At a glance.
- Google concurs: tech companies should make security a priority.
- India’s efforts to control the web.
- The US attempts to burst Beijing’s bubble.
Google concurs: tech companies should make security a priority.
Earlier this month Jen Easterly and Eric Goldstein, Director and Executive Assistant Director of the US Cybersecurity and Infrastructure Security Agency (CISA), told Foreign Affairs that manufacturers need to take more responsibility for ensuring that the tech products they produce are secure. In a recent Google blog post, the tech giant says it sees eye to eye with the agency. The writer states that “secure by default” and “secure by design” should be the baseline, and notes that Google has already worked to build security features like SafeBrowsing into its consumer products. Despite some companies claiming that security features complicate the user experience, Google has integrated 2-Step Verification as a default since 2021 by making it a seamless auto-enrollment process. The post also discusses the importance of upstream software development and collaboration between the private and public sectors in order to prevent security incidents, not just respond to them.
India’s efforts to control the web.
Wired takes a look at the Indian government’s attempts to determine what content is allowed on the internet, and more importantly, what is not. The origins of this tug-of-war can be traced back to early 2021, when Indian farmers protesting agricultural farm reforms took to social media to spread their message and garner support. The Indian government issued legal notices asking Twitter to take down posts about the protests, claiming they were spreading misinformation. Shortly thereafter Indian officials released the new Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, many of which were viewed by social media companies as impractical and nearly impossible to follow. One rule, dubbed a “hostage-taking” law, required social media companies to appoint three Indian residents as full-time executives. Platforms were told they had three months to comply or risk losing intermediary status, and when Twitter missed the deadline, it was hit with at least two lawsuits for content posted on the platform. Meta-owned messaging platform WhatsApp sued the Indian government to challenge one of the new rules that gave authorities the power to demand the identity of the originator of any message, a direct conflict with WhatsApp’s end-to-end encryption. Another rule asks social media platforms to take down certain “contentious” content within seventy-two hours of reporting, allowing Indian officials to mass report content it deems unacceptable in order to have it removed. Indian lawmakers are expected to release a draft of the Digital India Act in the next few months, and insiders say it will be New Delhi’s attempt to give officials the final say on what content is allowed online. While Indian officials say the rules are necessary for national security and to drive growth in the Indian technology sector, privacy experts say they’ve gone too far. Prateek Waghre, policy director at Internet Freedom Foundation, states, “These are two things that sort of play together—elements of growth and national security. But a side effect or consequence of this, or what you’re also seeing in subsequent drafts in the rules that are being notified, is also an increase in centralization of authority.”
The US attempts to burst Beijing’s bubble.
The Chinese spy balloon scandal has been all over the news, and Security Week reports that on Friday the US responded by blacklisting six Chinese entities connected to Beijing’s aerospace programs. The goal of the sanctions is to make it more difficult for the groups – which include Beijing Nanjiang Aerospace Technology Co., China Electronics Technology Group Corporation 48th Research Institute, and Dongguan Lingkong Remote Sensing Technology Co. – to acquire American technology exports. While US officials claim the balloon, which was shot down last weekend, was designed to track US intelligence signals, China alleges it’s simply a weather monitoring device that got a little lost. According to the U.S. Bureau of Industry and Security, the six entities were selected for “their support to China’s military modernization efforts, specifically the People’s Liberation Army’s (PLA) aerospace programs including airships and balloons.”
