At a glance.
- FTC seeks public comment on future commercial surveillance rules.
- State Department announces $10 million bounty for info on Conti.
- The war in Ukraine’s impact on US cybersecurity.
FTC seeks public comment on future commercial surveillance rules.
In recent months the US Federal Trade Commission (FTC) has been looking for ways to crack down on mass commercial surveillance, and yesterday the FTC released an Advance Notice of Proposed Rulemaking requesting input from the public on future regulation. As the FTC explains, commercial surveillance has made it profitable for companies to gather data on customers’ online activities – browsing histories, personal contacts, buying habits, geolocation information – for advertising and marketing purposes. The problem is, that data are often collected without user permission, or permission is a requirement of receiving service. What’s more, a lack of adequate regulation means many businesses lack the security protocols to effectively protect the data they collect, leaving customer info at risk of theft.
FTC Chair Lina Khan stated, “Our goal today is to begin building a robust public record to inform whether the FTC should issue rules to address commercial surveillance and data security practices and what those rules should potentially look like.” The Wall Street Journal notes that although the FTC has brought enforcement actions against businesses found to be in violation of the FTC Act, the commission lacks the authority to impose financial penalties. Tighter regulations that set clearly defined data security requirements could change all that, and would fall in line with Khan’s more aggressive stance when it comes to regulating big business.
Jeff Sizemore, chief governance officer at Egnyte, wrote, in an email we received, that, “The recent announcement by the Federal Trade Commission (FTC) is outstanding news for U.S. consumers’ data privacy protection and further proof that the U.S. government is finally taking the protection of its citizens’ data seriously. While today’s Advance Notice of Proposed Rulemaking (ANPR) will almost certainly be subject to revision, it is a game-changer in terms of its increased scrutiny of commercial surveillance of consumers’ data, online behavior and even personal and professional networking. Since personal privacy is increasingly being viewed as a fundamental human right, it will be interesting to see how this impacts the long-anticipated U.S. federal privacy policy.”
State Department announces $10 million bounty for info on Conti.
Under its Rewards for Justice program, the US State Department yesterday declared it’s offering up to $10 million to anyone with intel on members of the Conti ransomware gang (aka Wizard Spider). In an unprecedented step, the State Department has specifically asked for any information on five individual Conti members who go by the handles Professor, Reshaev, Tramp, Dandis, and Target, and has even circulated an alleged photo of Target (who appears to be a middle-aged man with a penchant for hats with ear flaps).
Wired reports the move signals the US government’s commitment to disrupting the malicious activities of the prolific threat group, which targeted over one thousand organizations and acquired over $180 million last year alone. Conti is known for its business-like structure that employs over one hundred members, and leaked information indicates the group has even attempted to implement its own cryptocurrency payments platform. Senior members are believed to have ties to the Russian government and security services, and the US State Department has declared the group a threat to national security. US Air Force major Katrina Cheesman, a spokesperson for the Cyber National Mission Force, stated, “Conti has publicly acknowledged its connection with foreign governments, specifically its support of the Russian government. Based on its ties to Conti and other…