SaveSave story

EU member of parliament eyes vulnerability disclosure process

The European Commission building with European Union flags waving in front in Brussels, Belgium. (Photo by Dursun Aydemir/Anadolu Agency/Getty Images)
The European Commission building in Brussels, Belgium. Dursun Aydemir/Anadolu Agency/Getty Images

European Union MP Marietje Schaake proposed creating an EU-wide rule describing when governments must disclose security flaws to manufacturers. Governments often use these security flaws for surveillance.

Why it matters: There is no way to guarantee that only well-meaning governments use a vulnerability that a nation intends to use for surveillance. In a blog post Thursday announcing her intent to seek an EU standard for disclosure, Schaake noted, "We live in an age where vulnerabilities are leaked or sold by criminals to those with potentially geopolitical motives, and where certain governments are stockpiling vulnerabilities as offensive weapons."

The U.S. has such a rule, the Vulnerability Equities Process. The VEP was flung into the spotlight in 2017 when a massive global cyberattack used a leaked code believed to be written by the NSA to become more virulent. The Obama administration developed the VEP but kept it secret. A number of critics, including many in the tech industry, questioned whether the VEP was adequately representing citizen's cybersecurity interests.

  • The Trump administration quickly committed to increasing its transparency, and released a VEP charter in November that introduced an annual report to give a limited outline of VEP deliberations in the prior year.
  • Schaake cited the U.S. charter in her blog post to encourage her peers. "Last year the White House released its Vulnerabilities Equities Process, which provides some increased transparency around this process in the US. It is high time for us to do the same in Europe," she wrote.
Khorri Atkinson 2 hours ago
SaveSave story

NYT: Mueller witness tried to influence White House on Gulf states

Interviews and previously undisclosed documents revealed that a witness in Robert Mueller's probe had worked for over a year to convert a Republican fundraiser into a White House influencer to help usher in deals on behalf of Saudi Arabia and the United Arab Emirates, the New York Times reports.

The backdrop: George Nader, a political adviser of the U.A.E. and Elliott Broidy, the RNC's deputy finance chair, reportedly urged the White House to dismiss Secretary of State Rex Tillerson's support of combative approaches to Iran and Qatar. In another case, Nader promised Broidy over a $1 billion in contracts for his private security company in exchange for deals.

David Philips 4 hours ago
SaveSave story
Expert Voices

Russian obstruction on Syria at UN Security Council demands response

United Nations High Commissioner for Human Rights Zeid Ra'ad Al Hussein speaking during a press conference at the UN Offices in Geneva.
UN High Commissioner for Human Rights Zeid Ra'ad al-Hussein. Photo: Fabrice Coffrini / AFP via Getty Images

Russia used a procedural vote on Monday to prevent UN Human Rights Commissioner Zeid Ra’ad al-Hussein from presenting on human rights conditions in Syria to the UN Security Council (UNSC).

Why it matters: To date, Russia has vetoed nine resolutions aimed at intensifying pressure on Syria’s Bashar al-Assad, moves that not only counter U.S. interests but undermine the international system.