Cyber Week in Review: December 20, 2024

There Cyber Week in Review will be on hiatus until early 2025. Happy Holidays! 

U.S. Supreme Court to consider TikTok “ban” 

The U.S. Supreme Court announced on Wednesday that it will hear arguments regarding the constitutionality of a potential forced divestiture of TikTok on January 10, seven days before the federal law in question would require Chinese parent company ByteDance to either divest ownership of TikTok or cease to operate it in the United States. When they passed the law in April, lawmakers across both aisles expressed concerns about the app’s effects on national security, especially around the possibility that the Chinese government could use TikTok to manipulate U.S. public opinion. The app has also been criticized as a potential source of data for the Chinese government, especially given the enormous amount of data collected by such platforms. While TikTok challenged the law in court almost immediately after it was passed, the . Court of Appeals for the District of Columbia Circuit upheld it unanimously earlier this month. Meanwhile, legal experts have decried the law as a violation of Americans’ first amendment rights, noting the absence of any evidence that has been provided to the public justifying the national security concerns Regardless of the Supreme Court’s findings, it is not clear if the incoming Trump administration will pursue the ban with the same zeal as the Biden administration; Trump met with TikTok CEO Shou Zi Chew in Mar-a-Lago earlier this week, and said the app has “a warm spot” in his heart. Notably, Trump’s position on TIkTok has shifted dramatically over the years; in August, 2020, he issued an Executive Order mandating the forced sale of TikTok within forty five days.  

House of Representatives Bipartisan AI Task Force releases report 

The U.S. House of Representatives bipartisan artificial intelligence task force released its final report on how Congress can engage on AI earlier this week. The report provides a road map for how policymakers could engage with and potentially regulate the technology, but it provides few specific details and does not endorse any legislation. The leader of the task force, Representative Jay Obernolte (R-CA) said that the report was “the beginning of the conversation” around how the government will engage on AI. While the report stops short of endorsing specific legislation, it does signal a turn away from general AI regulation—the approach taken by the EU in its AI Act—and toward a sector-specific approach to regulation. The report addresses several key issues in AI governance, including the need for expanded and improved data privacy legislation, the use of AI in key national security contexts, and the potential for AI to affect civil rights and civil liberties. House leaders had launched the task force in March, and its leaders, both Democrat and Republican, had pushed back on the idea of a European-style AI bill from the beginning, with co-chair Ted Liu (D-CA) calling for a “variety of different bills that try to tackle different aspects of AI.” The report, which weighs in at 253 pages, comes on the heels of an earlier effort by Senate Majority Leader Chuck Schumer (D-NY) to produce a roadmap for AI research and development earlier this year. The roadmap called for nearly $32 billion in research funding, and also adopted a similar sectoral approach as the House task force. The task force may be able to carry forward some findings with the new administration; David Sacks, Trump’s incoming AI and crypto czar, has signaled that he is open to working with the bipartisan group on major legislation. 

Namibia’s state telecommunications company hit by major ransomware attack 

Telecom Namibia, the state-run telecommunications company that serves most of the country, said that a group of hackers, known as Hunters International, released a batch of files from Telecom Namibia after a ransomware attack. The files include a huge variety of sensitive data, such as personal and financial data on Telecom Namibia customers, including several prominent Namibian government officials. The hack, and subsequent release of the files, drew a strong response from the Namibian government, with President Nangolo Mbumba stating that the government would deal with the hack with “the urgency it deserves.” The government also warned citizens not to share any of the leaked data on social media, saying that it would run afoul of the Namibian data privacy law. However, despite the threat, the Namibian data privacy law does not appear to have ever been enforced, or used to fine criminals. 

Arm and Qualcomm face off in chip licensing dispute 

Chipmaker Arm Holdings’ lawsuit against Qualcomm went to trial this week in the Delaware federal court, the U.S. judicial hub for patent licensing and litigation. Though Qualcomm and Arm are longtime partners, the two are embroiled in a legal fight involving Qualcomm’s 2021 acquisition of chip startup Nuvia. Nuvia had originally designed high-performance Arm chips for servers, however, after its acquisition by Qualcomm in 2021, it dropped its contracts with Arm and began designing Qualcomm’s Snapdragon X Elite chips. Arm has argued that Qualcomm’s acquisition of Nuvia represents a breach of Nuvia’s contract with Arm, and the company alleges that the acquisition cost Arm nearly $50 million in revenue per year. Arm has suggested an unusual remedy for the case, should it prevail; in its filings, Arm is demanding that Qualcomm destroy Snapdragon chip designs and cease selling the chips that resulted from the Nuvia acquisition. Any decision to destroy the designs could have major ramifications for the U.S. technology industry, with some companies remaining reliant on Nuvia-developed chips to run server farms and other large computing arrays.  

Office of Management and Budget releases AI use case inventory for U.S. government 

The U.S. Office of Management and Budget (OMB) released an inventory of more than 1700 AI use cases across 37 different federal agencies earlier this week. The inventory, which OMB has released annually since 2020, covers a wide range of activities and demonstrates the increasing adoption of AI among federal agencies, with use cases surging from 710 to 1757 this year. However, the inventory does not include the use of AI in so-called “national security systems,” which are governed by a separate process articulated by the National Security Memorandum on AI issued earlier this year. Individual agencies have also been releasing AI use inventories as part of the process, with the Department of Homeland Security releasing a list of its own uses of AI in unclassified, non-sensitive settings. Several agencies did not participate in the inventory process, including the Department of Transportation, Department of Education, Small Business Administration (SBA), and Department of Justice, although the SBA said it would release an inventory by the end of December. The OMB also adjusted the inventory process this year to require agencies to disclose use cases of AI that were rights- or safety-impacting, and to terminate those use cases or apply for a relevant extension under OMB memo M-24-10.