In this week’s edition, the war in Ukraine slows down iron and steel production, Iran and the US consider a final nuclear deal, the FCC denies Starlink a subsidy, the EU opens an embassy in Silicon Valley, and Russian propaganda is spreading among non-english speaking users. Additionally, APIs may be a new vector for cyber attacks, a former Twitter employee spied for Saudi Arabia, and tech policy needs a “regulatory sandbox.”
Industrial Policy & International Security
Russia’s war in Ukraine pushes Ukrainian steel production to the brink | NPR
After agriculture, iron and steel production is Ukraine’s second leading industry. But industrial centers in central and eastern Ukraine are suffering setbacks due to the war. Russian blockades of Black Sea and Azov Sea ports have halted metalworks exports. Zaphorishtal iron and steel works is operating at less than half of its capacity and dialed back blast furnaces to low idle as the city expected an attack by Russian forces. The plant is owned by Metinvest Group, which states that they have enough raw materials to continue operations but are struggling to bring their products to market. Metinvest has already lost some mills to Russian attacks and had to begin laying off workers in June. The company is committed to operating only in areas under Ukrainian control and is exploring options to sue the Russian government for damages as insurance does not cover wartime risks.
U.S. and Iran weighing ‘final’ E.U. offer on nuclear deal | The New York Times
The European Union offered a “final” proposal to the United States and Iran with the intent to conclude ongoing negotiations to return to the 2015 Iran nuclear deal. If no deal is reached, it is unclear whether talks will continue. While US officials are skeptical that Iran will agree to roll back its nuclear program, it has abandoned contentious demands to remove the Islamic Revolutionary Guards Corps from the US list of foreign terrorist organizations and to guarantee that future US presidents will not withdraw from a deal. However, a new request that the International Atomic Energy Agency close ongoing investigations into man-made uranium at Iranian research sites could indicate that Iran is not ready to conclude negotiations.
US Regulation
A Road Map for Tech Policy Experimentation | Lawfare
Matt Perault, director of the Center on Technology Policy at the University of North Carolina at Chapel Hill, and Andrew Keane Woods, Professor of Law at the University of Arizona College of Law, make the case for experimentation in tech policy. They argue that more data about the real-world impact of policies could help lower the stakes for regulatory debates that have become increasingly politicized and polarized. Perault and Woods suggest that companies could be incentivized to share data if policymakers limit liability during experimentation phases or create “regulatory sandboxes” that allow companies to test new products or ideas in controlled environments. A more iterative approach to tech policy would allow the United States to update its aging regulatory frameworks and keep better pace with innovation.
FCC denies Starlink’s application for $885M subsidy | TechCrunch
In 2020, Starlink was among a group of initial companies tentatively awarded funds from the Rural Digital Opportunity Fund, which subsidizes companies that commit to delivering broadband services in rural America. After deeper evaluation, the FCC recently denied Starlink’s $885 million bid. While the FCC favorably assessed Starlink technology in a press release on the decision, its maturity in combination with current prices for hardware and service estimates through the next decade dissuaded the FCC from subsidizing Starlink. LTD Broadband was also denied funding because it failed to demonstrate enough progress in expanding its carrier status. Despite these rejections, $5 billion (more than half) of the Rural Digital Opportunity Fund’s capital has been delivered to US broadband providers.
Innovation
One of 5G’s biggest features is a security minefield | WIRED
While 5G devices may be able to connect to the internet in places where Wi-Fi isn’t readily available, the application programming interfaces (APIs) set up by carriers to manage data possess many security vulnerabilities. Altaf Shaik and Shinjo Park, researchers from the Technical University of Berlin, examined the internet-of-things APIs offered by ten mobile carriers and discovered vulnerabilities that could allow malicious actors to access data or devices on the network. Shaik and Park disclosed their findings to the carriers, which are addressing the vulnerabilities, and presented their work at the Black Hat security conference in Las Vegas this week. This is a first step toward rethinking standards and security for new 5G telecommunications ecosystems.
Cyber
Tech, Cyber Companies Launch Security Standard to Monitor Hacking Attempts | The Wall Street Journal
On Wednesday, a group of tech and cybersecurity companies announced the Open Cybersecurity Schema Framework (OCSF) at the Black Hat USA conference in Las Vegas. OCSF is a joint effort between Amazon’s AWS, IBM, Splunk, Inc., and fifteen other companies to address interoperability challenges between security products. Standards and documentation will be made available on GitHub. As adoption of OCSF standards grows among providers, security teams will be able to aggregate alerts across monitoring systems more quickly. Not only will this help companies recognize attacks earlier, but also it will allow them to share information faster. Providers working on the initial program expect it to be implemented in the coming months.
Former Twitter employee convicted of spying for Saudi Arabia | LA Times
Former Twitter employee Ahmad Abouammo was recently convicted of spying on behalf of Saudi Arabia. Prosecutors accused Abouammo of giving the real names of anonymous dissident Twitter accounts to Bader Asakar, a top aide to de-facto Saudi ruler Mohammed Bin Salman, in exchange for bribes. Alleged co-conspirator Ali Alzabarah, another Twitter employee, fled to Saudi Arabia despite being under surveillance. Abouammo faces 10-20 years in prison after being found guilty of acting as an agent for Saudi Arabia, money laundering, conspiracy to commit wire fraud, and falsifying records.
State & Local Tech Ecosystems
The European Union opens a Silicon Valley ‘embassy’ | Politico
Since the passage of the General Data Protection Regulation (GDPR), the European Union has become the world’s leading tech regulator. While enforcement of the GDPR was left up to member states, the EU’s newest regulations, the Digital Services Act and Digital Markets Act, will be centrally enforced by the European Commission. In September, Gerard de Graaf–who currently leads the Digital Economy and Coordination directorate at the Commission–will take the helm at a new Silicon Valley office tasked with representing European rules and interests to American tech firms. This puts de Graaf in both a diplomatic and enforcement role in the Valley. He will have to balance regulatory conversations alongside European Commission interests in growing semiconductor production, digital IDs and public services, and widespread deployment of gigabit-speed internet connections.
Democracy Online
How Russia Propaganda Is Reaching Beyond English Speakers | The New York Times
Social media companies’ efforts to limit Russian propaganda have been focused on the West, allowing the Kremlin to take advantage of geographic and language-based gaps to wage an information war over Ukraine. Russian state media outlets, such as Russia Today and Sputnik, continue to push Spanish and Arabic content to social media users in Latin America and the Middle East. While it is unclear if this has increased support for Putin, propaganda is reaching millions of people in countries that may view Russia’s invasion of Ukraine in less black and white terms or are home to movements critical of the West. Analysts point out that international social media operations often have fewer resources and US lawmakers are urging them to do more to limit Russia’s posts in non-English languages.