US Lawmakers Consider Bill Prohibiting Police Purchases of Phone Data
In a recent report declassified by Director of National Intelligence Avril Haines, it was revealed that the intelligence community has been purchasing a large amount of sensitive and intimate information from digital data brokers, which includes data protected by the Fourth Amendment. As a result, members of the House Judiciary Committee are scheduled to meet to discuss legislation that addresses this issue.
The meeting, led by Representative Jim Jordan, a Republican from Ohio, will consider the Fourth Amendment Is Not For Sale Act, a bill that aims to make these data purchases illegal without a subpoena, court order, or warrant. Republican congressman from Ohio, Warren Davidson, expressed his support for the bill, stating that “this unconstitutional mass government surveillance must end.” The bill, which was first introduced in 2021, covers user data obtained from hacked devices, even if the disclosure is referenced in a company’s terms of service. Its objective is to prevent government agencies and police departments from conducting business with companies like Clearview AI, which has faced scrutiny for its use of facial recognition software built from scraping public social media images.
Australian Cybersecurity Coordinator Warns Against Paying Ransoms
Amidst a wave of cyberattacks targeting high-profile companies, Australia’s first cybersecurity coordinator, Air Marshal Darren Goldie, has urged victims not to give in to hackers’ ransom demands. Goldie highlighted that paying a ransom does not guarantee data security or prevent future attacks. He believes that paying ransoms only encourages criminal behavior, making Australia a rich target for cybercriminals.
Following significant attacks on companies such as Optus, Medibank, and Latitude Financial, the cybersecurity coordinator role was established to create a new cybersecurity strategy that would enhance the federal government’s ability to intervene. Home Affairs and Cyber Security Minister Clare O’Neil has indicated a potential change in labeling customer data and systems as critical infrastructure, which would provide the government with more authority in preventing and responding to data breaches. Additionally, Goldie warned of the challenges posed by recent advances in artificial intelligence and confirmed that 1.4 terabytes of stolen data from the breach of law firm HWL Ebsworth had been uploaded on the dark web.
California to Investigate Handling of HR Data
The attorney general of California recently announced an investigation into how large California employers handle data obtained from employees and job applicants. This probe comes after the expiration of a temporary exemption, signaling the state’s expectation for full compliance with the California Consumer Privacy Act (CCPA) regarding human resources (HR) data. Covered businesses are required to provide individuals with notices of privacy practices, grant access to personal information, and ensure that vendors handling HR data adhere to contractual rules.
Florida to Establish Cyber Fraud Enforcement Unit
In an effort to combat digital scams, the state of Florida is establishing its first Cyber Fraud Enforcement Unit. Florida Attorney General Ashley Moody explained that as online crime increases, there is a growing enforcement gap, with federal agencies focusing primarily on cases involving multimillion-dollar losses. The new unit will consist of local police, members of the Florida Department of Law Enforcement, state prosecutors, civil attorneys, and analysts. Last year alone, over 42,000 Floridians lost a total of over $844 million to cybercrime. The establishment of this specialized force aims to fill the void left by federal agencies, allowing for better protection of individuals and small businesses from emerging high-tech schemes.
In conclusion, US lawmakers are considering a bill that would prohibit police purchases of phone data obtained from digital data brokers. The Australian cybersecurity coordinator warns against paying ransoms, emphasizing the potential risks and criminal encouragement. California is investigating the handling of HR data to ensure compliance with privacy regulations, while Florida is establishing a Cyber Fraud Enforcement Unit to crack down on digital scams and protect citizens from cybercrime.