Never fear, the White House is here to tackle web trolls

'No one should have to endure abuse just because they are attempting to participate in society'

A US task force aims to prevent online harassment and abuse, with a specific focus on protecting women, girls and LGBTQI+ individuals.

In the next 180 days, the White House Task Force to Address Online Harassment and Abuse will, among other things, draft a blueprint on a "whole-of-government approach" to stopping "technology-facilitated, gender-based violence." 

A year after submitting the blueprint, the group will provide additional recommendations that federal and state agencies, service providers, technology companies, schools and other organisations should take to prevent online harassment, which VP Kamala Harris noted often spills over into physical violence, including self-harm and suicide for victims of cyberstalking as well mass shootings.

"The white supremacist who murdered 10 Black people in Buffalo, New York, was first radicalized, by all accounts, online," Harris said, in prepared remarks to inaugurate the task force.

"And after the massacre of 19 children — 19 babies — and two teachers in Uvalde, it was revealed that the shooter had threatened to kidnap, rape, and kill teenage girls on Instagram," she added.

The White House Gender Policy Council and National Security Council will co-chair the task force, and other members include Secretary of State Antony Blinken, Secretary of Defense Lloyd Austin III, Attorney General Merrick Garland, Homeland Security Secretary Alejandro Mayorkas and other Cabinet members and agency heads.

In addition to the task force, the White House also announced $3 million to fund initiatives that use technology to increase access to victims' services and assist service providers in preventing online abuse.

One in three women in the US under the age of 35 have reported being sexually harassed online, and more than half of LGBTQI people say they've been the target of severe online abuse, according to the federal government. 

Additionally, almost one in four Asian Americans have been called an offensive name online, and Black people are three times more likely to be targets for online abuse because of their race, Harris said.

"No one should have to endure abuse just because they are attempting to participate in society," she added.

The task force follows a couple of proposed federal data privacy bills moving through the US Senate. 

Abuse of personal data is still abuse

Earlier this week, lawmakers held a hearing on the bipartisan American Data Privacy and Protection Act, which is the broader of the two. It covers consumer awareness, transparency requirements, individual rights and control over stored data, consent and opt-out rights, data protections for children and minors, third-party data collector obligations, algorithmic transparency requirements, data security requirements, the extent of corporate responsibility, and how enforcement will be handled. 

Also this week, a group of Democratic Senators introduced a bill that would ban the sale of health and location data in response to the Supreme Court's draft proposal to overturn Roe v. Wade. 

Harris, in her task force remarks, noted how criminalizing abortion would impact women's privacy and connected the dots between overturning Roe and online harassment and stalking.

"In states where abortion is criminalized, an abuser could purchase a woman's location history through a data broker," Harris said, adding that an abuser could then turn this information over to law enforcement in states where abortion is illegal.

"So let us be clear: No one should be afraid that an abuser will use their private personal data — or that a person's private personal data will be used against them," Harris continued.  "And all people deserve to use the Internet free from fear." ®

Other stories you might like

  • Google: How we tackled this iPhone, Android spyware
    Watching people's every move and collecting their info – not on our watch, says web ads giant

    Spyware developed by Italian firm RCS Labs was used to target cellphones in Italy and Kazakhstan — in some cases with an assist from the victims' cellular network providers, according to Google's Threat Analysis Group (TAG).

    RCS Labs customers include law-enforcement agencies worldwide, according to the vendor's website. It's one of more than 30 outfits Google researchers are tracking that sell exploits or surveillance capabilities to government-backed groups. And we're told this particular spyware runs on both iOS and Android phones.

    We understand this particular campaign of espionage involving RCS's spyware was documented last week by Lookout, which dubbed the toolkit "Hermit." We're told it is potentially capable of spying on the victims' chat apps, camera and microphone, contacts book and calendars, browser, and clipboard, and beam that info back to base. It's said that Italian authorities have used this tool in tackling corruption cases, and the Kazakh government has had its hands on it, too.

    Continue reading
  • OpenSea phishing threat after rogue insider leaks customer email addresses
    Worse, imagine someone finding out you bought one of its NFTs

    The choppy waters continue at OpenSea, whose security boss this week disclosed the NFT marketplace suffered an insider attack that could lead to hundreds of thousands of people fending off phishing attempts.

    An employee of OpenSea's email delivery vendor "misused" their access to download and share OpenSea users' and newsletter subscribers' email addresses "with an unauthorized external party," Head of Security Cory Hardman warned on Wednesday. 

    "If you have shared your email with OpenSea in the past, you should assume you were impacted," Hardman continued. 

    Continue reading
  • India extends deadline for compliance with infosec logging rules by 90 days
    Helpfully announced extension on deadline day

    Updated India's Ministry of Electronics and Information Technology (MeitY) and the local Computer Emergency Response Team (CERT-In) have extended the deadline for compliance with the Cyber Security Directions introduced on April 28, which were due to take effect yesterday.

    The Directions require verbose logging of users' activities on VPNs and clouds, reporting of infosec incidents within six hours of detection - even for trivial things like unusual port scanning - exclusive use of Indian network time protocol servers, and many other burdensome requirements. The Directions were purported to improve the security of local organisations, and to give CERT-In information it could use to assess threats to India. Yet the Directions allowed incident reports to be sent by fax – good ol' fax – to CERT-In, which offered no evidence it operates or would build infrastructure capable of ingesting or analyzing the millions of incident reports it would be sent by compliant organizations.

    The Directions were roundly criticized by tech lobby groups that pointed out requirements such as compelling clouds to store logs of customers' activities was futile, since clouds don't log what goes on inside resources rented by their customers. VPN providers quit India and moved their servers offshore, citing the impossibility of storing user logs when their entire business model rests on not logging user activities. VPN operators going offshore means India's government is therefore less able to influence such outfits.

    Continue reading
  • NSO claims 'more than 5' EU states use Pegasus spyware
    And it's like, what ... 12, 13,000 total targets a year max, exec says

    NSO Group told European lawmakers this week that "under 50" customers use its notorious Pegasus spyware, though these customers include "more than five" European Union member states.

    The surveillance-ware maker's General Counsel Chaim Gelfand refused to answer specific questions about the company's customers during a European Parliament committee meeting on Thursday. 

    Instead, he frequently repeated the company line that NSO exclusively sells its spyware to government agencies — not private companies or individuals — and only "for the purpose of preventing and investigating terrorism and other serious crimes."

    Continue reading

Biting the hand that feeds IT © 1998–2022