Delay in Creating New US Cybersecurity Board Prompts Concern

It’s a key part of President Joe Biden’s plans to fight major ransomware attacks and digital espionage campaigns: creating a board of experts that would investigate major incidents to see what went wrong and try to prevent the problems from happening again — much like a transportation safety board does with plane crashes.

But eight months after Biden signed an executive order creating the Cyber Safety Review Board it still hasn’t been set up. That means critical tasks haven’t been completed, including an investigation of the massive SolarWinds espionage campaign first discovered more than a year ago. Russian hackers stole data from several federal agencies and private companies.

Some supporters of the new board say the delay could hurt national security and comes amid growing concerns of a potential conflict with Russia over Ukraine that could involve nation-state cyberattacks. The FBI and other federal agencies recently released an advisory — aimed particularly at critical infrastructure like utilities — on Russian state hackers’ methods and techniques.

“We will never get ahead of these threats if it takes us nearly a year to simply organize a group to investigate major breaches like SolarWinds,” said Sen. Mark Warner, a Virginia Democrat who leads the Senate Intelligence Committee. “Such a delay is detrimental to our national security and I urge the administration to expedite its process.”

Biden’s order, signed in May, gives the board 90 days to investigate the SolarWinds hack once it’s established. But there’s no timeline for creating the board itself, a job designated to Department of Homeland Security Secretary Alejandro Mayorkas.

In response to questions from The Associated Press, DHS said in a statement it was far along in setting it up and anticipated a “near-term announcement,” but did not address why the process has taken so long.

Scott Shackelford, the cybersecurity program chair at Indiana University and an advocate for creating a cyber review board, said having a rigorous study about what happened in a past hack like SolarWinds is a way of helping prevent similar attacks.

“It sure is taking, my goodness, quite a while to get it going,” Shackelford said. “It’s certainly past time where we could see some positive benefits from having it stood up.”

The Biden administration has made improving cybersecurity a top priority and taken steps to bolster defenses, but this is not the first time lawmakers have been unhappy with the pace of progress. Last year several lawmakers complained it took the administration too long to name a national cyber director, a new position created by Congress.

The SolarWinds hack exploited vulnerabilities in the software supply-chain system and went undetected for most of 2020 despite compromises at a broad swath of federal agencies and dozens of companies, primarily telecommunications and information technology providers. The hacking campaign is named SolarWinds after the U.S. software company whose product was exploited in the first-stage infection of that effort.

The hack highlighted the Russians’ skill at getting to high-level targets. The AP previously reported that SolarWinds hackers had gained access to emails belonging to the then-acting Homeland Security Secretary Chad Wolf.

The Biden administration has kept many of the details about the cyberespionage campaign hidden.

 

The Justice Department, for instance, said in July that 27 U.S. attorney offices around the country had at least one employee’s email account compromised during the hacking campaign. It did not provide details about what kind of information was taken and what impact such a hack may have had on ongoing cases.

The New York-based staff of the DOJ Antitrust Division also had files stolen by the SolarWinds hackers, according to one former senior official briefed on the hack who was not authorized to speak about it publicly and requested anonymity. That breach has not previously been reported. The Antitrust Division investigates private companies and has access to highly sensitive corporate data.

The federal government has undertaken reviews of the SolarWinds hack. The Government Accountability Office issued a report this month on the SolarWinds hack and another major hacking incident that found there was sometimes a slow and difficult process for sharing information between government agencies and the private sector, The National Security Council also conducted a review of the SolarWinds hack last year, according to the GAO report.

But having the new board conduct an independent, thorough examination of the SolarWinds hack could identify inconspicuous security gaps and issues that others may have missed, said Christopher Hart, a former National Transportation Safety Board chairman who has advocated for the creation of a cyber review board.

“Most of the crashes that the NTSB really goes after … are ones that are a surprise even to the security experts,” Hart said. “They weren’t really obvious things, they were things that really took some deep digging to figure out what went wrong.”

California Nursing Homes Use Robotic Pets to Help the Elderly

In a California senior care community, very special pets are helping residents keep their spirits up, fight anxiety and feel loved. Officials say these animals are therapeutic, low-maintenance and never get moody. Angelina Bagdasaryan has the story, narrated by Anna Rice.

Camera: Vazgen Varzhabetian             

UAE Bans Flying of Recreational Drones After Fatal Attack

The United Arab Emirates has banned the flying of drones in the country for recreation after Yemen’s Houthi rebels claimed a fatal drone attack on an oil facility and major airport in the country.

As of Saturday, drone hobbyists and other operators of light electric sports aircraft face “legal liabilities” if caught flying the objects, the Interior Ministry said, adding it may grant exemptions to businesses seeking to film.

A rare drone and missile strike on the capital of Abu Dhabi blew up several fuel tankers and killed three people last week.

The Houthis, who hold Yemen’s capital and have fought a bloody, yearslong war with a Saudi-led military coalition that includes the UAE, claimed the assault. While the UAE has largely withdrawn troops from the stalemated conflict, the country continues to be a major player and support local militias on the ground.

The UAE said the Houthis targeted the country with bomb-laden drones and cruise and ballistic missiles, adding the country had intercepted some of the projectiles. In response to the strike, the Saudi-led coalition has escalated attacks on the rebel-held parts of Yemen in the last week.

Government regulations in the UAE already restrict flying drones in residential areas as well as near, around and over airports. Drone users typically must obtain a certificate from the civil aviation authorities. 

 

Facebook Removes Kurdish Pages Linked to Misinformation on Belarus Migrant Crisis

Meta, the parent company of Facebook, has removed two popular Kurdish Facebook pages accused of spreading misinformation that helped convince thousands of Kurds to mass along the border of Belarus and Poland late last year.

The two accounts, one from a Kurdish lawmaker with 143,000 followers and another belonging to a Kurdish journalist with nearly 270,000 followers, were spreading misinformation that falsely claimed Kurds who went to the Belarus-Poland border would be allowed into the European Union.

There was no such immigration plan. Instead, frustrated crowds clashed with border guards and thousands were later deported. 

The false posts were among many seen by Kurds who traveled to the border area and were interviewed by VOA.

“We followed the crowd towards the Polish borders after rumors on Facebook. It resulted in nothing more than adversity for this destitute people,” said Hersh Saeed Ahmad, a Kurdish migrant in Belarus.

But the accounts on Facebook continued to publish widely read posts until earlier this month when VOA contacted Meta asking if the pages were violating the company’s policies. 

“Meta has decided both pages violated our policies for misinformation under Violence & Incitement Community Standards, and both have been taken down,” a spokesperson from the company told VOA in an email.

The episode illustrates how the social media network continues to struggle to police even well-known spreaders of misinformation who are involved in high-profile news events, especially when misinformation is being published in languages other than English.

Spreading misinformation 

The Belarus-EU border crisis began last July and worsened by November, when thousands of migrants from the Middle East, North Africa and Iraqi Kurdistan, attempted to cross into the EU from Belarus.

In mid-November, violence broke out at the Polish border when security forces used tear gas and water cannons to prevent migrants from breaking the border fencing. Polish police at the time reported several injuries in their ranks from migrants throwing stones at them.

At the time, Facebook told news outlets that it was working to shut down information about human trafficking in the region.

But two prominent Kurdish Facebook pages continued to traffic in misinformation about the situation at the border until earlier this month.

Sirwan Baban, a member of the Kurdistan Regional Parliament, and Ranj Pshdary, a Kurdish journalist based in Greece, used their pages on Facebook to tell their followers in early November that the EU and Germany had decided to open their borders to let in migrants stranded on a Belarus-Poland border point.

 

It was a claim denied by EU officials at the time, but thousands of migrants, mostly Kurds, still stormed the Polish border fence and clashed with police.

VOA interviews with officials in the Kurdistan Region of Iraq and Kurdish migrants in Belarus confirmed that misinformation on Facebook, including from Baban and Pshdary, helped to lure thousands of people towards the Polish border.

Hersh Saeed Ahmad, a 36-year-old Kurd from Sulaimani province, is among those migrants who, after reading posts on social media, took his wife and 4-year-old child to the Polish border in November.

“Our situation after the storming turned from bad to worse,” he said. “Our admission by Germany was nothing more than lies and rumors on Facebook.”

Another migrant, Bahadin Muhsin Qadir, said they were told the Polish security at the border had announced through loudspeakers that they will be transferred through buses to Germany.

The standoff at the border during extreme weather conditions left more than a dozen people dead, according to human rights activists, who say the total number is likely higher but hard to confirm due to restricted access to the area.

Ari Jalal, the head of Kurdish foundation Lutka for Refugees and Migrants, told VOA that his group registered two deaths among the Kurds at the border. He said about 4,000 migrants have since returned to the Kurdistan Region of Iraq, with about 1,100 people remaining in Belarus camps.

“In addition to bodily and material damage, the Kurdish migrants are also psychologically broken down completely,” said Jalal, while expressing his frustration at “how gullible Kurdish youth can be manipulated by livestream videos on social media.” 

Facebook’s efforts 

Working with independent experts, Meta says it works to detect and remove harmful false claims that could contribute to the risk of imminent violence or physical harm ­— such as claims in Arabic and Kurdish that either the Polish border is open to migrants or Germany is sending buses for the migrants to the border. 

In November, The New York Times reported that an account belonging to a Kurdish-German influencer widely known online as Karwan Rawanduzy was disabled on Facebook for frequently promoting bogus stories that fueled the crisis.

In early December, Meta released a threat report saying it removed 38 Facebook accounts, five groups and four Instagram accounts linked to the Belarusian KGB that were inflaming the migrant crisis. It also reported taking down 31 Facebook accounts, four groups, two Facebook events and four Instagram accounts that originated in Poland and targeted Belarus and Iraq.

Despite those high-profile takedowns, the social media giant missed other far-reaching pages that were still being used to mislead migrants.

False claim of open border 

In the case of Sirwan Baban, a lawmaker, and Ranj Pshdary, who calls himself a journalist, both with thousands of followers, Facebook for months served as their main medium to encourage migrants to amass at the Polish border.

Pshdary, 32, from Iraqi Kurdistan’s Qaladza town, has gained recognition in Kurdish media for his role in covering the Belarus crisis. On November 13, he went live on Facebook to tell migrants “the great news” that the EU was going to open its doors to let them in. In the video, viewed and shared by thousands, people claiming to be migrants in Belarus or their relatives, joined Pshdary’s call in encouraging the migrants to prepare to cross into Poland “in the next couple of days.”

“The Polish border will be opened to migrant on November 15 and the migrants will be sent to Germany via buses,” Pshdary said.

Three days later, thousands of migrants, mostly Kurds, headed from a Belarus forest to the Polish border, anticipating a crossing into Poland. They clashed with the Polish police, but no migrants crossed over.

Pshdary, in another live Facebook video titled “I confess that we failed,” admitted he had intentionally misled people.

“I don’t want to conceal from you that I was the organizer of the crowd. On Friday, [Nov. 12, 2021], I met with the representatives of the migrants… Seeing that the Belarus police were torturing a lot of young migrants, there was no option but to encourage those people to cut the barbed wire fence so that those young people can be seen as perpetrators and violated against [by the Polish security].”

Pshdary said in his Facebook Live he believed that falsely saying the border was open would have created a spectacle with women, children and older migrants out in the cold, thus embarrassing EU politicians and forcing them to open their doors on a humanitarian basis.

When reached by VOA, Pshdary insisted that his plan was “good intentioned” and aimed at helping the migrants who desperately reached out to him for a way out.

Lawmaker resigns from diaspora committee

Lawmaker Sirwan Baban, who served as a member of the Kurdistan Regional Parliament’s diaspora committee at the time of the crisis, gave similar false hopes to migrants on Facebook and on TV.

On November 8, he appeared in a live interview with the Kurdish media network Rudaw, which was streamed live on Facebook with 755,000 views, claiming he had access to a “proclamation” from the EU: “It says the migrant situation in Belarus has escalated and become tragedy and a global issue. Therefore, the European Union has met tonight, telling Poland, ‘Let Belarus continue its dictatorship. You open your borders and allow the migrants in. Once in Poland, we will distribute them among other European countries.'” 

In an interview with VOA, Baban denied coordinating his false information about border openings with Pshdary, claiming that he had received reliable information that the EU’s refugee committee and some German officials had made a “recommendation” to let in the migrants. However, he declined to share the source of his information with VOA.

“This issue is portrayed this way in Kurdistan only to implicate me,” he added. 

In addition to using his Facebook page, Baban also went live on several Facebook groups and other social media pages to promote the story which — at the time — was also denied by Kurdish Foreign Relations officer Safin Dizayee in an interview with VOA Kurdish Service.

Among videos Baban posted of alleged migrants celebrating and thanking him for his efforts to influence EU officials is a young girl introducing herself as Saya and saying, “Mr. Sirwan Baban, the parliamentarian, thank you very much for such a great news … I will see you in Germany.”

The Kurdistan Regional Parliament’s diaspora committee in an urgent statement on November 11 accused Baban of spreading misinformation “that pushes the youth into harm’s way.”

The head of the committee, Rebwar Babkai, told VOA that Baban has since been forced to resign from the committee due to his role in spreading the misinformation.

“I hope this is a lesson to all of us holding a public position to feel the responsibility of our jobs,” Babkai said, adding it was unclear if his region’s government was going to take further action against Baban.

Limits of Facebook’s enforcement? 

Some social media observers say Facebook’s failure to detect those pages after months of misinformation shows “a gap” that needs to be filled particularly in non-English content.

“I think Facebook needs to do more when it comes to content in local languages,” said Dlshad Othman, a Kurdish cybersecurity expert based in Washington.

Othman said the social media company has improved over the years in moderating content in major Middle Eastern languages such as Arabic, often at the expense of languages for smaller populations like the Kurds. A Facebook representative declined to answer VOA questions about how many Kurdish-literate moderators the company employs. 

Moustafa Ayad is the executive director for Africa, Middle East and Asia at the UK-based Institute for Strategic Dialogue, a research group that monitors online extremism and disinformation. He told VOA that while Facebook’s technical advances such as the development of artificial intelligence have been helpful in countering disinformation, the company needs to do more.

“I believe all of these issues can be fixed with effective moderation in those languages,” he said. “It is not only just language skills but also an understanding of what is happening in those countries in a geopolitical and social level.” 

Facebook says it works with law enforcement, academics, non-profit organizations and others to detect and remove harmful false claims, ads, posts, pages and groups about people smuggling over international borders, and did so during the crisis in Belarus. It uses technology, human review and “reports from our users and trusted partners to detect and remove such content,” said a Meta spokesperson in an email to VOA.

“We remove this content as soon as we become aware of it regardless of who posts the content,” the spokesperson said.

 

While their pages were removed, the journalist and lawmaker still have a presence on Facebook.

As of January 19, Pshdary, the journalist, has a personal account with 3,600 followers. 

The lawmaker Baban’s personal account has over 15,000 followers. On a recent post, he invites viewers to like his new page created on January 22.

 

Biden Pushes Expansion of Domestic Semiconductor Manufacturing

U.S. President Joe Biden touted a $20 billion investment by American technology company Intel to build a semiconductor factory in Ohio to address a global shortage that has been exacerbated by the COVID-19 pandemic and the U.S.-China trade war.

In a speech from the White House on Friday, Biden said the Intel factory, part of the administration’s effort to work with the private sector, would create thousands of jobs. He urged Congress to pass legislation to further expand domestic chip manufacturing, framing it in the context of strategic competition with China.

“Today 75% of the production takes place in East Asia; 90% of the most advanced chips are made in Taiwan,” Biden said. “China is doing everything it can to take over the global market so they can try to outcompete the rest of us.”

Semiconductor chips function as the brains of cars, medical equipment, household appliances and electronic devices.

The $20 billion factory is an initial investment, said Patrick Gelsinger, chief executive officer of Intel, at the White House event.

“This site alone could grow to as much as $100 billion of total investment over the decade,” he said.

The White House pointed to other investments in semiconductor manufacturing in the United States earlier this year by Samsung, Texas Instruments and Micron.

“Congress can accelerate this progress by passing the U.S. Investment and Competition Act, also known as USICA, which the president has long championed and which he called for action on today,” said White House press secretary Jen Psaki, referring to legislation that aims to strengthen research, development and manufacturing for critical supply chains to address semiconductor shortages.

Driven by Washington’s desire to retain an edge over China’s technological ambitions, USICA was passed with rare bipartisan Senate support in June but still needs to be passed by the House of Representatives. It includes full funding for the CHIPS for America Act, which provides $52 billion to catalyze more private sector investments in the semiconductor industry.

“The Chinese have been really clear. They want an indigenous chip industry. They want to be globally dominant, and that means displacing the U.S. and others,” James Lewis, director of the technology and public policy program at the Center for Strategic and International Studies, told VOA.

The U.S. share of global semiconductor production has fallen from 37% to 12% over the past 30 years, according to government data.

Pandemic impact

The COVID-19 pandemic and extreme changes in consumer demand during lockdowns have exacerbated fragility in the global semiconductor supply chain.

“Consumer demand increased rapidly for items such as home computers, while supply could not keep up and many Chinese manufacturers were locked down,” Nada Sanders, professor of supply chain management at the D’Amore-McKim School of Business at Northeastern University, told VOA.

Meanwhile, the U.S.-China tariff war that began under the Trump administration and geopolitical conflicts between the two global rivals have made the environment even less conducive for cooperation, Sanders said.

The Intel factory will not be operational until 2025, but analysts say the initiative will still be effective to secure the supply of chips in the long run.

“You cannot underestimate demand for this stuff. It grows at about 10% a year,” Lewis said.

As the U.S. expands its domestic chip manufacturing capacity, analysts say a key component is working with international partners, including South Korea, Taiwan and Japan, to fill in the supply gap.

Earlier Friday, Biden discussed semiconductor supply chain resilience in his virtual summit with Japanese Prime Minister Fumio Kishida.

“The leaders did discuss the importance of cooperation on supply chain security, including semiconductors, and the president described what we are doing at home and underscored the importance of working together on it,” a National Security Council spokesperson told VOA.

The spokesperson added that the two countries have been working closely in this area bilaterally through the Quad, a security dialogue forum involving the U.S., Australia, India and Japan.

“The new ministerial-level Economic Policy Consultative Committee (the Economic ‘2+2’) established by the leaders today will also cover this important issue,” the spokesperson said.

Taiwan, home to the Taiwan Semiconductor Manufacturing Company (TSMC) and the leading producer of advanced chips in the world, is another key partner.

“If China was to take over Taiwan, and use TSMC as a leverage point, that would be hugely disruptive,” Lewis said. “Taiwan and its proximity to China and China’s hostility drives a lot of the concern.”

The global chip shortage has pushed up inflation rates and hamstrung the administration’s economic recovery efforts. It contributed to the sharp increases in the price of new and used automobiles, which account for one-third of the annual price increases in the consumer price index.

Biden’s approval in the polls has been lagging recently, partly driven by inflation. Consumer prices jumped 7% in December compared with a year earlier, the highest inflation rate in 40 years. It has dampened economic recovery in a year that the administration says has shown the biggest job growth in American history.

Israel Probes Allegations Police Cyber-Spied on Citizens

Israel on Thursday launched an investigation into allegations police used the controversial Pegasus spyware on the country’s citizens.

In a letter sent to police commander Koby Shabtai, Attorney General Avichai Mandelblit asked to receive all wiretapping and computer spying orders from 2020 and 2021 in order to “verify allegations made in the media.”

The Israeli business daily Calcalist reported Thursday that Israeli police used Pegasus software to spy on an Israeli they considered a potential threat and attempt to gather evidence that could be used as leverage in future investigations.

According to the newspaper, which did not cite any sources, the police action represents a “danger to democracy.”

Police commissioner Yaakov Shabtai, reacting to the story, said that “the police have not found any evidence to support this information.”

“The Israeli police are fighting crime with all the legal means at their disposal,” Shabtai added in a statement.

Israeli security forces have wide leeway to conduct surveillance within Israel with judicial approval.

On Wednesday, Israel’s justice ministry pledged a full investigation into allegations that Pegasus spyware was used on Israeli citizens, including people who led protests of former prime minister Benjamin Netanyahu.

Pegasus, a surveillance product made by the Israeli firm NSO that can turn a mobile phone into a pocket spying device, has remained a source of global controversy following revelations last year it was used to spy on journalists and dissidents worldwide.

Once installed in a mobile phone, Pegasus allows access to the user’s messaging and data, as well as remote activation of the device for sound and image capture.

NSO would neither confirm nor deny it sold technologies to Israeli police, stressing that it does “not operate the system once sold to its governmental customers and it is not involved in any way in the system’s operation.”

“NSO sells its products under license and regulation to intelligence and law enforcement agencies to prevent terror and crime under court orders and the local laws of their countries,” it said in a statement sent to AFP.

Israel’s defense ministry, which must approve all exports of Israeli-made defense industry products, has also opened an investigation into sales of Pegasus overseas. 

 

US Air Travel Safety Questions Linger Amid 5G Rollout

An unresolved disagreement between U.S. wireless communications carriers and commercial airlines over the rollout of new 5G networks continues to generate confusion about whether air travel is safe in the United States. 

On Wednesday, AT&T and Verizon, the two largest providers of mobile voice and internet service in the U.S., began turning on new wireless towers across the United States, making the ultra-fast 5G spectrum available to consumers, primarily in the more densely populated parts of the country.

Up until the last moment, there was a dispute between the carriers and major U.S. airlines over whether or not the new service would be deployed near airports. This caused a handful of international carriers, including British Airways, Lufthansa, All Nippon, Japan Airlines and Emirates, to announce that they would suspend some service to the United States until the issue was resolved.

Emirates President Tim Clark described the situation as “utterly irresponsible,” speaking earlier this week on CNN.

By Thursday morning, most of the concern about international flights had been resolved, but lingering questions remain for the United States’ vast system or regional air travel.

Interference with landing instruments possible

The 5G C-band spectrum signal used for mobile communications – for which mobile carriers paid more than $80 billion in an auction last year – is similar to the signal that commercial airlines use to measure the altitude of planes landing during inclement weather. Airlines and the Federal Aviation Administration have expressed concern that some aircraft devices, called radar altimeters, could experience interference from the new 5G signals, creating dangerous conditions.

On Wednesday, in a deal brokered by the Biden administration, mobile carriers said they would delay activating 5G towers near airport runways, leaving about 10% of the planned rollout inactive. In addition, the FAA specifically cleared several kinds of radar altimeters, including those commonly used in the Boeing 777, saying the data shows that 5G signals do not interfere with their systems.

In a press release Wednesday, the FAA said its new approvals “allow an estimated 62 percent of the U.S. commercial fleet to perform low-visibility landings at airports where wireless companies deployed 5G C-band.”

Regional airports waiting for answers

While the FAA’s steps to clear large passenger planes for continued use following the 5G rollout have helped prevent problems at large airports, the new technology is causing concern about safety at regional airports across the country, which are served by a wide variety of passenger planes, typically smaller than those that fly into major hub airports.

As of Wednesday, the FAA had not updated guidance for many smaller planes. Because there were relatively few severe weather systems in the U.S. on Wednesday, that did not translate into major delays. However, industry representatives said that it was only a matter of time before challenging weather conditions would begin causing problems.

Faye Malarkey Black, the president and CEO of the regional Airline Association, used Twitter to air her concerns about the situation, saying, “Situational update: 0% of the regional airline fleet has been cleared to perform low visibility landings at #5G impacted airports if/when weather drops below minimums. Today’s fair weather is saving rural America from severe air service disruption.”

Not a new problem

The battle between the airlines and mobile carriers is particularly frustrating to many in the U.S., because it is a problem that has been successfully resolved in other countries around the world. China, the U.K., and France, for example, have managed to roll out 5G service without any significant impact on air travel. That was achieved by agreements between the parties that limited the number of cell towers near airports and the power levels at which they operate.

In a warning to its members, the International Federation of Airline Pilots’ Associations noted that, in the U.S., “The power levels and proximities of the 5G signals are at higher power levels than any other deployment currently in use elsewhere in the world.”

The situation in the U.S. was complicated by the fact that the slice of spectrum being used for 5G services is slightly different here than it is in Europe. In the U.S., mobile carriers bought the rights to the band between 3.7 and 3.98 gigahertz, putting their signals somewhat closer to the 4.2 to 4.4 GHz being used by airlines than the European mobile carriers, which are limited to a range of 3.4 to 3.8 GHz.

The issue was raised during a press conference that U.S.President Joe Biden held at the White House on Wednesday afternoon. After being asked whether his administration bore part of the blame for confusion about flight safety, Biden characterized it as a fight between two private entities, over which the federal government exerts limited control.

“The fact is that you had two enterprises — two private enterprises — that had one promoting 5G and the other one are airlines,” Biden said. “They’re private enterprises. They have government regulation, admittedly.”

“And so, what I’ve done is pushed as hard as I can to have 5G folks hold up and abide by what was being requested by the airlines until they could more modernize over the years so that 5G would not interfere with the potential of the landing,” he said. “So, any tower — any 5G tower within a certain number of miles from the airport should not be operative.”

Bureaucratic dysfunction

The confusion resulting from the 5G rollout this week is at least partly attributable to dysfunction within the federal bureaucracy. Analysts say lines of authority between agencies responsible for auctioning off the rights to the wireless spectrum and those charged with managing conflicts are unclear. 

The Federal Communications Commission is responsible for spectrum auctions, but it is the Federal Aviation Administration, a part of the Department of Transportation, which makes decisions about airline safety. Further complicating matters is that the agency in charge of mediating spectrum disputes, which is located within the Commerce Department, was without a director for two-and-a-half-years, until President Biden’s nominee was confirmed last week.

That situation has led to multiple problems in the rollout of new communications technology over the years, including a recent battle during the Trump administration over whether new spectrum auctions would interfere with the satellite-based Global Positioning System

Senate Panel Moves Forward With Bill Targeting Big Tech

Legislation that would bar technology companies from favoring their own products in a way that undermines competitiveness moved forward Thursday after a Senate panel voted to move the bill to the Senate floor. 

The American Innovation and Choice Online Act received bipartisan support in a 16-6 vote in the Senate Judiciary Committee. 

The bill targets Amazon; Alphabet, the parent company of Google; Apple; and Meta, which was formerly called Facebook. 

The companies had worked strenuously to sink the bill, arguing it could disrupt their services. 

Smaller tech companies that supported the bill argued it will benefit consumers through adding competition. 

“This bill is not meant to break up Big Tech or destroy the products and services they offer,” said Senator Chuck Grassley, the top Republican on the judiciary panel. “The goal of the bill is to prevent conduct that stifles competition.” 

Matt Schruers, president of the Computer and Communications Industry Association, was critical of the bill and said he thought it would not pass the full Senate. 

“Antitrust policy should aim to promote consumer welfare — not punish specific companies,” he said in a statement. 

Another bill aimed at Big Tech, which has bipartisan sponsorship, is also working its way through Congress. The Open App Markets Act would prevent the Apple and Google app stores from requiring app makers to use their payment systems. 

The House of Representatives is also considering versions of both bills. 

Some information for this report came from Reuters. 

Security Scanners Across Europe Tied to China Government, Military

At some of the world’s most sensitive spots, authorities have installed security screening devices made by a single Chinese company with deep ties to China’s military and the highest levels of the ruling Communist Party.

The World Economic Forum in Davos. Europe’s largest ports. Airports from Amsterdam to Athens. NATO’s borders with Russia. All depend on equipment manufactured by Nuctech, which has quickly become the world’s leading company, by revenue, for cargo and vehicle scanners.

Nuctech has been frozen out of the U.S. for years due to national security concerns, but it has made deep inroads across Europe, installing its devices in 26 of 27 EU member states, according to public procurement, government and corporate records reviewed by The Associated Press.

The complexity of Nuctech’s ownership structure and its expanding global footprint have raised alarms on both sides of the Atlantic.

A growing number of Western security officials and policymakers fear that China could exploit Nuctech equipment to sabotage key transit points or get illicit access to government, industrial or personal data from the items that pass through its devices.

Nuctech’s critics allege the Chinese government has effectively subsidized the company so it can undercut competitors and give Beijing potential sway over critical infrastructure in the West as China seeks to establish itself as a global technology superpower.

“The data being processed by these devices is very sensitive. It’s personal data, military data, cargo data. It might be trade secrets at stake. You want to make sure it’s in right hands,” said Bart Groothuis, director of cybersecurity at the Dutch Ministry of Defense before becoming a member of the European Parliament. “You’re dependent on a foreign actor which is a geopolitical adversary and strategic rival.”

He and others say Europe doesn’t have tools in place to monitor and resist such potential encroachment. Different member states have taken opposing views on Nuctech’s security risks. No one has even been able to make a comprehensive public tally of where and how many Nuctech devices have been installed across the continent.

Nuctech dismisses those concerns, countering that Nuctech’s European operations comply with local laws, including strict security checks and data privacy rules.

“It’s our equipment, but it’s your data. Our customer decides what happens with the data,” said Robert Bos, deputy general manager of Nuctech in the Netherlands, where the company has a research and development center.

He said Nuctech is a victim of unfounded allegations that have cut its market share in Europe nearly in half since 2019.

“It’s quite frustrating to be honest,” Bos told AP. “In the 20 years we delivered this equipment we never had issues of breaches or data leaks. Till today we never had any proof of it.”

‘It’s not really a company’

As security screening becomes increasingly interconnected and data-driven, Nuctech has found itself on the front lines of the U.S.-China battle for technology dominance now playing out across Europe.

In addition to scanning systems for people, baggage and cargo, the company makes explosives detectors and interconnected devices capable of facial recognition, body temperature measurement and ID card or ticket identification.

On its website, Nuctech’s parent company explains that Nuctech does more than just provide hardware, integrating “cloud computing, big data and Internet of Things with safety inspection technologies and products to supply the clients with hi-tech safety inspection solution.”

Critics fear that under China’s national intelligence laws, which require Chinese companies to surrender data requested by state security agencies, Nuctech would be unable to resist calls from Beijing to hand over sensitive data about the cargo, people and devices that pass through its scanners. They say there is a risk Beijing could use Nuctech’s presence across Europe to gather big data about cross-border trade flows, pull information from local networks, like shipping manifests or passenger information, or sabotage trade flows in a conflict.

A July 2020 Canadian government security review of Nuctech found that X-ray security scanners could potentially be used to covertly collect and transmit information, compromise portable electronic devices as they pass through the scanner or alter results to allow transit of “nefarious” devices.

The European Union put measures in place in late 2020 that can be used to vet Chinese foreign direct investment. But policymakers in Brussels say there are currently no EU-wide systems in place to evaluate Chinese procurement, despite growing concerns about unfair state subsidies, lack of reciprocity, national security and human rights.

“This is becoming more and more dangerous. I wouldn’t mind if one or two airports had Nuctech systems, but with dumping prices a lot of regions are taking it,” said Axel Voss, a German member of the European Parliament who works on data protection. “This is becoming more and more a security question. You might think it’s a strategic investment of the Chinese government.”

The U.S. — home to OSI Systems, one of Nuctech’s most important commercial rivals — has come down hard against Nuctech. The U.S. Senate Committee on Foreign Relations, the U.S. National Security Council, the U.S. Transportation Security Administration, and the U.S. Commerce Department’s Bureau of Industry and Security all have raised concerns about Nuctech.

The U.S. Transportation Security Administration told AP in an email that Nuctech was found ineligible to receive sensitive security information. Nuctech products, TSA said, “are not authorized to be used for the screening of passengers, baggage, accessible property or air cargo in the United States.”

In December 2020, the U.S. added Nuctech to the Bureau of Industry and Security Entity List, restricting exports to them on national security grounds.

“It’s not just commercial,” said a U.S. government official who was not authorized to speak on the record. “It’s using state-backed companies, with state subsidies, low-ball bids to get into European critical infrastructure, which is civil airports, passenger screening, seaport and cargo screening.”

 

In Europe, Nuctech’s bids can be 30-50% below their rivals’, according to the company’s competitors, U.S. and European officials and researchers who study China. Sometimes they include other sweeteners like extended maintenance contracts and favorable loans.

In 2009, Nuctech’s main European competitor, Smiths Detection, complained that it was being squeezed out of the market by such practices, and the EU imposed an anti-dumping duty of 36.6% on Nuctech cargo scanners.

“Nuctech comes in with below market bids no one can match. It’s not a normal price, it’s an economic statecraft price,” said Didi Kirsten Tatlow, and co-editor of the book, China’s Quest for Foreign Technology. “It’s not really a company. They are more like a wing of a state development drive.”

Nuctech’s Bos said the company keeps prices low by manufacturing in Europe. “We don’t have to import goods from the U.S. or other countries,” he said. “Our supply chain is very efficient with local suppliers, that’s the main reason we can be very competitive.”

Nuctech’s successes abound. The company, which is opening offices in Brussels, Madrid and Rome, says it has supplied customers in more than 170 countries and regions. Nuctech said in 2019 that it had installed more than 1,000 security check devices in Europe for customs, civil aviation, ports and government organizations.

In November 2020, Norwegian Customs put out a call to buy a new cargo scanner for the Svinesund checkpoint, a complex of squat, grey buildings at the Swedish border. An American rival and two other companies complained that the terms as written gave Nuctech a leg up.

The specifications were rewritten, but Nuctech won the deal anyway. The Chinese company beat its rivals on both price and quality, said Jostein Engen, the customs agency’s director of procurement, and none of Norway’s government ministries raised red flags that would have disqualified Nuctech.

“We in Norwegian Customs must treat Nuctech like everybody else in our competition,” Engen said. “We can’t do anything else following EU rules on public tenders.”

Four of five NATO member states that border Russia — Estonia, Latvia, Lithuania, Poland — have purchased Nuctech equipment for their border crossings with Russia. So has Finland.

Europe’s two largest ports — Rotterdam and Antwerp, which together handled more than a third of goods, by weight, entering and leaving the EU’s main ports in 2020 — use Nuctech devices, according to parliamentary testimony.

Other key states at the edges of the EU, including the U.K., Turkey, Ukraine, Albania, Belarus and Serbia have also purchased Nuctech scanners, some of which were donated or financed with low-interest loans from Chinese state banks, according to public procurement documents and government announcements.

Airports in London, Amsterdam, Brussels, Athens, Florence, Pisa, Venice, Zurich, Geneva and more than a dozen across Spain have all signed deals for Nuctech equipment, procurement and government documents, and corporate announcements show.

Nuctech says it provided security equipment for the Olympics in Brazil in 2016, then President Donald Trump’s visit to China in 2017 and the World Economic Forum in 2020. It has also provided equipment to some U.N. organizations, procurement records show.

Rising concerns

As Nuctech’s market share has grown, so too has skepticism about the company.

Canadian authorities dropped a standing offer from Nuctech to provide X-ray scanning equipment at more than 170 Canadian diplomatic missions around the world after a government assessment found an “elevated threat” of espionage.

Lithuania, which is involved in a diplomatic feud with China over Taiwan, blocked Nuctech from providing airport scanners earlier this year after a national security review found that it wasn’t possible for the equipment to operate in isolation and there was a risk information could leak back to China, according to Margiris Abukevicius, vice minister for international cooperation and cybersecurity at Lithuania’s Ministry of National Defense.

Then, in August, Lithuania approved a deal for a Nuctech scanner on its border with Belarus. There were only two bidders, Nuctech and a Russian company — both of which presented national security concerns — and there wasn’t time to reissue the tender, two Lithuanian officials told AP.

“It’s just an ad hoc decision choosing between bad and worse options,” Abukevicius said. He added that the government is developing a road map to replace all Nuctech scanners currently in use in Lithuania as well as a legal framework to ban purchases of untrusted equipment by government institutions and in critical sectors.

Human rights concerns are also generating headwinds for Nuctech. The company does business with police and other authorities in Western China’s Xinjiang region, where Beijing stands accused of genocide for mass incarceration and abuse of minority Uyghur Muslims.

Despite pressure from U.S. and European policymakers on companies to stop doing business in Xinjiang, European governments have continued to award tens of millions of dollars in contracts — sometimes backed by European Union funds — to Nuctech.

Nuctech says on its Chinese website that China’s western regions, including Xinjiang, are “are important business areas” for the company. It has signed multiple contracts to provide X-ray equipment to Xinjiang’s Department of Transportation and Public Security Department.

It has provided license plate recognition devices for a police checkpoint in Xinjiang, Chinese government records show, and an integrated security system for the subway in Urumqi, the region’s capital city. It regularly showcases its security equipment at trade fairs in Xinjiang.

“Companies like Nuctech directly enable Xinjiang’s high-tech police state and its intrusive ways of suppressing ethnic minorities. This should be taken into account when Western governments and corporations interface with Nuctech,” said Adrian Zenz, a researcher who has documented abuses in Xinjiang and compiled evidence of the company’s activities in the region.

Nuctech’s Bos said he can understand those views, but that the company tries to steer clear of politics. “Our daily goal is to have equipment to secure the world more and better,” he said. “We don’t interfere with politics.”

Complex web of ownership

Nuctech opened a factory in Poland in 2018 with the tagline “Designed in China and manufactured in Europe.” But ultimate responsibility for the company lies far from Warsaw, with the state-owned Assets Supervision and Administration Commission of the State Council in Beijing, China’s top governing body.

Nuctech’s ownership structure is so complex that it can be difficult for outsiders to understand the true lines of influence and accountability.

Scott Kennedy, a Chinese economic policy expert at the Center for Strategic and International Studies in Washington, said that the ambiguous boundaries between the Communist Party, state companies and financial institutions in China — which have only grown murkier under China’s leader, Xi Jinping — can make it difficult to grasp how companies like Nuctech are structured and operate.

“Consider if the roles were reversed. If the Chinese were acquiring this equipment for their airports they’d want a whole variety of assurances,” Kennedy said. “China has launched a high-tech self-sufficiency drive because they don’t feel safe with foreign technology in their supply chain.”

What is clear is that Nuctech, from its very origins, has been tied to Chinese government, academic and military interests.

Nuctech was founded as an offshoot of Tsinghua University, an elite public research university in Beijing. It grew with backing from the Chinese government and for years was run by the son of China’s former leader, Hu Jintao.

Datenna, a Dutch economic intelligence company focused on China, mapped the ownership structure of Nuctech and found a dozen major entities across four layers of shareholding, including four state-owned enterprises and three government entities.

Today the majority shareholder in Nuctech is Tongfang Co., which has a 71% stake. The largest shareholder in Tongfang, in turn, is the investment arm of the China National Nuclear Corp. (CNNC), a state-run energy and defense conglomerate controlled by China’s State Council. The U.S. Defense Department classifies CNNC as a Chinese military company because it shares advanced technologies and expertise with the People’s Liberation Army.

Xi has further blurred the lines between China’s civilian and military activities and deepened the power of the ruling Communist Party within private enterprises. One way: the creation of dozens of government-backed financing vehicles designed to speed the development of technologies that have both military and commercial applications.

In fact, one of those vehicles, the National Military-Civil Fusion Industry Investment Fund, announced in June 2020 that it wanted to take a 4.4% stake in Nuctech’s majority shareholder, along with the right to appoint a director to the Tongfang board. It never happened — “changes in the market environment,” Tongfeng explained in a Chinese stock exchange filing.

But there are other links between Nuctech’s ownership structure and the fusion fund.

CNNC, which has a 21% interest in Nuctech, holds a stake of more than 7% in the fund, according to Qichacha, a Chinese corporate information platform. They also share personnel: Chen Shutang, a member of CNNC’s Party Leadership Group and the company’s chief accountant serves as a director of the fund, records show.

“The question here is whether or not we want to allow Nuctech, which is controlled by the Chinese state and linked to the Chinese military, to be involved in crucial parts of our border security and infrastructure,” said Jaap van Etten, a former Dutch diplomat and CEO of Datenna.

Nuctech maintains that its operations are shaped by market forces, not politics, and says CNNC doesn’t control its corporate management or decision-making.

“We are a normal commercial operator here in Europe which has to obey the laws,” said Nuctech’s Bos. “We work here with local staff members, we pay tax, contribute to the social community and have local suppliers.”

But experts say these touchpoints are further evidence of the government and military interests encircling the company and show its strategic interest to Beijing.

“Under Xi Jinping, the national security elements of the state are being fused with the technological and innovation dimensions of the state,” said Tai Ming Cheung, a professor at UC San Diego’s School of Global Policy and Strategy.

“Military-civil fusion is one of the key battlegrounds between the U.S. and China. The Europeans will have to figure out where they stand.” 

 

 

Explainer: How Sweeping EU Rules Would Curb Tech Companies

Online companies would have to ramp up efforts to keep harmful content off their platforms and take other steps to protect users under rules that European Union lawmakers are set to vote on Thursday.

The 27-nation bloc has gained a reputation as a trendsetter in the growing global push to rein in big tech companies as they face withering criticism over misinformation, hate speech and other harmful content on their platforms.

Here’s a look at the proposed EU rules, known as the Digital Services Act, and why they would make an impact:

WHAT IS THE DIGITAL SERVICES ACT?

The legislation is part of a sweeping overhaul of the European Union’s digital rules aimed at ensuring online companies, including tech giants like Google and Facebook parent Meta, protect users on their platforms and treat rivals fairly. It’s an update of the EU’s two-decade-old e-commerce directive.

“The Digital Services Act could now become the new gold standard for digital regulation, not just in Europe but around the world,” the lead EU lawmaker on the bill, Christel Schaldemose, said during a debate Wednesday. “Big tech nations like the U.S. or China are watching closely to see what we’re now going to agree.”

The proposals are one-half of flagship digital regulations drafted by the bloc. EU lawmakers are also working on a separate proposal, the Digital Markets Act, which is aimed at reining in the power of the biggest online “gatekeepers.” Both still face further negotiations with EU bodies before taking effect.

WHAT WILL IT COVER?

The Digital Services Act includes a raft of measures aimed at better protecting internet users and their “fundamental rights online.” Tech companies will be held more responsible for content on their platforms, with requirements to beef up flagging and removal of illegal content like hate speech or dodgy goods and services sold online like counterfeit sneakers or unsafe toys.

But lawmakers have been battling about the details of such takedowns, including whether court orders would be required.

Online platforms will have to be more transparent about their algorithms that recommend the next video to watch, product to buy or news item at the top of people’s social media feeds. So-called recommender systems have been criticized for leading people to more increasingly extreme or polarizing content.

Some amendments to the legislation proposed giving users the option of turning recommendations off or using third-party systems.

There are also measures to ban platforms from using “dark patterns” — deceptive techniques to nudge users into doing things they didn’t intend to — as well as requiring porn sites to register the identities of users uploading material.

ARE THERE ANY CONTROVERSIAL POINTS?

One of the legislation’s biggest battles is over surveillance-based advertising, also known as targeted or behavioral advertising. Such ads would be banned for children, but digital and consumer rights groups say the proposals don’t go far enough and have called for prohibiting them outright. That idea has faced fierce resistance from the digital ad industry dominated by Google and Meta.

Surveillance ads track online behavior, such as the websites visited or products bought online by a user, to serve them more digital ads based on those interests.

Groups such as Amnesty International say ad tracking undermines the rights that the legislation is supposed to protect, because it involves a massive invasion of privacy and indiscriminate data harvesting as part of a system that manipulates users and encourages ad fraud.

WHAT HAPPENS TO OFFENDERS?

The EU’s single market commissioner, Thierry Breton, took to Twitter on Wednesday to portray the proposed rules as the start of a new era for tough online enforcement.

“It’s time to put some order in the digital ‘Wild West,'” he said. “A new sheriff is in town — and it goes by the name #DSA,” he said, posting a mashup of video clips from a Clint Eastwood spaghetti Western film.

Under the Digital Services Act, violations could be punished with hefty fines of up to 6% of a company’s annual revenue. Some amendments have pushed for raising that amount.