nextgov

Hundreds of documents obtained by CityLab from the country’s top fifty largest police departments over the last ten months reveal that cellphone surveillance devices have been quietly acquired by local authorities nationwide. The majority of these departments have at least one of two main types of digital-age spy tools: cellphone interception devices, used to covertly track or grab data from nearby mobile devices, and cellphone extraction devices, used to crack open locked phones that are in police possession and scoop out all sorts of private communications and content.

Access to such devices was once largely limited to intelligence agencies like the NSA and the FBI; their acquisition by local police departments is a relatively recent, less-discussed part of a wider police militarization trend. With only a few clicks, police can now map out individuals’ social networks, communication timelines, and associates’ locations, based on the data captured by these surveillance tools.

[Commentary] Cellphone technology is amazing, but it has its limitations. While the Women’s March on Washington brought up vitally important issues, it also incidentally demonstrated the need for FirstNet to be a success. Our first responders need to be able to communicate, with each other and outside agencies, regardless of the conditions or the number of people also in the area, especially if those people need help. I can’t think of any other technology where its upgrading is so vitally needed, or which could have such a positive and immediate effect on our nation.

[John Breeden II is currently the CEO of the Tech Writers Bureau.]

Donald Trump will be sworn in as the nation’s 45th president Jan 20 with cybersecurity looming larger than it has for any of his predecessors—and with many unknowns about how he’ll tackle the issue. Here’s a rundown of what we know and what we don’t.

‘Review on hacking’: Trump has promised a “major review on hacking” within his first 90 days in office, declaring, “we have no defense” and “we’re run by people that don’t know what they’re doing.”
The Giuliani Factor: The day after that press conference, Trump announced former New York City Mayor and Trump campaign supporter Rudy Giuliani would advise him on cybersecurity and help convene a rotating panel of private-sector leaders to discuss the issue. It’s unclear, however, what role that private-sector group will play in the 90-day review.
Who’s on First?: It’s also unclear if Trump will seek to rejigger the current governmental structure for cyber responsibilities and cyber incident response.
An Energized Cabinet but Few Details: Trump’s cabinet nominees have pledged to make cybersecurity a priority if confirmed, though they’ve made no hard promises and none have extensive backgrounds in the field.
An Attentive Congress: Whatever moves Trump and the executive branch make on cybersecurity, it’s clear Congress will be paying close attention and the battle over Russian sanctions will only be the starting line.

President Donald Trump’s administration Jan 20 highlighted offensive cyber actions among its first digital messages to the American people. Updates to the White House website’s issues page, posted moments after President Trump’s inauguration, included developing “defensive and offensive” capabilities at US Cyber Command and engaging in “cyber warfare” to disrupt recruiting and propaganda by the Islamic State.

The Defense Department was wary of discussing its offensive cyber capabilities during the Obama administration, acknowledging for the first time it might go on cyber offense when directed by the president in a 2015 cyber strategy update. Former Defense Secretary Ash Carter acknowledged in 2016 the military was using cyber tools to combat ISIL. Trump pledged to surge U.S. cybersecurity during his campaign and after his election, though numerous questions remain about how precisely he’ll attack the issue. Trump has signaled he may shift some domestic cyber responsibilities from the Homeland Security Department to the Defense Department, a move that would likely require the consent of Congress.

Mikey Dickerson, the first administrator for the US Digital Service, will leave his post Jan 20, along with a slew of other political appointees as President-elect Trump is inaugurated. The leadership for USDS—President Barack Obama’s original tech team, with its 200 recruits—will now fall to director of engineering, Matt Cutts, who will step up to acting administrator on Inauguration Day.

Cutts broke the news on his blog Jan 18, and also elaborated on his decision to resign from Google—his last day at the tech giant was Dec 31—and instead take the reins at USDS. The impact of public service, Cutts said, tops a fatter paycheck in Silicon Valley. “The work that USDS does is critical to the American people, and I’m honored to continue that tradition,” he wrote. “Working for the government doesn’t pay as well as a big company in Silicon Valley. We don’t get any free lunches. Many days are incredibly frustrating. All I can tell you is that the work is deeply important and inspiring, and you have a chance to work on things that genuinely make people's lives better. A friend who started working in this space several years ago told me, ‘these last five years have been the hardest and worst and best and most rewarding I think I will ever have.’”

The Obama Administration made an unprecedented all-fronts effort to secure cyberspace. So, why are we less secure? For eight years, cyberspace proved the Obama Administration’s most unpredictable adversary, always twisting in new directions and delivering body blows where least expected. The administration took the cyber threat seriously from day one, launching reviews, promulgating policy, raising defenses and punishing cyberspace’s most dangerous actors. That included imposing sanctions against Russia and North Korea and indicting government-linked hackers from China and Iran.

But, in the end, cyberspace won. President Barack Obama will leave office this week following an election in which digital breaches ordered by Russian President Vladimir Putin helped undermine the losing candidate Hillary Clinton, sowed doubts about the winner Donald Trump’s legitimacy and damaged faith in the nation’s democratic institutions. If there is one fundamental reason for the Obama Administration’s inability to claim victory over cybersecurity, experts and former officials say it is this: The threat grew and mutated faster than the administration’s ability to deal with it.

President-elect Donald Trump's technology agenda is largely opaque, but at least one member of Congress has a message for his administration: ideas for cutting-edge technology often comes from the grassroots. “Innovation may have a national or even global impact but like politics, the process of innovation is inherently local,” Rep Ben Ray Lujan (D-NM) said during an Information Technology and Innovation Foundation event on Capitol Hill. The government needs to think of creative ways to “provide resources to the innovators ... across the country," he added. Rep Lujan advocated for establishing maker-spaces in public libraries, potentially outfitting them with small-scale manufacturing equipment such as 3-D printers, that are accessible to businesses, researchers and the nearby community. Because public libraries already exist across America, "including the rural parts, where we still don’t have bandwidth capacity," they could become hubs for technological development outside Silicon Valley, he said.

Attorney-general nominee Sen Jeff Sessions (R-AL) emphasized a need for cyber rules of engagement during the first day of his confirmation hearings. “Partnerships will also be vital to achieving more effective enforcement against cyber threats. The Department of Justice clearly has a lead role to play in that essential effort,” Sessions said in his opening statement. “We must honestly assess our vulnerabilities and have a clear plan for defense as well as offense when it comes to cybersecurity.”

[Commentary] As we transition to the Trump administration, some experts are forecasting an uncertain future for federal digital services. Spending projections on citizen engagement technologies appear flat at best, cyber concerns surround the launch of every new digital initiative, and early predictions indicate the new administration will likely pursue a buy vs. build approach.

Despite these challenges, the bottom line is that citizen service demands and expectations are on the rise. The average American will be about 38 years old midway through President-elect Donald Trump’s 4-year term, which means federal agencies will be delivering services to digital experts—people who have used the internet since middle school. Faxing forms might as well be a foreign language to these folks. So how can agencies transform how digital services are delivered and meet the rising and constantly changing expectations of citizens in this new climate?

[Angela Fultz Nordstrom is vice president of NIC Inc.]

Congress should pass legislation to ensure that phony cellphone towers police use to locate criminals and fugitives are used consistently across the country, according to a bipartisan congressional report released Dec 19. In the absence of those laws, the Justice and Homeland Security departments should refuse to approve the sale of those devices, known as “cell-site simulators” or “stingrays,” to state and local law enforcement unless they agree to abide by current federal rules, according to the staff report from the House Oversight and Government Reform Committee.

The report is the result of a year-long staff investigation into stingrays, which federal law enforcement agencies frequently used to track criminals without warrants and using a standard lower than probable cause prior to policy shifts in September and October 2015. Those lower standards are still used by many states and localities, according to the report, which determined “the use of cell-site simulators by state and local law enforcement agencies was not governed by any uniform standards or policies.”