The Weekly Newsletter of The George Washington University Cyber Security and Privacy Research Institute
Quick Links
Contact Us
Follow Us
Follow us on Twitter:
@gwCSPRI
 
Follow CSPRI co-Director, Lance Hoffman:
@lancehoffman1

Follow CSPRI co-Director, Costis Toregas:
@DrCostisToregas  
April 11 , 2016
Legislative Lowdown
-A long-awaited Senate Intelligence Committee encryption bill would force companies to provide "technical assistance" to government investigators seeking locked data, according to a discussion draft obtained by The Hill. "The measure, from Committee Chairman Richard Burr (R-N.C.) and ranking member Dianne Feinstein (D-Calif.), is a response to concerns that criminals are increasingly using encrypted devices to hide from authorities."

S ecurity researchers and civil liberties advocates last week condemned the draft legislation, saying it was planned as an overly vague measure that adds up to a ban on strong encryption, Reuters reports. "It would give judges broad authority to order tech companies to hand over data in 'an intelligible format' or provide 'technical assistance' to access locked data," wrote Dustin Volz and Mark Hosenball. "It does not spell out what form the data must take or under what circumstances a company would be forced to help. It also does not create specific penalties for noncompliance."

-The Hill also reports that the Senate last week unanimously passed on an 87-0 vote a long-awaited measure that would strengthen federal law and provide damages for U.S. companies affected by the theft of corporate intellectual property. "Sens. Orrin Hatch (R-Utah) and Chris Coons (D-Del.), who have worked together on the measure for the past two years, said their bill would harmonize federal law and give businesses more consistent legal protections when their trade secrets are stolen and they are facing billions in losses," writes Vicki Needham.


Cyber Security and Privacy News

-Documents stolen from a Panamanian law firm that created nearly a quarter million offshore companies to help the rich launder money, dodge sanctions and evade taxes were leaked online this month. The confidential documents leaked from Mossack Fonesca show that some of the world's most powerful used offshore havens to hide their fortunes and dodge taxes worth millions of dollars. The documents were reportedly stolen after intruders hacked an email server at the law firm.
The leaked documents, dubbed the "Panama Papers," are already creating headaches for world leaders. For example, British Prime Minister David Cameron has been accused of "hypocrisy" by British lawmakers after it emerged in the papers that he ordered all parliamentary candidates to reveal their tax affairs just months after selling off his stake in an offshore trust for £30,000. The Telegraph has the full story.
According to The New York Times, the reverberations from a leaked trove of Panamanian documents rippled through several nations on Thursday, with President Vladimir V. Putin of Russia calling the exposure of a proliferation of shell companies and tax havens an American plot, while Iceland picked a new prime minister.
 
-Many thought the controversy between Apple and FBI over the power to require lawful access to customer phones was over when the FBI announced last month that it had figured out another way to hack into the phone assigned to the man responsible for the San Bernardino massacre. But according to USA Today, the Department of Justice says it is pressing forward in its legal fight to force Apple's assistance in unlocking an iPhone linked to a drug conspiracy case in New York City. "The government's position signals a continuing legal battle that pits privacy issues against law enforcement and national security concerns," write Kevin McCoy and Kevin Johnson.
 
-The US Department of Defense last week announced the launch of a pilot bug-bounty program for the DOD's public-facing websites, reports Ars Technica. "Called 'Hack the Pentagon,' the bounty program will be managed by HackerOne, the disclosure-as-a-service company founded by Alex Rice and Michiel Prins. Sean Gallagher has more here.

The Cyber Security and Privacy Research Institute (CSPRI) is a center for GW and the Washington area to promote technical research and policy analysis of problems that have a significant computer security and information assurance component. More information is available at our website, http://www.cspri.seas.gwu.edu.

Upcoming 
Cyber Security & Privacy Events
Click  here for detailed descriptions

-
Apr. 11, 8:30 a.m. - 10:30 a.m.
FCC Privacy Proposal Event 
 
Apr. 12, 9:00 a.m. - 5:15 p.m. , Rock Stars of Risk-Based Security

- 
Apr. 12, 9:00 a.m. - 5:00 p.m. , Cryptocurrency:
 Policy Challenges of a Decentralized Resolution

- 
Apr. 12, 10:00 a.m. , Cybersecurity and Protecting Taxpayer Information
 
- 
Apr. 13, 10:45 a.m. - 4:00 p.m. , ISACA CM Meetup: Exploration of the NIST Cybersecurity Framework

- 
Apr. 13, 6:15 p.m. - 9:00 p.m. , OWASP NoVA  Meetup: Integrating Compliance into Development

- 
Apr. 14, 10:00 a.m. , Can IRS Protect Taxpayers' Personal Information?

Apr. 14, 12:00 p.m.- 2:00 p.m. , Using Data to Secure Networks: Optimizing Individual Privacy While Achieving Strong Security
  
 
Apr. 15, 12:30 p.m.- 5:30 p.m. , Dissertation Defense: Privacy-Preserving and Secure
 Cryptographic Schemes for Wireless Applications (by Chunqiang Hu)

 
Apr. 15, 12:30 p.m.- 5:30 p.m. , Dissertation Defense: Privacy Preserving Auctions Based on Homomorphic Encryption and Secret Sharing (by Maya Larson)
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
-  Apr. 21, 12:00 p.m.- 1:00 p.m. ,  
Crypto Wars: Plus ca change, plus c'est la meme chose.
 

About this Newsletter
 
This newsletter is a weekly summary of events related to cyber security policy and research, with a special focus on developments and events in the Washington, DC area. It is published by the Cyber Security and Privacy Research Institute (CSPRI) of the George Washington University. CSPRI is a center for GW and the Washington area that promotes technical research and policy analysis of topics in or related to cybersecurity and privacy. More information is available at our website, http://www.cspri.seas.gwu.edu
 
CSPRI 
202 994 5613. cspri@gwu.edu
Tompkins Hall,  Suite 106
725 23rd Street NW
Washington DC, DC 20052