SaveSave story

EU member of parliament eyes vulnerability disclosure process

The European Commission building with European Union flags waving in front in Brussels, Belgium. (Photo by Dursun Aydemir/Anadolu Agency/Getty Images)
The European Commission building in Brussels, Belgium. Dursun Aydemir/Anadolu Agency/Getty Images

European Union MP Marietje Schaake proposed creating an EU-wide rule describing when governments must disclose security flaws to manufacturers. Governments often use these security flaws for surveillance.

Why it matters: There is no way to guarantee that only well-meaning governments use a vulnerability that a nation intends to use for surveillance. In a blog post Thursday announcing her intent to seek an EU standard for disclosure, Schaake noted, "We live in an age where vulnerabilities are leaked or sold by criminals to those with potentially geopolitical motives, and where certain governments are stockpiling vulnerabilities as offensive weapons."

The U.S. has such a rule, the Vulnerability Equities Process. The VEP was flung into the spotlight in 2017 when a massive global cyberattack used a leaked code believed to be written by the NSA to become more virulent. The Obama administration developed the VEP but kept it secret. A number of critics, including many in the tech industry, questioned whether the VEP was adequately representing citizen's cybersecurity interests.

  • The Trump administration quickly committed to increasing its transparency, and released a VEP charter in November that introduced an annual report to give a limited outline of VEP deliberations in the prior year.
  • Schaake cited the U.S. charter in her blog post to encourage her peers. "Last year the White House released its Vulnerabilities Equities Process, which provides some increased transparency around this process in the US. It is high time for us to do the same in Europe," she wrote.
David Philips 2 hours ago
SaveSave story
Expert Voices

Russian obstruction on Syria at UN Security Council demands response

United Nations High Commissioner for Human Rights Zeid Ra'ad Al Hussein speaking during a press conference at the UN Offices in Geneva.
UN High Commissioner for Human Rights Zeid Ra'ad al-Hussein. Photo: Fabrice Coffrini / AFP via Getty Images

Russia used a procedural vote on Monday to prevent UN Human Rights Commissioner Zeid Ra’ad al-Hussein from presenting on human rights conditions in Syria to the UN Security Council (UNSC).

Why it matters: To date, Russia has vetoed nine resolutions aimed at intensifying pressure on Syria’s Bashar al-Assad, moves that not only counter U.S. interests but undermine the international system.

Steve LeVine 3 hours ago
SaveSave story

A debate on the U.S.-China AI war

Illustration: Sarah Grillo/Axios

We reported last week that, against the prevailing narrative that China has more or less already won the artificial intelligence race, some experts say there is still very much a contest: While China and its companies are spending a lot of money to dominate AI, we reported, they continue to be held back by intellectual inflexibility — they cannot or will not pivot as quickly as western researchers, and may be fated always to be behind.

Some FoW readers pushed back. Read on for their view