State joins 702 fray

May 30, 2023

— With help from Lara Seligman and Maggie Miller

Driving the Day

— The State Department’s top intelligence official is set to deliver a rare speech in defense of a controversial foreign spying law. It’s meant to sell lawmakers on the soon-to-expire program — but it could expose how much work the White House has left to do in Congress.

HAPPY TUESDAY, and welcome to Morning Cybersecurity! I won’t spoil “Succession” for you, but I will say this: I never anticipated that my CFIUS knowledge would enhance my pop-culture acumen. Thank you, TikTok!

Got tips, feedback or other commentary? Send them to John at jsakellariadis@politico.com. You can also follow @POLITICOPro and @MorningCybersec on Twitter. Full team contact info is below.

GET READY FOR GLOBAL TECH DAY: Join POLITICO Live as we launch our first Global Tech Day alongside London Tech Week on Thursday, June 15. Register now for continuing updates and to be a part of this momentous and program-packed day! From the blockchain, to AI, and autonomous vehicles, technology is changing how power is exercised around the world, so who will write the rules? REGISTER HERE.

Want to receive this newsletter every weekday? Subscribe to POLITICO Pro. You’ll also receive daily policy news and other intelligence you need to act on the day’s biggest stories.

Today's Agenda

NATO’s four-day International Conference on Cyber Conflict, CyCon, kicks off with a Workshop Day in Tallinn, Estonia, at NATO’s Cooperative Cyber Defence Centre of Excellence. 2 a.m.

Brett Holmgren, the State Department’s assistant secretary for intelligence and research, will deliver remarks at a Center for Strategic and International Studies event on the importance of Section 702 to U.S. diplomacy and foreign policy. 2 p.m.

Surveillance

CALLING IN A RINGER — On the heels of embarrassing new reports documenting how FBI officials improperly searched a foreign intelligence repository for information on Americans, the Biden administration surely recognizes that its odds of convincing Congress to re-up the spy program that gathered that data absent major reform are increasingly slim.

Maybe that’s why it’s decided to call in some local experts in negotiation.

The State Department's assistant secretary for intelligence and research, Brett Holmgren, will deliver a speech this afternoon at the Center for Strategic and International Studies about how the law — Section 702 of the Foreign Intelligence Surveillance Act — strengthens U.S. diplomacy and foreign policy.

At a minimum, Holmgren’s appearance is a sign that the debate over the foreign spying program is intensifying ahead of its year-end sunset. The State Department does not have direct access to data collected under Section 702, and it played little public role in the two prior efforts to renew it.

But it could also offer a hint at how much distance there remains between the White House and Congress, where lawmakers are clamoring for stronger safeguards to ensure Americans’ data is not swept up or sifted through via the program.

Where Holmgren can land some punches — The Biden administration is trying to make the case that the law — which allows the government to access the digital communications of foreign nationals stored with U.S. tech giants — is as indispensable as ever, even though the threat it is often associated with, terrorism, has dissipated in recent years.

One possibility is that Holmgren, who acts as the principal intelligence adviser to the secretary of state, will make news by disclosing some powerful vignettes about how the law has aided Antony Blinken and other U.S. diplomats across the globe.

A spokesperson for State did not respond to a request for comment about the content of Holmgren’s speech. But in its bid to renew the program, the administration has already disclosed that the law helps thwart a wider range of threats than previously acknowledged, from cybercrime and fentanyl trafficking to international terrorism and IP theft.

Why he might not — It's not clear what Holmgren can say that will sway Congress’ mind about the need for reform, given that lawmakers' most significant concerns relate to the FBI's ability to sift through the database for information on Americans without first acquiring a warrant.

While the administration has argued that many of those searches are used to protect, not investigate, U.S. persons and that recently disclosed FBI privacy violations preceded the implementation of internal compliance tweaks, a vocal cohort of lawmakers are adamant about the need for new bureau safeguards.

“Democrats and Republicans don’t see eye to eye on many issues, however there is growing bipartisan consensus that we need to enact reforms to Section 702 and FISA as a whole,” Rep. Zoe Lofgren (D-Calif.) told MC in a statement. Lofgren cited a warrant requirement for the FBI as one of two “minimum” reforms she wants to see before renewal.

“Pretending that Congress has to accept ongoing violations of Americans’ privacy as a condition of protecting our national security is a false choice,” Keith Chu, chief communications adviser for Sen. Ron Wyden (D-Ore.), told MC. Wyden, a longtime privacy advocate, has spearheaded prior bills to introduce a warrant requirement for searches of Americans’ info within 702 databases.

One thing to watch — The extent to which Holmgren addresses — or dances around — the possibilities of reform.

Thus far, the administration has drawn a fuzzy line in the sand, expressing openness to new privacy safeguards so long as they don’t undermine the effectiveness of the program.

Is warrant requirement for domestic law enforcement a deal-breaker? And if so, is the administration willing to pony up other privacy protections — or will it just keep insisting all is good and well in the land of 702?

At the Agencies

TWO HATS: The National Security Agency and U.S. Cyber Command will continue to be led by the same four-star general for the foreseeable future, under a “dual-hat” arrangement that experts and insiders have debated since CyberCom was established in 2010, Lara Seligman and Maggie Miller report.

That’s according to a letter Defense Secretary Lloyd Austin, Director of National Intelligence Avril Haines and Joint Chiefs Chair Gen. Mark Milley sent to lawmakers, which was described to POLITICO by three people. The leaders' assessment is that it is in “the best interest of the nation” to have one person oversee both organizations, and that the downsides of separating them vastly outweigh any upsides, the sources said the letter states.

The move is in line with a report on the issue drafted late last year by a small group led by retired Gen. Joseph Dunford, the former chairman of the Joint Chiefs of Staff. The report, which was submitted to Austin and Haines, came out strongly in favor of maintaining the dual-hat arrangement.

The news comes to light as the person who currently holds both positions, Gen. Paul Nakasone, is slated to retire later this year. President Joe Biden named his replacement, deputy Cybercom chief Lt. Gen. Timothy Haugh, this week, as POLITICO first reported.

The International Scene

CYCON CONFERENCE — Approximately 600 government officials, security professionals and policy advocates from across NATO are descending on Tallinn, Estonia, this week to answer an important question: How many ideas about cybersecurity are turning out to be absolute hogwash?

Here’s a few things to watch over the next four days of the International Conference on Cyber Conflict, or CyCon, where alliance officials are investigating how prior “assumptions, conclusions, and forecasts” about digital conflict are holding up in light of the war in Ukraine, the rise of ransomware and the emergence of super scary chatbots.

Partner up — A common thread running through the conference is what more alliance members can do to help one another prevent and respond to cyberattacks.

Cyber commanders from all participating members will attend a mix of closed- and open-door sessions, including a public panel on Wednesday. The next day, Juhan Lepassaar, the executive director of ENISA, the EU’s cybersecurity agency, will speak on joint capacity building.

Finally, on Friday, deputy U.S. assistant secretary of defense for cyber policy, Mieke Eoyang, will headline a panel on how the military should help those who aren’t in uniform, and vice versa.

And lawyer up — A major theme of the conference is also the novel legal issues posed by border-straddling cyberattacks.

On Wednesday, U.S. and Norwegian officials headline a panel on the legality of cyberattacks against private sector space infrastructure. And on Thursday, Kurt Sanger, former deputy general counsel of U.S. Cyber Command, will lead a panel on whether foreigners contributing to Ukraine’s cyber defense might ever become lawful targets of Russian aggression.

On the front lines — Throughout the week, all eyes will, of course, be on Ukraine. And not just because it’s on the verge of launching a much-anticipated counterattack.

On Friday, Illia Vitiuk, head of the Department of Cyber and Information Security within Ukraine’s Security Service, will deliver a keynote on the first year of the war.

Tweet of the Weekend

Hoping MC readers had a nice Memorial Day:

Quick Bytes

— Following U.S. blacklisting, Israeli spyware maker NSO Group has a new owner. (The Wall Street Journal)

— Germany’s spy chief warns of anti-government extremism fueled by Russia and other authoritarian states. (AP News)

— Sen. Ron Wyden wants the International Trade Administration to open up about whether it’s helping U.S. firms sell surveillance tools abroad. (Mother Jones)

— Israeli spyware maker Paragon has found a recipe to avoid NSO Group’s fate: cozy up to the U.S. (Financial Times)

Chat soon.

Stay in touch with the whole team: John Sakellariadis (jsakellariadis@politico.com); Maggie Miller (mmiller@politico.com); and Heidi Vogt (hvogt@politico.com).

DON’T MISS POLITICO’S HEALTH CARE SUMMIT: The Covid-19 pandemic helped spur innovation in health care, from the wide adoption of telemedicine, health apps and online pharmacies to mRNA vaccines. But what will the next health care innovations look like? Join POLITICO on Wednesday June 7 for our Health Care Summit to explore how tech and innovation are transforming care and the challenges ahead for access and delivery in the United States. REGISTER NOW.