Today is Thursday. Welcome to Hillicon Valley, detailing all you need to know about tech and cyber news from Capitol Hill to Silicon Valley. Subscribe here: thehill.com/newsletter-signup.
Leading social media companies were subpoenaed by the House panel investigating last year's attack at the Capitol for information about the spread of misinformation and extremism on the platforms ahead of the riot.
Meanwhile, a group of bipartisan lawmakers introduced a bill that aims to simplify terms of service agreements, and executives from top tech firms met at the White House to discuss software security.
Let's jump into the news.
Panel subpoenas social media companies
The House committee investigating the Jan. 6, 2021 attack on the Capitol subpoenaed some of the country's largest social media and tech companies Thursday, arguing they had not been forthcoming following an August request for information.
Turn it over: The four subpoenas were sent to Facebook, Twitter, Reddit and Alphabet, the parent company of both Google and YouTube.
"Two key questions for the Select Committee are how the spread of misinformation and violent extremism contributed to the violent attack on our democracy, and what steps-if any-social media companies took to prevent their platforms from being breeding grounds for radicalizing people to violence," Committee Chair Bennie Thompson (D-Miss.) said in a statement.
"It's disappointing that after months of engagement, we still do not have the documents and information necessary to answer those basic questions."
In one of its first formal actions, the committee in late August sent a request to 15 websites and tech companies asking them to preserve records tied to the Jan. 6 riot.
The panel requested internal and external reviews of 2020 election misinformation or violent extremism, all content given to law enforcement related to those subjects and all relevant internal communications.
A MESSAGE FROM HUAWEI
The TLDR on the 'TDLR Act'
A group of bipartisan lawmakers introduced legislation in both chambers Thursday aimed at simplifying websites' terms of service agreements.
The Terms-of-service Labeling, Design and Readability (TLDR) Act would require websites to include a "summary statement" that explains their terms in easy-to-digest language and discloses what, if any, sensitive personal data they collect.
"For far too long, blanket terms of service agreements have forced consumers to either 'agree' to all of a company's conditions or lose access to a website or app entirely," Rep. Lori Trahan (D-Mass.), the sponsor of the House version of the bill, said in a statement.
"To further slant the decision in their favor, many companies design unnecessarily long and complicated contracts, knowing that users don't have the bandwidth to read lengthy legal documents when they're simply trying to message a loved one or make a quick purchase," she added.
The Senate version of the TLDR Act was introduced by Sens. Bill Cassidy (R-La.) and Ben Ray Luján (D-N.M.).
"Users should not have to comb through pages of legal jargon in a website's terms of services to know how their data will be used," Cassidy said. "Requiring companies to provide an easy-to-understand summary of their terms should be mandatory and is long overdue."
TECH EXECS TALK SOFTWARE SECURITY
Executives from Apple, Amazon and other top tech firms met at the White House Thursday to discuss software security with the administration after major cyber attacks hit last year.
At the meeting, executives and government officials will discuss concerns around the security of open-source software and how it can be improved, according to a senior administration official.
Other companies joining include IBM, Microsoft, Meta, and Oracle Corp.
The meeting comes a month after White House National Security Advisor Jake Sullivan invited executives from the companies to talk after the Log4j security vulnerability was discovered, according to the administration official.
A MESSAGE FROM HUAWEI
IRANIAN INTELLIGENCE TIED TO HACKING GROUP
U.S. Cyber Command on Wednesday said a hacking group known as MuddyWater is part of an Iranian intelligence agency responsible for widespread online attacks across the world.
Authorities officially labeled MuddyWater an "Iranian threat group" and identified it as part of the Iranian Ministry of Intelligence and Security, according to a press release.
The group has allegedly targeted Middle Eastern as well as European and North American nations, hacking into networks to ultimately assist the ministry's mission of surveilling opponents.
From 2013 to 2017, Iranian hackers stole $3.4 billion worth of intellectual property from 170 universities, targeted U.S. officials and journalists as well as banks in the United Kingdom and spread misinformation about its adversaries, according to the Center for Strategic and International Studies.
BITS AND PIECES
An op-ed to chew on: The ransomware unicorn
Lighter click: a cute start to the year
Notable links from around the web:
Surveillance will follow us into 'the metaverse,' and our bodies could be its new data source (The Washington Post / Tatum Hunter)
The true cost of Amazon's low prices (Recode / Sara Morrison)
Ailing Amazon workers struggle to find Covid tests themselves (NBC News / Louise Matsakis)
One last thing: Coming to a small screen near you
The film, called "Navalny," was directed by Daniel Roher and the deal for the movie was negotiated by Stacey Wolf, senior vice president of business affairs for CNN Worldwide.
The documentary will detail the alleged assassination attempt on Navalny back in the fall of 2020, when he was poisoned and had to be flown to Germany for treatment.
The film will cover the alleged connection the Kremlin had in the attack and the imprisonment of the opposition leader when he returned to Russia at the beginning of 2021.