Google has little choice to be evil or not in today’s fractured internet

Well, we got to January 2nd before the latest angry resignation published by a tech executive on Medium.

Today’s installment comes from Ross LaJeunesse, who was head of international relations at Google and served for more than a decade in various roles at the company. He denounces what he sees as Google’s increasingly failed ambitions to be a company principled on human rights, and poses a series of questions about the future of tech and capitalism:

I think the important question is what does it mean when one of America’s marque’ companies changes so dramatically. Is it the inevitable outcome of a corporate culture that rewards growth and profits over social impact and responsibility? Is it in some way related to the corruption that has gripped our federal government? Is this part of the global trend toward “strong man” leaders who are coming to power around the globe, where questions of “right” and “wrong” are ignored in favor of self-interest and self-dealing? Finally, what are the implications for all of us when that once-great American company controls so much data about billions of users across the globe?

The whole read is interesting, and covers Google’s China operations, its Project Dragonfly censored search crisis, Saudi Arabia’s apps in Google Cloud, and his own personal experience with Google HR.

It’s a manifesto of sorts, and perhaps that isn’t surprising given that LaJeunesse is also running for the Democratic primary in Maine’s senatorial election to compete against Republican incumbent Susan Collins. His critiques of Big Tech seem to be channeling Missouri Republican senator Josh Hawley, and that makes it a fascinating political strategy.

But let’s focus in on the key question at the heart of this debate: does Google have the ability to be “good” or “evil” when it comes to tech’s influence on society? Does it have agency to make a difference on human rights in countries around the world?

My answer is: Google used to have a lot of agency, which is unfortunately declining very, very rapidly.

I’ve talked about the fracturing of the internet into different spheres of influence for quite literally years. Countries like China in particular, but also Russia, Iran and others are seizing more and more exacting control of the internet’s plumbing and applications, subsuming the original internet’s spirit of openness and freedom and placing this communications medium under their iron fists.

As this fracturing has occurred, companies like Google, or Shutterstock, or even the NBA have increasingly faced what I’ve called an “authoritarian straddle” — they can either work with these countries and follow the local rules, or they can just get out, with serious ramifications for their home markets.

Those are the extent of the choices these companies have. Shutterstock is not going to change China’s policy toward photos of the Tiananmen Square protests, any more than Google can try to launch a search engine on the mainland or change Saudi Arabia’s deplorable women’s rights.

To have any agency here at all, you need a monopoly on a product or service so important that the dictatorship has to accept the terms you offer. In other words, these companies need extreme leverage, essentially the ability to go to the regimes and say, “No, fuck you, here’s how it is going to work, we’re going to follow human rights, and you have no choice in the matter.”

What tech companies are discovering — even massive giants like Google, Facebook, Apple, Amazon, and Microsoft — is that they really, truly don’t have that kind of leverage in these countries anymore. Not even Apple, which employs hundreds of thousands of manufacturing workers through its subcontractors in China, can move the needle in that country anymore. Iran shut off the internet for a period of time to dampen the intensity of political protests in that country. Russia last week tested shutting off the internet to make sure it can just pull the plug when it wants.

If whole countries can just flip the switch and turn off “tech,” exactly what leverage do any of these companies have in the first place?

And that diminution of power is a trend that tech companies, and particularly American tech companies, haven’t fully grappled with. They don’t really get a choice anymore in the decisions here. China has its own search engine, and increasingly, its own mobile phone ecosystem unencumbered by U.S. patents and therefore U.S. policy. If Azure leaves Saudi Arabia, Alibaba Cloud is more than willing to step into the gap and make the money instead.

So when you get to LaJeunesse’s comments that he pushed Google internally to formalize some of its values:

My solution was to advocate for the adoption of a company-wide, formal Human Rights Program that would publicly commit Google to adhere to human rights principles found in the UN Declaration of Human Rights, provide a mechanism for product and engineering teams to seek internal review of product design elements, and formalize the use of Human Rights Impact Assessments for all major product launches and market entries.

… one can’t help but feel solace for an optimistic world where a better product design review process might have once improved global human rights.

The issue is far simpler though than it was in the past. You don’t need a human rights protocol, or some sort of review process for market entry. You are either in, or you are out. You either launch in these countries and deal with the inevitable human rights abuses and concomitant consumer protests in the home market, or you maintain your values and you walk away, ignoring the profit mirage from these regimes in the process.

That’s why I recently argued that Google and the NBA should just walk away. I still hold that belief. It’s also why I called on Shutterstock to leave China and return to its more open and free values. No U.S. tech company today has the leverage to make a dent on human rights the way that they did a decade ago. The internet has fractured, data sovereignty is on the rise, and there’s a binary choice to be made whether to engage or to flee. Ultimately, I take LaJeunesse’s side — these companies should walk, because there really isn’t much choice otherwise.

Russia starts testing its own internal internet

Russia has begun testing a national internet system that would function as an alternative to the broader web, according to local news reports. Exactly what stage the country has reached is unclear, but certainly the goal of a resilient — and perhaps more easily controlled — internet is being pursued.

The internet, of course, is made up of a global web of infrastructure that must interface physically, virtually and, increasingly, politically with the countries to which it connects. Some countries, like China, have opted to very carefully regulate that interface, controlling which websites, apps and services can be accessed from the local side of that interface.

Russia has increasingly leaned toward that approach, with President Putin signing a law earlier this year there, Runet, which would build the necessary infrastructure to maintain, essentially, a separate internal internet should such a thing become necessary (or convenient).

Speaking earlier this week to the state-owned news outlet Tass, Putin explained that this was purely a defensive play.

Runet, he said, “is aimed only at preventing adverse consequences of global disconnection from the global network, which is largely controlled from abroad. This is the point, this is what sovereignty is — to have our resources that can be turned on so that we would not be cut from the Internet.”

More recent reports, in Tass and Pravda as relayed by the BBC, indicated that this effort has gone beyond the theoretical to the practical. Tests were done on the vulnerability of the so-called Internet of Things, which must have been disheartening if Russian IoT devices have security practices as poor as U.S. ones. Whether the local net could stand up against “external negative influences,” whatever those are, was also looked into.

It’s no small task, what Russia is attempting here, and while the talk is ostensibly of sovereignty and robust infrastructure, the tensions between the U.S., Russia, China, North Korea and other countries with advanced cyberwarfare capabilities are unmistakably also part of it.

A Russian internet disconnected from the world would probably right now be almost non-functional. Russia, like everyone else, relies on resources located elsewhere in the world constantly, and duplication of many of those resources would be necessary to make it possible for the internet to work anything like normally, should the country decide to retreat into its shell for whatever reason.

A separate DNS system would be necessary, as would physical infrastructure connecting parts of the country directly to the rest, which at present must do so through international connections. And that’s just to create the basic possibility of a working Russian intranet.

It’s hard to object to the idea of a robust “sovereign internet” should such a thing become necessary, but it’s hard not to think of it as preparation for conflict to come rather than simple investment in national infrastructure.

That said, what exactly Runet will grow to be and how it will be used are still a matter of speculation until we receive more specific reports of its capabilities and intended purposes.

Instreamatic signs deals to allow people to talk to adverts on streaming services like an Alexa

Most in tech would agree that following the launch of Alexa and Google Home devices the ‘Voice Era’ is here. Voice assistant usage is at 3.3 billion right now; by 2020 half of all searches are expected to be done via voice. And with younger generations growing up on voice (55% of teens use voice search daily now), there’s no turning back.

As we’ve reported, the voice-based ad market will grow to $19 billion in the U.S. by 2022, growing the market share from the $17 billion audio ad market and the $57 billion programmatic ad market.

That means that voice shopping is also set to explode, with the volume of voice-based spending growing twenty-fold over the next few years due to voice-based virtual assistant penetration, as well as the rapid consumer adoption of home-based smart speakers, the expansion of smart homes and the growing integration of virtual assistants into cars.

That, combined with the popularity of digital media – streaming music, podcasts, etc – has created greenfield opportunities for better brand engagement through audio. But brands have struggled to catch up, and there has not been many ways to capitalise on this.

So a team of people who co-founded and worked at Zvuk, a leading music streaming service in Eastern Europe, quickly understood why there is not a single profitable music streaming company in the world: subscription rates are low and advertisers are not excited about audio ads, due to the measurement challenges and intrusive ad experience.

So, they decided to create SF-based company Instreamatic, a startup which allows people to talk at adverts they see and get an AI-driven voice response, just as you might talk to an Alexa device. 

Thus, the AI powering Instreamatic’s voice-driven ads can interpret and anticipate the intent of a user’s words (and do so in the user’s natural language, so robotic “yes” and “no” responses aren’t needed). That means Instreamatic enables brands which advertise through digital audio channels (streaming music apps, podcasts, etc) to now have interactive (and continuous) voice dialogues with consumers.

Yes, it means you can talk to an advert like it was an Alexa.
 
Instead of an audio ad playing to a listener as a one-way communication (like every T.V. and radio ad before it), brands can now reach and engage with consumers by having voice-interactive conversations. Brands using Instreamatic can also continue conversations with consumers across channels and audio publishers – so fresh ad content is tailored to the full history of each listener’s past engagements and responses.

An advantage of the platform is that people can use their voice to set their advertising preferences. So, when a person says ‘I don’t want to hear about it ever again,’ brands can optimize their marketing strategy either by stopping all remarketing campaigns across all digital media channels targeted to that person, or by optimizing the communication strategy to offer something else instead of the product that was rejected. If the listener expressed interest or no interest, Instreamatic would know that and tailor future ads to match past engagement – providing a continuous dialogue with the user.

Its competitor is AdsWizz which allows users to shake their phones when they are interested in an ad. This effectively allows users to “click” when the audio ad is playing in the background. One of their recent case studies reported that shaking provided 3.95% interaction rates.
 
By contrast, Instreamatic’s voice dialogue marketing platform allows people to talk to audio advertising, skipping irrelevant ads and engaging in interesting ones. Their recent case study claimed a much higher 13.2% voice engagement rate this way.
 
The business model is thus: when advertisers buy voice dialogue ads on its ad exchange, it takes a commission from that ad spend. Publishers, brands and adtech companies can license the technology and Instreamatic charges them a licensing fee based on usage.

Instreamatic has now partnered with Gaana, India’s largest music and content streaming service, to integrate Instreamatic into Gaana’s platform. It’s also partnered with Triton Digital, a service provider to the audio streaming and podcast industry.

This follows similar deals with Pandora, Jacapps, Airkast,
and SurferNETWORK.

All these partnerships means the company can now reach 120 million monthly active users in the United States, 30M in Europe and 150 million in Asia.

Thet company is headquartered in San Francisco and London with a development team in Moscow and features Stas Tushinskiy as CEO and co-founder. Tushinskiy reated the digital audio advertising market in Russia prior to relocating to the U.S. with Instreamatic. International Business Development head and co-founder Simon Dunlop previously founded Bookmate, a subscription-based reading and audiobook platform, and DITelegraph Moscow Tech Hub, and Zvuk.

Nigeria’s Rensource raises $20M to power African markets by solar

Nigerian startup Rensource Energy has raised a $20 million Series A round co-led by CRE Venture Capital and the Omidyar network.

The renewable energy company builds and operates solar powered micro-utilities that provide electricity to commercial community structures, such as open-air trading bazaars.

Launched in 2016, the startup has shifted its operating strategy. “We’ve pivoted away from a residential focus…and we’re building much larger systems to become essentially the utility for these large urban markets we have a lot of in Nigeria,” Rensource co-founder Ademola Adesina told TechCrunch.

The company has a partnership with German manufacturer BOS AG, with whom its designs specialized panels for it use case. Rensource also has developer teams in Nigeria and Europe for its software related programs.

In addition to becoming a micro-energy provider to Nigeria’s robust SME classes, the startup aims to offer them B2B services. With the $20 million round Rensource is launching its Spaces Offline to Online platform for supply-chain services, including business-analytics and working capital options.

“It’s a mini-ERP tool. We’re trying bring a universe of people who are banked, but…still offline — their products are offline, they don’t track anything, and there’s no data behind their business — online,” said Adesina.

Rensource Africa Nigeria App

The benefit Rensource seeks to bring to Nigeria’s SMEs — at a profit for itself — is to lower overhead costs through better business practices and free them from the bane of generators.

Across marketplaces in West Africa, noisy, fuel-guzzling, and pollution producing generators are like an unwelcome, yet necessary business partner.

Lack of affordable and reliable electricity in Nigeria creates a massive real and opportunity cost to Africa’s largest economy.

For perspective, the West African country is roughly the size of Texas, with a 200 million population larger than Russia, and generates less gigawatt hours of electricity annually than the U.S. state of Connecticut.

Nigerian businesses (and citizens) adjust for these power deficiencies by spending on diesel fuel and generators.

The IMF’s 2019 Nigeria report quoted economic losses of $29 billion in Nigeria due to unreliable electricity supply. On global Doing Business rankings, Nigeria ranked 169 out of 190 countries in the category of “Getting Electricity”.

This difficulty and cost weighs particularly heavy on Nigeria (and the continent’s) SMEs, which often operate in Africa’s informal economy — projected to be one of the largest off-the grid commercial spaces in the world.

Rensource Solar Nigeria AfricaRensource’s micro-utility model deploys power clusters — made up of solar-panels, batteries, and a power management system — adjacent to markets and commercial hubs. The energy application isn’t totally clean, as the startup still uses its own diesel backup system.

Rensourse has used this model to become an off-grid energy provider in six states in Nigeria, and powers the Sabon Gari market — one of the the country’s largest, located in northern Kaduna state.

The company plans to expand to 100 markets within Nigeria and to additional African countries within 24 months, according to Adesina.

Rensource generates revenue from charging merchants daily, weekly, or monthly fees. “In 2017, we did a few hundred thousand dollars in revenue. Last year we did about $7 million in revenue, and this year we’ll do better than that,” CEO Ademola Adesina said.

The company doesn’t release official financials, but generated a small profit last year, according to Adesina. He named deploying more of its micro-utilities to new markets and diversifying services as the path to long-term profitability.

The company differentiates itself from many home-kit solar energy startups in Africa, such as M-Kopa, by becoming a renewable energy utility at scale.

ademola adesina rensourceRensource’s CEO sees the model as a classic leapfrog tech business, effectively bypassing Nigeria’s existing electricity grid and providing a less capital intensive alternative to large (and often complicated) energy infrastructure projects.

The company is also following a trend by some Nigeria based startups, such as trucking-logistics company Kobo360 and motorcycle ride-hail company Gokada, to shape a suite of additional services around the needs of core clients.

In Rensource’s case, those clients are SMEs and traders in the informal economy. “This informality of theirs is what we see as an opportunity in building this new business line and bringing these [merchants] into the online world,” said Adesina.

 

Reddit links UK-US trade talk leak to Russian influence campaign

Reddit has linked account activity involving the leak and amplification of sensitive UK-US trade talks on its platform during the ongoing UK election campaign to a suspected Russian political influence operation.

Or, to put it more plainly, the social network suspects that Russian operatives are behind the leak of sensitive trade data — likely with the intention of impacting the UK’s General Election campaign.

The country goes to the polls next week, on December 12.

The UK has been politically deadlocked since mid 2016 over how to implement the result of the referendum to leave the European Union . The minority Conservative government has struggled to negotiate a brexit deal that parliament backs. Another hung parliament or minority government would likely result in continued uncertainty.

In a post discussing the “Suspected campaign from Russia”, Reddit writes:

We were recently made aware of a post on Reddit that included leaked documents from the UK. We investigated this account and the accounts connected to it, and today we believe this was part of a campaign that has been reported as originating from Russia.

Earlier this year Facebook discovered a Russian campaign on its platform, which was further analyzed by the Atlantic Council and dubbed “Secondary Infektion.” Suspect accounts on Reddit were recently reported to us, along with indicators from law enforcement, and we were able to confirm that they did indeed show a pattern of coordination. We were then able to use these accounts to identify additional suspect accounts that were part of the campaign on Reddit. This group provides us with important attribution for the recent posting of the leaked UK documents, as well as insights into how adversaries are adapting their tactics.

Reddit says that an account, called gregoratior, originally posted the leaked trade talks document. Later a second account, ostermaxnn, reposted it. The platform also found a “pocket of accounts” that worked together to manipulate votes on the original post in an attempt to amplify it. Though fairly fruitlessly, as it turned out; the leak gained little attention on Reddit, per the company.

As a result of the investigation Reddit says it has banned 1 subreddit and 61 accounts — under policies against vote manipulation and misuse of its platform.

The story doesn’t end there, though, because whoever was behind the trade talk leak appears to have resorted to additional tactics to draw attention to it — including emailing campaign groups and political activists directly.

This activity did bear fruit this month when the opposition Labour party got hold of the leak and made it into a major campaign issue, claiming the 451-page document shows the Conservative party, led by Boris Johnson, is plotting to sell off the country’s free-at-the-point-of-use National Health Service (NHS) to US private health insurance firms and drug companies.

Labour party leader, Jeremy Corbyn, showed a heavily redacted version of the document during a TV leaders debate earlier this month, later calling a press conference to reveal a fully un-redacted version of the data — arguing the document proves the NHS is in grave danger if the Conservatives are re-elected.

Johnson has denied Labour’s accusation that the NHS will be carved up as the price of a Trump trade deal. But the leaked document itself is genuine.

It details preliminary meetings between UK and US trade negotiators, which took place between July 2017 and July 2019, in which discussion of the NHS does take place, in addition to other issues such as food standards.

Although the document does not confirm what position the UK might seek to adopt in any future trade talks with the US.

The source of the heavily redacted version of the document appears to be a Freedom of Information (FOI) request by campaigning organisation, Global Justice Now — which told Vice it made an FOI request to the UK’s Department for International Trade around 18 months ago.

The group said it was subsequently emailed a fully unredacted version of the document by an unknown source which also appears to have sent the data directly to the Labour party. So while the influence operation looks to have originated on Reddit, the agents behind it seem to have resorted to more direct means of data dissemination in order for the leak to gain the required attention to become an election-influencing issue.

Experts in online influence operations had already suggested similarities between the trade talks leak and an earlier Russian operation, dubbed Secondary Infektion, which involved the leak of fake documents on multiple online platforms. Facebook identified and took down that operation in May.

In a report analysing the most recent leak, social network mapping and analysis firm Graphika says the key question is how the trade document came to be disseminated online a few weeks before the election.

“The mysterious [Reddit] user seemingly originated the leak of a diplomatic document by posting it around online, just six weeks before the UK elections. This raises the question of how the user got hold of the document in the first place,” it writes. “This is the single most pressing question that arises from this report.”

Graphika’s analysis concludes that the manner of leaking and amplifying the trade talks data “closely resembles” the known Russian information operation, Secondary Infektion.

“The similarities to Secondary Infektion are not enough to provide conclusive attribution but are too close to be simply a coincidence. They could indicate a return of the actors behind Secondary Infektion or a sophisticated attempt by unknown actors to mimic it,” it adds.

Internet-enabled Russian influence operations that feature hacking and strategically timed data dumps of confidential/sensitive information, as well as the seeding and amplification of political disinformation which is intended to polarize, confuse and/or disengage voters, have become a regular feature of Western elections in recent years.

The most high profile example of Russian election interference remains the 2016 hack of documents and emails from Hillary Clinton’s presidential campaign and Democratic National Committee — which went on to be confirmed by US investigators as an operation by Russia’s GRU intelligence agency.

In 2017 emails were also leaked from French president Emmanuel Macron’s campaign shortly before his election — although with apparently minimal impact in that case. (Attribution is also less clear-cut.)

Russian activity targeting UK elections and referendums remains a matter of intense interest and investigation — and had been raised publicly as a concern by former prime minister, Theresa May, in 2017.

Although her government failed to act on recommendations to strengthen UK election and data laws to respond to the risks posed by Internet-enabled interference. She also did nothing to investigate questions over the extent of foreign interference in the 2016 brexit referendum.

May was finally unseated by the ongoing political turmoil around brexit this summer, when Johnson took over as prime minister. But he has also turned a wilfully blind eye to the risks around foreign election interference — while fully availing himself of data-fuelled digital campaign methods whose ethics have been questioned by multiple UK oversight bodies.

A report into Russian interference in UK politics which was compiled by the UK’s intelligence and security parliamentary committee — and had been due to be published ahead of the general election — was also personally blocked from publication by the prime minister.

Voters won’t now get to see that information until after the election. Or, well, barring another strategic leak…

Apple and Google Maps accommodate Russia’s annexation of Crimea

Global politics are difficult to navigate ordinarily, but in times of conflict companies that aim to provide an unbiased service, such as a map or search function, may have to come down on one side or another. Apple just came down at least partly on the side of Russia in its controversial annexation of Crimea from Ukraine, and Google has accommodated Russian interests as well.

The large peninsula on the north side of the Black Sea was brought under Russian control in 2014 during political unrest there concerning Crimea’s status within Ukraine. World leaders decried the move, saying that Russia had deliberately helped instigate the crisis there in order to take advantage of it, and violated Ukraine’s sovereignty with its military presence.

While the controversy surrounding these events are ongoing (indeed, the events themselves are too, in a way), companies like Apple and Google don’t have the luxury of waiting for history’s judgment to do things like update their maps.

Both, for instance, have in the past labeled locations in Crimea as being part of Ukraine. But Russia has made official complaints to the companies and warned them that it is considered a criminal act to refer to Crimea as other than a Russian territory. Now both companies have made concessions to Russian demands.

Apple in its Maps and Weather app now shows locations in Crimea as being part of Russia, when being viewed from that country. Russian authorities today said that “Apple fulfilled its obligations and brought the applications on its devices in compliance with the requirements of the Russian legislation.”

If you’re viewing from the U.S., both Apple and Google appear to take something of a neutral stance, if any stance can be said to be neutral. The Crimean peninsula appears as neither Russian nor Ukrainian on both Apple and Google Maps, with some rather strange gymnastics to accomplish it.

For example, in Google Maps there is a prominent border on the north side dividing Crimea from Kherson Oblast (a Ukrainian province), much heavier than lines between other provinces. Clicking Kherson Oblast on the border brings up a description and outline, while clicking Crimea seems to do nothing at all. On cities and random locations located in Crimea, there is no country at all in the space where it is normally displayed:

On both Apple and Google Maps, there is no border at all between Crimea and Russia where it would normally appear, across Taman Bay. Yet on one side of the bay locations are prominently labeled as Russian, while on the other they are devoid of a country affiliation.

I’ve asked Google and Apple for comment on when and how they decided to implement their current maps and will update this post if I hear back. It’s very likely that both will justify these decisions with the fact that they must adhere to local laws. But what happens when two sets of local laws diverge in the same location?

Update: A Google spokesperson says: “We make every effort to objectively depict the disputed regions, and where we have local versions of Google Maps, we follow local legislation when displaying names and borders.”

My point here is not to take sides for or against any of these representations, but to show that companies like Apple and Google are in a tight spot when it comes to these situations, and their information is far from complete or authoritative. In this case we see that they have different results for different places, concessions for some governments in spite of international concern, and the reduction of some services to a non-functional state (comparatively) in order to avoid controversy.

Just something to keep in mind whenever you look up information on services provided by global companies — they’re not objective sources, though of course arguably nothing is.

Jeanette Manfra, senior DHS cybersecurity official, to leave government

Jeanette Manfra, one of the most senior and experienced U.S. cybersecurity officials, is leaving government after more than a decade in the public sector.

Manfra, who served as assistant director for cybersecurity at the Cybersecurity and Infrastructure Security Agency (CISA), will join the private sector in the New Year. CISA is Homeland Security’s dedicated civilian cybersecurity unit set up a year ago to respond to help protect against threats to U.S. critical infrastructure and foreign threats.

In an exclusive interview with TechCrunch, Manfra said it was a “really hard time to leave,” but the move will give her successor time to transition into the role ahead of the upcoming 2020 presidential election.

She did not say what her new job will be, only that she will take time off to be with her family in the meantime. She will leave her post at the end of the year.

Cyberscoop first reported her pending departure, citing sources.

Manfra’s departure from government will be seen as largely unexpected. At Homeland Security, she has served three presidents and worked on numerous projects to improve relations with the private sector, which are considered crucial partners in defending U.S. cyberspace. She also saw the agency double down on election security, threats to the supply chain, and efforts to protect U.S. critical infrastructure like the power grid and water networks from nefarious attempts by nation states.

At TechCrunch Disrupt SF this year, Manfra also talked candidly about the ongoing threats to U.S. cybersecurity, including a skills shortage and the risks posed by another global “WannaCry-style” cyberattack, which in 2017 saw thousands of computers infected by file-locking malware, causing billions of dollars worth of damage.

Manfra joined Homeland Security in 2007 under then-president George W. Bush, half a decade after the department was founded in the wake of the September 11 terrorist attacks. Manfra described the early years as a time when there weren’t “a lot of people talking about cybersecurity.”

“It definitely was not really on the national stage at the time. It was, you know, there was still a lot of debate as to whether ‘cybersecurity’ was one word or two words,” she said.

But in the years past and as internet access and tech companies continued to grow, she said the U.S. saw several “wake up” calls that brought cybersecurity into the public mainstream. The hack of Sony Pictures in 2016 and the WannaCry global ransomware attack in 2017 were two, and both were blamed on North Korea. Another, she said, was the 2015 data breach of the U.S. Office of Personnel Management (OPM), which saw suspected Chinese hackers steal more than 21 million sensitive background check files of government employees who had sought security clearance.

The department’s cybersecurity presence started out as a “very small, frankly relatively unknown group of people,” she said. A decade later it had become a major force in managing crises like the OPM attack, a breach that she said helped to push government to better prioritize cybersecurity.

“[The OPM breach] forced us to make some changes across the government that’ve been good,” she said.

In the aftermath, the government took steps to bolster its own systems and networks to lower its attack surface by removing Kaspersky from its networks citing fears about Russian intelligence, and taking the lead rolling out HTTPS website encryption and email security protections across the federal domains — an effort still to this day largely neglected by some of the world’s wealthiest companies.

Election security, she said, was another major wake-up call for the government. Russia waged a widescale disinformation — or “fake news” — campaign during the 2016 election to sow discord and exploit divisions in communities across the U.S. But there were also fears that hackers could break in and modify the tallies in voting machines, a concern that never came to fruition but one that security experts say remains a threat. Lawmakers have been pushing for the removal of paperless and electronic-only voting machines to reduce the risk of hackers manipulate the votes in favor of a particular candidate.

“In 2016, it was our best judgment that the Russians were looking to undermine confidence,” Manfra told TechCrunch. “The public confidence is important, and we need to be thinking within the government about the adversaries’ ability and willingness to use those against us,” she said.

Manfra said the department knew it had to work closer with state and local election boards to figure out their needs following the 2016 election. “We had a lot of honest conversations with [election boards] about what they need, what do we do, and how can we help,” she said. “It’s the fastest I’ve ever seen a sector come together.”

Those partnerships with local elections have given Homeland Security unprecedented visibility into the nation’s election infrastructure, she said, going from “some coverage” in 2016 to near-absolute insight across the country.

“If we ever did again get technical indicators that an adversary was trying to do something, we would be able to move more quickly and much more expansively across the country,” she said.

That effort paid off. Last year’s midterm election was remarkably quiet compared to 2016. Both the Justice Department and Homeland Security said there was “no evidence” to support foreign interference during the midterms.

It’s that running theme of public-private collaboration that Manfra looked back on with pride. “We don’t have all the answers and we can’t do it alone.” Those partnerships across the industry verticals — from elections to finance, energy and manufacturing — are “crucial to everything that we do,” she said.

“It’s really easy to say how important it is to have the government in the private sector working together,” she said. “But to do it well, it’s actually really hard.”

Manfra said the government had to be “willing to open itself” to build trust with its partners. “We now have some of the largest companies in the country that we built trusted relationships when they know that they can give us sensitive information — and we can take that and use it to protect other people, but we’re not going to abuse that trust,” she said.

Speaking of her time at Homeland Security, Manfra said she was most proud of her team. “A lot of them have been with me since we started,” she said. “They could be working out in the private sector making a ton of money, but they’re dedicating their lives here,” she said.

But she said she was “forcing” herself to have no regrets during her time in government.

It’s not yet known who will replace Manfra or will take on her responsibilities. But her advice for her eventual successor: “Trust your team, trust your partners, and stay focused,” she said. “It’s such a broad mission. It’s easy to lose focus.”

Related stories:

Senate report says Russian election interference ‘invariably’ supported Trump, recommends national PSA

A bipartisan Senate investigation into Russian interference in the 2016 election released today definitively implicates the country in online operations designed specifically to get then-candidate Donald Trump elected. The tactics used were “overtly and almost invariably supportive” of his campaign even to the detriment of other Republicans. The report recommends major chances to how disinformation and election interference are handled in this country.

The bulk of the report, volume 2 of the Intelligence Committee’s investigation of Russian interference (the first arrived in July), focuses on the specifics of the country’s use of social media and other online channels to affect the election. (You can read the full report at the bottom of this post.)

“This campaign sought to polarize Americans on the basis of societal, ideological, and racial differences, provoked real world events, and was part of a foreign government’s covert support of Russia’s favored candidate in the U.S. presidential election,” the report reads at the outset. So much is already known, but the report goes into great detail on the exact means.

More importantly, it officially characterizes what had in many ways only been observed by other parties or alluded to: that “Russia’s favored candidate” was Trump from the beginning and that operations were undertaken specifically to get him and no one else elected.

Another point the report makes, which others had noted before, is that black Americans were of particular interest to the Russian agents.

“No single group of Americans was targeted by IRA information operatives more than African-Americans. By far, race and related issues were the preferred target of the information warfare campaign designed to divide the country in 2016,” the report states. Race issues are certainly always top of mind for many in this country, and clearly Russia perceived that as an opportunity.

While a perusal of our past articles on the topic will give an idea of the interference itself, what is new here is a set of recommendations on how to prevent the 2016 calamity from occurring again next year. Here are the major ones:

“Examine legislative approaches to ensuring Americans know the sources of online political advertisements.”

Political ads in most media are required by law to disclose who paid for them. The same is not true online, and while companies like Facebook are taking steps toward transparency, it seems odd that a private company last seen being unwitting accomplice to foreign election interference should be the vanguard of that change. Perhaps, the committee suggests, we should pass a law.

“Congress should continue to examine the full panoply of issues surrounding social media.”

This is a frustratingly vague recommendation, and its wording suggests Congress is already examining this “panoply.” But it is not specific because there is so much to say. “Privacy rules, identity validation, transparency in how data is collected and used, and monitoring for inauthentic or malign content” are among the several things that deserve continued attention. Between the lines is to be read that Congress is not going to let go of these issues any time soon if the Intel Committee has anything to do with it.

“Reinforce with the public the danger of attempted foreign interference in the 2020 election.”

This recommendation to the Executive seems unlikely to find much purchase, since this administration has been careful to play down the role of Russian and other interference in the election that put them in power. It is hard to imagine any administration doing otherwise, to be honest. But this recommendation may very well filter down to the innumerable agencies and offices that perform all kinds of work under the umbrella of the Executive, and there is only so much that the White House can suppress. If there is, as we all understand there to be, a major risk of foreign interference in the 2020 election, the Executive should acknowledge that publicly or find itself accused of complicity.

“Building media literacy from an early age would help build long-term resilience to foreign manipulation of our democracy.”

It is worth quoting this in full:

…Disinformation in the long-term will ultimately need to be tackled by an informed and discerning population of citizens who are both alert to the threat and armed with the critical thinking skills necessary to protect against malicious influence. A public initiative-propelled by federal funding but led in large part by state and local education institutions-focused on building media literacy from an early age would help build long-term resilience to foreign manipulation of our democracy.

It’s hardly realistic to expect an education campaign to have any effect next year, which is why this is a “long-term” approach to taking on disinformation. But how can federal education guidelines or campaigns be taken seriously when the government is itself deeply invested in counterfactual narratives regarding things like climate change? Media literacy is important, but the feds need to learn their own lessons before they can teach them.

“Stand up an interagency task force to continually monitor and assess foreign country’s use of social media platforms for democratic interference.”

Another recommendation to the Executive, this one is half practical and half CYA. A task force is the lip service of the federal government, but even so they have a habit of documenting things that others would rather were swept under the rug. No one would take the proposed “deterrence frameworks” seriously, but they make great ammo for political battles after the fact. If the task force warned of X six months before X caused Y, the politicians who appear to have taken X seriously at the time score valuable politics points.

“Develop a clear plan for notifying candidates, parties, or others associated with elections when those individuals or groups have been the victim of a foreign country’s use of social media platforms to interfere in an election.”

This kind of thing — the knowledge that there’s a hacking collective in Brazil trying to take down Pete Buttigieg or something — should be shared in a structured fashion. This is as much to benefit the target as it is to punish those who would withhold that information.

Furthermore, as Senator Ron Wyden (D-OR) adds in notes at the end of the report, it is not enough to simply say that there were attempts at subversion — the intelligence community must share their “assessment of the goals and intent” of those attempts.

In other words, if we knew what we knew now in 2016, it would be required that the government in some way disclose not only that Hilary Clinton’s campaign was being targeted, but that it was being targeted with the specific goal of getting Donald Trump elected.

Wyden also had some choice words for the social media and tech community.

Until Facebook, Google, and Twitter have developed effective defenses to ensure that their micro-targeting systems cannot be exploited by foreign governments to influence American elections, these companies must put the integrity of American democracy over their profits.

Congress should pass legislation that addresses this concern in three respects. First, the Federal Trade Commission must be given the power to set baseline data security and privacy rules for companies that store or share Americans’ data, as well as the authority and resources to fine companies that violate.those rules, Second; companies should be obligated to disclose how consumer information is collected and shared and provide consumers the names of every individual or institution with whom their data has been shared. Third, consumers must be given the ability to easily opt out of commercial data sharing.

You can read the full report below.

Senate Intel report on Russian election interference (volume 2) by TechCrunch on Scribd

Apple’s new ‘For All Mankind’ trailer focuses on the people dealing with a Soviet space race win

Apple’s new premium subscription TV service is launching on November 1, and there’s a new trailer for one of its original shows, the Ronald D. Moore project “For All Mankind.”

The series is a fictional period piece set in the late ’60s/early ’70s that follows an alternate timeline in which Soviet Russia, not the U.S., is the first to land a man on the Moon. It seems like there will be a lot of fallout as a result of the U.S. losing this key battle in the space race, but the biggest divergence from our actual history might be that the Americans seem to go all-in on an astronaut qualification and training program for women much earlier than they did in real life.

Watching this, which is more focused on the various cast members than previous trailers for this show (which set up the premise), I get strong “The Calculating Stars” and the entire “Lady Astronaut” novel series vibes, which are great books by Mary Robinette Kowal if you’re looking for alternative history with a space bent right now (and don’t want to wait for Apple’s $5 per month service to launch).

That said, I’m definitely still very interested in checking this out when it is available, and it doesn’t hurt that it’s from the same creator who brought us the early 2000s’ “Battlestar Galactica” reboot and “Outlander,” my favorite time-traveling British history romp.

Watch a Roscosmos rocket launch the next crew of the International Space Station live

NASA astronaut Jessica Meir, Rocscosmos cosmonaut Oleg Skripochka and first-time UAE spaceflight traveler Hazza Ali Almansoori are all set to launch aboard a Roscosmos rocket in a Soyuz capsule, as part of the Expedition 61 crew launch to the International Space Station.

The crew is set to take off from Kazakhstan at 9:57 AM EDT, and the spacecraft will dock with the ISS at around 3 PM EDT, roughly six hours after take-off. This is Skripochka’s third trip to space, but it’s the first for both Meir and Almansoori, with Almansoori on an eight-day mission contracted by the UAE with Russia’s space agency.

Once they arrive on the station, there will be 9 total occupants on board. Both Meir and Skripochka will be spending over six months on the ISS, condign research and experiments.