The SCOTUS disinfo dilemma

Mar 18, 2024

— With help from Maggie Miller and Rebecca Kern

Driving the day

— A legal battle over alleged government overreach and the "censorship industrial complex" now threatens to kneecap the key federal agency tasked with protecting American election systems from crippling cyberattacks and foreign disinformation.

HAPPY MONDAY, and welcome to MORNING CYBERSECURITY! If you’re reading this, then just like me you’ve survived another party-filled St. Patrick’s Day weekend. My secret? Duck and weave whenever you see the color green.

Have any tips or secrets to share with MC? Or thoughts on what we should be covering? Find me on X at @JGedeon1 or email me at jgedeon@politico.com. You can also follow @POLITICOPro and @MorningCybersec on X. Full team contact info is below.

JOIN US ON 3/21 FOR A TALK ON FINANCIAL LITERACY: Americans from all communities should be able to save, build wealth, and escape generational poverty, but doing so requires financial literacy. How can government and industry ensure access to digital financial tools to help all Americans achieve this? Join POLITICO on March 21 as we explore how Congress, regulators, financial institutions and nonprofits are working to improve financial literacy education for all. REGISTER HERE.

Want to receive this newsletter every weekday? Subscribe to POLITICO Pro. You’ll also receive daily policy news and other intelligence you need to act on the day’s biggest stories.

Today's Agenda

Assistant general counsel in the U.S. Copyright Office Mark Gray is joining the Federal Communications Bar Association for a virtual chat on policy changes needed (or not needed) to address copyright and AI. Noon.

Election Security

SCOTUS CASE — The nation’s leading cybersecurity agency may find itself even more hamstrung in its efforts to combat foreign election interference online ahead of this year’s election as it’s caught in the crosshairs of a Supreme Court case being heard today.

At issue in Murthy v. Missouri is whether the executive branch went too far in leaning on social media giants like Meta and X to crack down on Covid-19 misinformation — a legal dispute with profound implications for how the government can collaborate with tech platforms to take on disinfo.

— The CISA problem: A federal district court issued a sweeping injunction barring officials from "coercing or significantly encouraging" the companies' content moderation decisions.

While that order has been narrowed, it's already for months disrupted a partnership between CISA — which is tasked with protecting U.S. infrastructure, including systems that underpin elections — and major online platforms to identify and respond to foreign disinformation.

“The NSA, CISA, ODNI, FBI literally have had no communication with any of the social media platforms on elections … since July,” Senate Intelligence Chair Mark Warner (D-Va.) said during the Trellix cybersecurity summit in February. “And that ought to scare the hell out of all of us.”

— Prepping for chaos: Election security experts say the lawsuit has effectively kneecapped a key part of the defenses against attackers looking to meddle and sow chaos around the 2024 presidential election.

The case "has had a massive impact on the field of election administration," Larry Norden, senior director of the Brennan Center's elections and government program, told Morning Cyber. He said the legal battle has sparked a wider "chilling effect" extending beyond just the federal government to also freeze out state election officials and researchers working to identify and counter online falsehoods.

Norden says election officials are relying on the Election Assistance Commission and CISA to do more to combat disinfo, with a wide majority wanting to disseminate more accurate voting information on social media.

And with AI tools making online propaganda campaigns cheaper and more widespread, they warn the wrong ruling from the Supreme Court could create an opening for Russia and others to exploit.

— Strength in the GOP: But the plaintiffs — led by the Republican AGs in Missouri and Louisiana — accuse CISA of constitutional overreach, claiming a coercive and systematic pressure campaign amounted to censorship-by-proxy. They're getting backup from congressional Republicans like Rep. Jim Jordan (R-Ohio), chair of the House Judiciary Subcommittee on Weaponization of the Federal Government.

Those allegations are part of the GOP's broader push to crack down on what they call the "censorship industrial complex" of government organizations working with tech companies and experts to combat online falsehoods.

Social media sites have also cut off access to data and curtailed their own election disinformation work, which is likely due to a fear of backlash from Republicans, including former President Donald Trump, the U.S. vice president of the Centre for Information Resilience, Nina Jankowicz, told Steven Overly on today’s POLITICO Tech podcast.

A ruling affirming the broad restrictions could leave federal agencies like CISA with their hands tied as Russia and other adversaries prepare potentially unprecedented disinfo campaigns for 2024.

"The only thing I would say is, if you look at the record, the communications from CISA and other agencies about elections were informative, not coercive," Norden said. "The question now is how much the justices stick to that precedent."

On the Hill

WHERE ART THOU, MONEY? — The clock is ticking for Congress to avert a partial government shutdown. With a funding deadline of this Friday, appropriators have yet to strike a final deal on a six-bill minibus package for remaining government funding — including defense and national security programs — for the rest of fiscal year 2024.

Over the weekend, hopes faded that House and Senate negotiators would unveil a compromise spending package before Monday. The hang-up, a person familiar with the talks tells us: Lawmakers are still working through the homeland security portion of the bill.

The homeland security measure is now expected to be a full-year funding bill rather than a stopgap patch. The bill text was being drafted overnight, with plans to roll out the complete minibus sometime Monday.

At the Agencies

VIEW FROM THE NSA — Rob Joyce, the departing director of the National Security Agency’s Cybersecurity Directorate, is keeping a close eye on Russia ahead of the U.S. elections this year, amid mounting concerns of foreign interference.

Joyce, who is set to retire from the position at the end of March, told Maggie and other reporters during a roundtable at NSA’s Fort Meade headquarters on Friday that the NSA sees evidence that Moscow “is very motivated to make sure that the focus on support to Ukraine is disrupted” as the conflict continues. The NSA cyber director said this was likely to inform any Russian interference in U.S. elections this year, warning that Moscow is “dangerous.”

He warned that “we’re going to see that steady build” of election interference efforts, and also warned of Chinese hacking efforts to burrow into U.S. critical infrastructure.

The director’s comments came days after the U.S. intelligence community released its annual Worldwide Threats Assessment, which this year concluded that the governments of Russia, China and Iran are all likely to attempt some form of interference in November’s elections.

— Cyber warfare: Joyce noted that Russian-linked cyberattacks in Ukraine have remained at a “steady state,” but stressed that the activity was still “significant.” In the Middle East, Joyce said the NSA is seeing efforts by Iranian government hackers to masquerade as hacktivists to target Israeli infrastructure.

And in the Red Sea, where Yemen’s Houthi rebels are looking to gain the upper hand, Joyce said there is evidence of “intelligence gathering” by nation states around “shipping entities” in the region.

— Into the future: Joyce is set to be succeeded by David Luber, the current deputy director of the NSA’s cybersecurity directorate. Luber briefly appeared at the same event on Friday, and said his three top priorities were the recruitment and retention of the workforce, technology innovation and strengthening NSA partnerships.

As for what comes next for Joyce? The departing director told reporters he’s going to “sleep more,” but teased that he will “be in the cybersecurity community.” So basically, stay tuned.

CLASSIFIED SPY SATS — Elon Musk's SpaceX is building a network of hundreds of spy satellites for the National Reconnaissance Office, a U.S. intelligence agency, under a classified $1.8 billion contract signed in 2021, Reuters has learned from five sources familiar with the program.

The spy satellite network, known as Starshield, looks to significantly advance the U.S. government's ability to quickly detect potential targets almost anywhere on the globe and represents deepening ties between SpaceX and national security agencies.

The program is also intended to help the U.S. government with remote-sensing capabilities that are more resilient to attacks from adversaries with advanced space weapons.

— What’s the deal: The Starshield program aims to develop a powerful new spy system with hundreds of Earth-imaging satellites operating as a "swarm" in low orbits. If successful, it would enable continuous imagery of activities on the ground nearly anywhere, aiding intelligence and military operations.

Here’s what’s been reported so far:

Roughly a dozen prototypes have already been launched since 2020 on SpaceX’s Falcon 9 rockets.
The network is separate from SpaceX’s Starlink broadband internet constellation.
Starshield is part of intensifying competition with adversarial tech rivals like China to dominate military power in space.

— Between the lines: The classified contract, first reported by The Wall Street Journal in February without disclosing details, signals growing trust in SpaceX by the intelligence community despite tensions over Musk’s control of Starlink in Ukraine.

It also shows the Pentagon’s investment in vast, low-Earth orbiting satellite systems aimed at supporting ground forces — a move away from bigger and more expensive spacecraft.

As one source told Reuters: "No one can hide" from the system's potential reach.

— What’s next: The timing for when the full Starshield network would come online remains unclear, as does the involvement of other companies beyond SpaceX in the ambitious program.

See also: Why Taiwan is building a satellite network without Elon Musk (The New York Times)

DON’T MISS AN IMPORTANT TALK ON ACCESS TO AFFORDABLE PRESCRIPTION DRUGS IN CA: Join POLITICO on March 19 to dive into the challenges of affordable prescription drugs accessibility across the state. While Washington continues to debate legislative action, POLITICO will explore the challenges unique to California, along with the potential pitfalls and solutions the CA Legislature must examine to address prescription drug affordability for its constituents. REGISTER HERE.

Tweet of the Day

It was a tight win this time around for President Vladimir Putin.

Source: https://twitter.com/DAlperovitch/status/1769442177594110010

Quick Bytes

LISTEN HERE — LockBit’s supposed leader joined the Click Here podcast to say the group vows to hack on. Get in on the full conversation with The Record’s Dina Temple-Raston, Sean Powers and Jade Abdul-Malik.

USE AT YOUR OWN RISK — Airline Wi-Fi offers convenience for work or entertainment, but security is similar to unsecured public Wi-Fi. Hackers can steal information or infect devices if you don't use a VPN, which might not work reliably on airplanes, writes Heidi Mitchell in The Wall Street Journal.

MISINFORMATION WINNING — Following the Capitol Hill riot, efforts arose in Washington to combat misinformation that fueled the attack, with social media platforms suspending President Donald Trump and his allies. However, they led a successful counteroffensive, reshaping bipartisan initiatives as censorship and paving the way for Trump's resurgence, write Jim Rutenberg and Steven Lee Myers for The New York Times.

ICYMI — The International Monetary Fund detected a cyberattack in February which compromised 11 email accounts.

AHA: 94% of hospitals financially impacted by Change Healthcare's cyberattack (Fierce Healthcare)

Chat soon.

Stay in touch with the whole team: Joseph Gedeon (jgedeon@politico.com); John Sakellariadis (jsakellariadis@politico.com); Maggie Miller (mmiller@politico.com); and Heidi Vogt (hvogt@politico.com).