy & Technology, New America’s Open Technology Institute, Restore the Fourth, Sunlight Foundation and TechFreedom.

As of Wednesday, Twitter lets users share block lists with others, allowing a user to block multiple accounts in an easy, fast and community-driven way, User Safety Engineer Xiaoyun Zhang wrote in a blog post Wednesday. The new feature comes as Twitter recognizes some users experience “high volumes of unwanted interactions on Twitter” and require more sophisticated tools than individually muting and blocking other users, Zhang wrote. With the new feature, a user can export and share a block list with those facing similar issues or import another user’s block list to block multiple accounts at once. Twitter hopes these “advanced blocking tools will prove useful to the developer community to further improve users’ experience,” said Zhang. “This feature is yet another step towards making Twitter safer for everyone and will be available to some of our users starting [Wednesday] and all users in the coming weeks.”

Two items topping the agenda for Thursday’s NTIA facial recognition multistakeholder meeting are whether a facial recognition software code should include an exception from user consent or withdrawal requirements for facial recognition technology that involve anti-fraud, loss prevention and related goals, and the importance of deciding on a “default condition” for user control requirements, NTIA Director-Privacy Initiatives John Verdi emailed stakeholders Tuesday. The matters were raised at NTIA’s facial recognition meeting in December (see 1412150064), but weren't resolved, Verdi said. “If the group can reach consensus on an approach to these issues, I’ve set aside time to discuss issues related to access, accuracy and audit trails.” Questions stakeholders will consider include: whether users have the right to audit how an entity uses facial recognition data and whether they can access the type and accuracy of that data; whether an entity should track how facial recognition data is used; how individuals can correct false negatives or false positives; how individuals can seek corrections from commercial entities; who's responsible for handling such matters; and whether the purpose of the technology is being used should be a factor in determining if an individual has access to the data, said the agenda. “The group will draft text concerning these issues if possible, and identify drafters to wordsmith text if drafting with the full group proves unwieldy,” Verdi said. “We will close with a brief discussion of logistics for future work and meetings” in July, September, October and November, he said. The meeting is 1-5 p.m. at the American Institute of Architects, 1735 New York Ave. NW. The meeting will also be webcast.

Following spying concerns that emerged after former National Security Agency contractor Edward Snowden “revealed extensive U.S. government surveillance,” the U.S. tech industry as a whole underperformed, resulting in an economic impact far greater than the Information Technology & Innovation Foundation's initial $35 billion estimate, ITIF said in a news release Tuesday. That affected the cloud computing sector and the industry as a whole, ITIF said. In a report released Tuesday, ITIF cataloged a “wide range of specific examples of the economic harm that has been done to U.S. businesses as a result of unreformed government surveillance practices,” and “proposes a series of reforms designed to improve security, protect transparency, and increase cooperation and accountability in the global technology ecosystem,” the release said. “The U.S. government’s failure to meaningfully reform its surveillance practices has taken a serious economic toll on the U.S. tech sector and the total cost continues to grow each day,” said ITIF Vice President Daniel Castro, who co-wrote the report. “Foreign customers are increasingly shunning U.S. companies, and governments around the world are using U.S. surveillance as an excuse to enact a new wave of protectionist policies,” which is bad for U.S. companies, workers and the economy as a whole, Castro said. “Now that Congress has passed the USA Freedom Act, it is imperative that it turn its attention to reforming the digital surveillance activities that continue to impact our nation’s competitiveness,” he said. In its report, ITIF recommended policymakers “level the playing field for the U.S. tech sector” by implementing reforms like transparency about surveillance practices, opposing government efforts to weaken encryption or place backdoors in software, strengthening mutual legal assistance treaties with other nations, and combating anti-competitive practices by other nations, the release said. “Congress must decide how many American jobs it is willing to sacrifice in pursuit of intelligence gathering and find a better balance between economic interests and national security interests,” Castro said.

The Information Technology Industry Council and Software & Information Industry Association wrote President Barack Obama Monday opposing “any policy actions or measures” by the federal government that would undermine encryption technologies, said an ITI and SIIA news release Tuesday. Citing the role encryption technology plays in protecting consumers’ privacy and data security, ITI and SIIA asked Obama in their letter to work with the tech industry to “find a pathway forward that ‘preserves security, privacy, and innovation,'” the release said. Policies that mandate weakened encryption standards to allow for government access are impractical and “compromise the security” of technology products and services, “rendering them more vulnerable to attacks,” the letter said. Consumer trust would be eroded, it said. “The U.S. policy position on encryption will send a signal to the rest of the world,” the letter said. “Should the U.S. government require companies to weaken encryption technology, such requirements will legitimize similar efforts by foreign governments,” which would “threaten the global marketplace as well as deprive individuals of certain liberties,” the letter said. ITI and SIIA recognize the issue of encryption is “extremely complex” and has implications domestically and internationally, the letter said. The release said they seek an open dialogue with the administration on encryption policies.

The Department of Homeland Security Science and Technology Directorate (S&T) Cyber Security Division has made it a top priority to develop tools to prevent criminals from using malicious software and is ready to demonstrate its new malware detection technologies at the Transition to Practice Technology Demonstration Day for Investors, Integrators and IT Companies in Santa Clara, California, Tuesday, an S&T blog post said. One of the technologies S&T developed is the Federated Malware Analysis System (FMAS), which is a CSD-funded technology that counters the strengths of a malware attacker by clustering malware behaviors into “families” so it’s easier to detect, the post said. “Our aim is to work with our private sector partners to protect the nation’s critical infrastructure systems and commercial marketplace,” S&T Cyber Security Division Director Douglas Maughan said. “Showcasing and, most importantly, transitioning these technologies into the commercial market will be impactful to all organizations engaged in securing cyberspace and protecting various organizations such as government, public utilities and healthcare,” Maughan said. “We know these solutions can impact the cyber landscape that the Department is working to protect,” said S&T Cyber Security Division Transition to Practice Program Manager Michael Pozmantier.

Two years ago, on June 5, National Security Agency contractor Edward Snowden’s revelations about the agency's bulk data collection program were reported in The Guardian. In an email sent out on behalf of the American Civil Liberties Union Friday, Snowden said there has been much progress on privacy in the past two years, but “the right to privacy remains under attack.” Surveillance of private phone calls under the Patriot Act is ending, but many other programs have yet to be revised, Snowden said. “We needed to push back and challenge the lawmakers who defend these programs,” because a “vote in favor of mass surveillance is a vote in favor of illegal and ineffective violations of the right to privacy for all Americans,” he said. “As I said on Reddit last month, arguing that you don’t care about the right to privacy because you have nothing to hide is no different than saying you don’t care about free speech because you have nothing to say.”

“Bottom line is that the USA Freedom Act protects Americans’ civil liberties and enhances our national security,” said House Judiciary Committee Chairman Bob Goodlatte, R-Va., in a column on his website Friday. “In addition to ending the bulk collection of data by the federal government, the USA Freedom Act increases the transparency of the government’s intelligence-gathering programs by making more information available to the American public,” Goodlatte said. “It requires the declassification of all significant court opinions, mandates the Attorney General and the Director of National Intelligence provide the public with detailed information about how they use national security authorities, and provides technology companies with a range of options for describing how they respond to national security orders,” he said. “While this new law preserves key intelligence-gathering authorities, it replaces the NSA’s current, unlawful program with a new, targeted call detail records program." USA Freedom doesn’t stop the bulk collection of phone or email content authorized under Section 702 of the Foreign Intelligence Surveillance Act (FISA) or fiber taps authorized by executive order 12333, former NSA intelligence official-turned-whistleblower William Binney told us. There are 80 to 100 taps on fiber cables in the lower 48 states and they're not solely along the coasts, so they can’t be just for foreigners, Binney said. Metadata collected from Section 215 of the Patriot Act was used to fill in the content gaps, he said. Following an article in The New York Times and ProPublica Thursday that said the NSA conducted warrantless surveillance on Americans’ international Internet traffic to search for malicious attacks, the Center for Democracy & Technology in a news release Friday called the NSA’s expanded role in battling cyberattacks troubling. Leaked documents show that the NSA is using Section 702 of FISA “in a far broader manner than previously understood,” CDT said. “By using Section 702 to collect information directly from main Internet cables in the U.S., the NSA is sweeping up communications of Americans, including those who have been victimized by cyber attacks,” it said. “The NSA sees surveillance as the flipside of cybersecurity,” said CDT Freedom, Security and Technology Project Director Greg Nojeim. “Being the victim of a cyber attack should not be a reason for the NSA to collect your communications and mine them for intelligence purposes,” Nojeim said. "The backdoor search loophole in Section 702 of FISA is a far bigger problem than we thought,” he said, especially since “collection under Section 702 gets the actual content of communications.”

FTC Commissioner Maureen Ohlhausen will deliver opening remarks at the FTC’s June 9 workshop on issues raised by the "sharing economy," a news release said Thursday. California Public Utilities Commissioner Catherine Sandoval will make a presentation in the afternoon, it said. “Panels will explore sharing economy platforms, mechanisms for trust in the sharing economy, and various perspectives on the interplay between competition, consumer protection, and regulatory issues,” the release said. “Panelists and speakers will include academics from a number of leading universities, representatives from sharing economy businesses including Uber and Airbnb and self-regulation organizations, and former and current state and local government officials.” The full agenda is on the workshop’s Web page. The workshop begins at 8:45 a.m. at the FTC’s Constitution Center offices in the A, B and C conference rooms located at 400 7th St. SW.

The California State Senate approved Democratic Sen. Mark Leno-sponsored SB-178, which modernizes California’s privacy laws to keep up with emerging technologies, in a 39-0 vote Wednesday, a Leno news release said. The bill, also known as the California Electronic Communications Privacy Act (Cal-ECPA), “protects Californians against warrantless government access to private electronic communications such as emails, text messages and GPS data that are stored in the cloud and on smartphones, tablets, laptops and other digital devices,” it said. “For what logical reason should a handwritten letter stored in a desk drawer enjoy more protection from warrantless government surveillance than an email sent to a colleague or a text message to a loved one?” Leno said. The bill was co-sponsored by Republican Sen. Joel Anderson and supported by more than a dozen tech companies including Apple, Facebook, Google and Twitter, the release said. California Executive Director of the Internet Association Robert Callahan said it’s time to update laws because Californians expect their inboxes to have the same safeguards as their mailboxes. The bill was backed by the American Civil Liberties Union, Electronic Frontier Foundation and the California Newspaper Publishers Association, it said. “Californians should be able to use smartphones, email, social networks and any other modern technology without worrying about whether their personal lives will remain private,” said Chris Conley, policy attorney with the ACLU of Northern California. “Especially after revelations of warrantless mass surveillance by the NSA, California needs to catch up with other states across the nation, including Texas and Maine, which have already updated their privacy laws for the modern digital world,” Conley said. “CalECPA is a comprehensive digital privacy bill that is consistent with the strong protections provided in the California Constitution,” said EFF Activist Adi Kamdar. “As technology increasingly becomes a part of our everyday lives, it is crucial to update state laws pertaining to electronic devices, emails, texts and more,” he said. The bill will be heard in the Assembly this summer, the release said.