Senate Committee on Commerce, Science & Transportation

Subscribe to Senate Committee on Commerce, Science & Transportation feed
A collection of the latest records posted to U.S. Senate Committee On Commerce, Science, & Transportation.
Updated: 2 hours 14 min ago

Implementation of Positive Train Control

Wed, 02/28/2018 - 10:30am

U.S. Sen. John Thune (R-S.D.), chairman of the Senate Committee on Commerce, Science, and Transportation, will convene a hearing titled, “Implementation of Positive Train Control,” at 10:30 a.m. on Wednesday, February 28, 2018 (immediately following the conclusion of the 10:00 a.m. business meeting). The hearing will focus on the implementation of the safety technology known as positive train control (PTC), amid concerns that some passenger railroads could fall short of meeting legal safety obligations, as well as actions or steps that could be taken to ensure compliance with the statutory deadline of December 31, 2018. 

“Railroad passengers expect railroads to follow safety laws and implement the necessary technology to do so, including positive train control,” said Thune. “After troubling reports that some commuter railroads are falling behind on implementation, this hearing will examine what needs to get done and what railroads need to do to meet their obligations.”

Earlier in the year, Chairman Thune sent a letter to the Government Accountability Office (GAO) requesting an evaluation of PTC implementation among passenger railroads. The GAO will testify about the results of its study at the hearing. Chairman Thune also asked the Department of Transportation’s Office of Inspector General (DOT OIG) to track Federal government funding and financing support for PTC, and spending among recipient railroads, and the DOT OIG will also testify about its findings. The hearing will also include testimony from Amtrak and the nation’s largest commuter rail agency, Metropolitan Transportation Authority. 

Witnesses:

• Ms. Susan Fleming, Director of Physical Infrastructure, Government Accountability Office
• Mr. Barry J. DeWeese, Assistant Inspector General, Department of Transportation OIG
• Mr. David L. Mayer, Chief Safety Officer, Metropolitan Transportation Authority
• Mr. Richard Anderson, President and Chief Executive Officer, Amtrak

Hearing Details:

Wednesday, February 28, 2018

10:30 a.m. (immediately after the conclusion of the 10 a.m. business meeting)

This hearing will take place in Dirksen Senate Office Building, Room 106. Witness testimony, opening statements, and a live video of the hearing will be available on www.commerce.senate.gov.

Executive Session

Wed, 02/28/2018 - 10:00am

The U.S. Senate Committee on Commerce, Science, and Transportation will hold an executive session on Wednesday, February 28, at 10:00 a.m. to consider the following legislative measure and nominations.

Click here for additional information on nominees.

Agenda:

1.    S. 1520, Modernizing Recreational Fisheries Management Act of 2017, Sponsors: Sens. Roger Wicker (R-Miss.), Roy Blunt (R-Mo.), Deb Fisher (R-Neb.), Jim Inhofe (R-Okla.), Amy Klobuchar (D-Minn.), Bill Nelson (D-Fla.), Brian Schatz (D-Hawaii), Todd Young (R-Ind.)

2.    Nomination of Joseph Simons, of Virginia, to be a Federal Trade Commissioner, Chairman Designate

3.    Nomination of Noah Joshua Phillips, of Maryland, to be a Federal Trade Commissioner

4.    Nomination of Christine Wilson, of Virginia, to be a Federal Trade Commissioner

5.    Nomination of Rohit Chopra, of New York, to be a Federal Trade Commissioner

*Agenda subject to change

Executive Session Details:

Wednesday, February 28, 2018
10:00 a.m.
Full Committee Markup
Senate Dirksen Building, Room 106
 
A live video of the markup and additional information will be available at www.commerce.senate.gov 

Committee Announces Hearing to Examine Positive Train Control

Thu, 02/22/2018 - 12:00pm

WASHINGTON – U.S. Sen. John Thune (R-S.D.), chairman of the Senate Committee on Commerce, Science, and Transportation, will convene a hearing titled, “Implementation of Positive Train Control,” at 10:30 a.m. on Wednesday, February 28, 2018 (immediately following the conclusion of the 10:00 a.m. business meeting). The hearing will focus on the implementation of the safety technology known as positive train control (PTC), amid concerns that some passenger railroads could fall short of meeting legal safety obligations, as well as actions or steps that could be taken to ensure compliance with the statutory deadline of December 31, 2018.

“Railroad passengers expect railroads to follow safety laws and implement the necessary technology to do so, including positive train control,” said Thune. “After troubling reports that some commuter railroads are falling behind on implementation, this hearing will examine what needs to get done and what railroads need to do to meet their obligations.”

Earlier in the year, Chairman Thune sent a letter to the Government Accountability Office (GAO) requesting an evaluation of PTC implementation among passenger railroads. The GAO will testify about the results ofits study at the hearing. Chairman Thune also asked the Department of Transportation’s Office of Inspector General (DOT OIG) to track Federal government funding and financing support for PTC, and spending among recipient railroads, and the DOT OIG will also testify about its findings. The hearing will also include testimony from Amtrak and the nation’s largest commuter rail agency, Metropolitan Transportation Authority.

Witnesses:

  • Ms. Susan Fleming, Director of Physical Infrastructure, Government Accountability Office
  • Mr. Barry J. DeWeese, Assistant Inspector General, Department of Transportation OIG
  • Mr. David L. Mayer, Chief Safety Officer, Metropolitan Transportation Authority
  • Mr. Richard Anderson, President and Chief Executive Officer, Amtrak

Hearing Details:

Wednesday, February 28, 2018

10:30 a.m. (immediately after the conclusion of the 10 a.m. business meeting)

This hearing will take place in Dirksen Senate Office Building, Room 106. Witness testimony, opening statements, and a live video of the hearing will be available on www.commerce.senate.gov.

Commerce Announces Markup on February 28

Wed, 02/21/2018 - 12:00pm

WASHINGTON – The U.S. Senate Committee on Commerce, Science, and Transportation will hold an executive session on Wednesday, February 28 at 10:00 a.m. to consider the following legislative measure and nominations.

Click here for additional information on nominees.

Agenda:

1.    S. 1520, Modernizing Recreational Fisheries Management Act of 2017, Sponsors: Sens. Roger Wicker (R-Miss.), Roy Blunt (R-Mo.), Deb Fisher (R-Neb.), Jim Inhofe (R-Okla.), Amy Klobuchar (D-Minn.), Bill Nelson (D-Fla.), Brian Schatz (D-Hawaii), Todd Young (R-Ind.)

2.    Nomination of Joseph Simons, of Virginia, to be a Federal Trade Commissioner, Chairman Designate

3.    Nomination of Noah Joshua Phillips, of Maryland, to be a Federal Trade Commissioner

4.    Nomination of Christine Wilson, of Virginia, to be a Federal Trade Commissioner

5.    Nomination of Rohit Chopra, of New York, to be a Federal Trade Commissioner

*Agenda subject to change

Executive Session Details:

Wednesday, October 4, 2017
10:00 a.m.
Full Committee Markup
Senate Hart Building 216
 
A live video of the markup and additional information will be available at www.commerce.senate.gov

Nomination Hearing

Wed, 02/14/2018 - 10:00am

U.S. Sen. John Thune (R-S.D.), chairman of the Senate Committee on Commerce, Science, and Transportation, will convene a hearing at 10:30 a.m. on Wednesday, February 14, 2018, for the president’s nominees to serve as Federal Trade Commissioners.

The nominees’ questionnaires are available at www.commerce.senate.gov/nominations

Witnesses:

  • Mr. Joseph Simons, of Virginia, to be a Federal Trade Commissioner, Chairman Designate
  • Mr. Rohit Chopra, of New York, to be a Federal Trade Commissioner
  • Mr. Noah Joshua Phillips, of Maryland, to be a Federal Trade Commissioner 
  • Ms. Christine S. Wilson, of Virginia, to be a Federal Trade Commissioner

Hearing Details:

Wednesday, February 14, 2018
10:00 a.m.
Full Committee 

This hearing will take place in Russell Senate Office Building, Room 253. Witness testimony, opening statements, and a live video of the hearing will be available on www.commerce.senate.gov.

Ranking Member Bill Nelson Opening Statement

Wed, 02/14/2018 - 9:47am

Thank you, Mr. Chairman.  I want to thank the nominees for appearing before us today. 

While the Federal Trade Commission is a small agency, it’s one with a big responsibility – protecting American consumers.   Whether it involves small-time robocallers, multi-million-dollar payday lenders or giant Silicon Valley tech companies, the FTC acts as a cop on the beat that polices a whole host of unscrupulous practices that put Americans’ pocketbooks at risk.   

And it’s not just financial harm – public health can also be at stake.  In the past, the FTC has cracked down on cigarette advertisements aimed at kids and on phony sports equipment claiming to prevent concussions. 

Just recently, the FTC and the FDA sent warning letters to 11 companies who were touting “opioid cessation products.”  Given the depth of the opioid crisis in our nation, it’s unconscionable that anyone would prey on vulnerable families in desperate need of help.   

While the recent action by the FTC is a positive step, it also raises serious questions about why the agency waited so long to address the opioid crisis.  Where was the FTC all these years when drug manufacturers were making deceptive marketing claims about the risks associated with OxyContin and other opioids? 

Given this reality, it is absolutely essential that the agency fulfills its mission to protect American consumers in a no-nonsense, nonpartisan and independent manner.  Unlike other independent agencies, it has a long tradition of acting on a consensus basis.

The FTC’s mission is too important for individual commissioners to let politics or special interests impede the agency’s law enforcement work.  If confirmed, I expect all of you to continue the tradition of past commissioners and work in a constructive, bipartisan and independent manner.

And finally, let me say a word about net neutrality.  Simply put, the Federal Trade Commission is not the agency for net neutrality.  Despite the amazing things the FTC does, it does not have the expertise, the resources or the authority to adopt forward looking rules to protect broadband consumers. 

That’s why I support the CRA to restore the FCC’s critical net neutrality protections. That CRA, though, is not inconsistent with my continuing belief that, in the long-term, only lasting bipartisan net neutrality legislation with real protections can bring the certainty necessary to fully protect consumers and preserve the FCC’s authority.

Thank you, Mr. Chairman.

<p>Today we welcome four nominees to

Wed, 02/14/2018 - 9:10am

Today we welcome four nominees to testify before the Committee as we consider their nominations to serve as commissioners at the Federal Trade Commission (FTC).  

Joseph Simons has been nominated to serve as a commissioner and FTC Chairman, and his credentials are impressive.  Mr. Simons served as the FTC’s chief antitrust enforcer, among other positions at the Commission. 

Most recently, he served as partner and co-chair of the Antitrust Group at the law firm of Paul, Weiss, Rifkind, Wharton, and Garrison.

Christine Wilson is an antitrust and consumer protection attorney, who most recently served as Vice President for Regulatory and International Affairs at Delta Airlines.  Among her other credentials, she too has worked at the Commission before serving as Chief of Staff to FTC Chairman Tim Muris during the George W. Bush Administration.

Noah Joshua Phillips is a familiar face to many of us, as he currently serves as Chief Counsel to Senator John Cornyn, where he advises on issues including antitrust, consumer privacy, and intellectual property.

Finally, Rohit Chopra.  While not an attorney steeped in competition law, Mr. Chopra does have extensive experience in government service and as a consumer advocate. 

He currently serves as a Senior Fellow at the Consumer Federation of America, and previously served in senior roles at both the Consumer Financial Protection Bureau and the U.S. Department of Education.

Thank you all for being here and welcome to your friends and families who are also joining us.

The FTC is not the largest or most well-known agency under this Committee’s jurisdiction, but it is arguably one of the most influential, given its mission to oversee competition and consumer protection across broad swaths of the American economy.

The FTC was founded in 1914 by the direction of Congress, and for more than a century, the Commission has evolved alongside changing market dynamics and consumer preferences. 

The agency was borne out of concern at the time that more needed to be done to ensure competitive markets in the United States and to “bust the trusts” that threatened that competition.  The Commission’s focus soon expanded to include a mandate to enforce against unfair and deceptive acts and practices that threaten consumers.

A common theme bridging the Commission’s dual focus on competition and consumer protection is ensuring freedom in the marketplace. 

Over its history, and on balance, the FTC has been a strong cop on the beat ensuring that Americans reap the benefits from a functioning economy – not one dominated by firms with unfairly-concentrated market power.  The FTC has also made it possible for Americans to be confident in their transactions, to spend freely, and grow the economy with the knowledge that they are largely protected from the fraudsters and cheats who would do them harm.

But the agency has not been without controversy.  In the late 1970s, for example, the agency drew criticism for its consideration of a regulation that would have imposed major restrictions on television advertisements aimed at young children in order to reduce the amount of sugar children eat.  This regulatory overreach led the Congress to advance heightened procedural safeguards on the Commission’s authority to promulgate rules and led one media outlet to criticize the Commission as the “great national nanny.”

The Commission’s assertiveness and the breadth of its jurisdiction have earned the FTC other nicknames as well.  More recently, the agency has been called “the Federal Technology Commission.”

That nickname is actually an appropriate one, given the Commission’s increased focus on the American tech sector and the growing influence of Silicon Valley on the American economy.  It is my expectation that the FTC will continue its vigilance on this beat.

Privacy and data security, for example, will remain major consumer protection concerns in the coming years, and issues each of these nominees will contend with, once confirmed. The FTC must continue to bring deception cases where it finds material misrepresentations.  And it must bring unfairness cases where it finds substantial harm.

Once again, I would like to thank you all for testifying today and for your willingness to fill these critical posts.

I will now turn to Ranking Member Nelson for any opening remarks.

Thune on Confirmation of Federal Railroad Administrator Ronald Batory, other DOT Nominations

Tue, 02/13/2018 - 12:00pm
U.S. Sen. John Thune (R-S.D.), chairman of the Senate Committee on Commerce, Science, and Transportation, issued the following statement on the confirmation of key Department of Transportation nominees:

ICYMI: Commerce Committee Members on White House Infrastructure Proposal

Tue, 02/13/2018 - 12:00pm

Yesterday, members of the Committee on Commerce, Science, and Transportation, which exercises jurisdiction over aviation, railroad, broadband, and other key infrastructure, expressed readiness to kick off consideration of infrastructure legislation following President Trump’s announcement of the administration’s plan:

     

Sen. John Thune (R-S.D.), full committee chairman: 

“Through this guidance and letting Congress have the opportunity to write bipartisan legislation, President Trump has offered us direction to meet infrastructure needs in our nation’s states, cities, and rural communities. Aligning federal infrastructure funding with local priorities and looking at other impediments to building would increase accountability and help us meet our most critical infrastructure needs faster.  I look forward to working with my ranking member, Sen. Nelson, and other colleagues on both sides of the aisle to discuss and incorporate their ideas and priorities into legislation.”

 

Sen. Bill Nelson (D-Fla.), full committee ranking member:

“Modernizing our transportation and communication networks is something we all agree the U.S. desperately needs in order to create more jobs and maintain our leadership in the global economy. We need to make real investments - not cuts - in Florida and communities around the country. That’s why I plan to work with Chairman Thune and my colleagues on the Senate Commerce Committee to try to come up with a bill that can garner broad support and include ideas from both parties.” 

 

Sen. Roy Blunt (R-Mo.), Aviation Subcommittee chairman:

“As a hub for our nation’s highways, railways, and waterways, improving the strength, safety, and reliability of our infrastructure is critical for maintaining our state’s competitive advantage. The president’s focus on expediting new projects, leveraging federal dollars to boost state, local, and private-sector investment, and modernizing rural infrastructure, including broadband expansion, provides a solid foundation for the committee to begin its work on a broad, bipartisan bill. I look forward to getting to work on a plan that will ensure we have the infrastructure network our economy needs to grow, create jobs, and drive innovation.”

 

Sen. Deb Fischer (R-Neb.), Surface Transportation Subcommittee chairman:

“Since my time in the Nebraska legislature, I have worked hard to make long-term infrastructure solutions a priority. With the plan released today, the administration has put to paper some of the ideas I’ve long talked about to move important projects forward. These include: empowering states as decision-makers in the process, reducing regulatory barriers, and streamlining the permitting process. I’m also pleased this plan makes investments in rural America that would strengthen the rural communities, which are the heart and soul of Nebraska. I look forward to working with the administration to implement these ideas that will connect families and communities, keep travelers safe, and grow our economy.”

 

Sen. Jerry Moran (R-Kan.), Consumer Protection Subcommittee chairman:

“For years, Washington has neglected to adequately address the unique issues affecting rural America, including the growing Digital Divide. I am pleased that the president’s infrastructure plan includes an aggressive strategy to equip Americans living in rural areas with high-quality roads and bridges, modernized communications networks and the ability to quickly create and build infrastructure important to each community. These kinds of investments will make a clear difference in the lives of Kansans across our state. I look forward to working with my colleagues on both sides of the aisle to send an infrastructure bill to the president’s desk that streamlines the permitting process, cuts cumbersome red tape and quickly deploys broadband infrastructure to rural America.”

    

Sen. Dan Sullivan (R-Alaska):

“Addressing our nation’s inadequate and deteriorating infrastructure is vital as we continue to reignite America’s economy. I’m pleased to see that as part of this infrastructure proposal, the Trump administration is focused and committed to an element that I believe is crucial for success – reforming our nation’s broken public-works and environmental permitting process. Without these long overdue changes to our regulatory framework – regardless of how much money is spent – we will continue to see years-long delays, exorbitant costs, and the loss of private investment." 

 

Sen. Dean Heller (R-Nev.):

“As a strong advocate of the federal government’s responsibility to advance critical infrastructure projects, like the extension of I-11 that I helped push through the Senate and into law, I welcome the release of the Trump Administration’s roadmap to repair our nation’s aging infrastructure. There’s no denying that in Nevada, and across the country, there is a great need to significantly improve our infrastructure, whether it’s highways and bridges, broadband facilities, waterways, or public buildings. As a champion for expanding rural Nevadans’ access to quality, high-speed Internet, I’m also encouraged by the President’s focus to accelerate and streamline the permitting process for broadband buildout and other environmental reviews, which have caused project delays for our own state’s transportation department.”

 

Sen. James Inhofe (R-Okla.):

“Today, President Trump announced a bold infrastructure proposal that will provide additional resources and reform existing programs and processes to transform how we address infrastructure investment. By unlocking the overbearing and duplicative permitting process and aggressively leveraging private and local investment with federal dollars, we can stimulate investment, streamline regulations and invest in rural America while providing jobs and economic opportunity across the country.” 

       

Sen. Shelley Moore Capito (R-W.Va.):

“I welcome President Trump’s commitment to improving America’s infrastructure—particularly when it comes to rural communities—and I appreciate his leadership in moving this process forward. The proposal released today is a great starting point that I’m confident will lead to a strong and comprehensive legislative proposal. It’s now time for Congress to continue our work to craft infrastructure legislation that will remove regulatory obstacles, strengthen surface transportation, improve our waterways, and help close the digital divide”

 

Sen. Todd Young (R-Ind.):

“Known as the ‘Crossroads of America,’ Indiana is a logistics, manufacturing, and transportation hub. Modernizing and investing in our infrastructure system is critical for us to remain competitive. The administration’s proposal strives to reward states that secure new non-federal infrastructure revenue, such as Indiana did in 2017, placing the Hoosier-state in the driver’s seat within the confines of this infrastructure proposal. By streamlining onerous permitting regulations, empowering states to invest in their own infrastructure priorities, and significantly investing in rural America, this proposal is welcome news for Indiana as we work to ensure our state is equipped for the jobs of today and tomorrow. I look forward to robustly studying this proposal with my colleagues on the Senate Commerce, Science, and Transportation Committee in the coming weeks.” 

 

In a joint release yesterday with Commerce Committee Ranking Member Bill Nelson (D-Fla.), Thune indicated the committee will convene for a hearing on infrastructure legislation in March.

Nelson Statement on Administration's NASA Budget Proposal

Mon, 02/12/2018 - 12:00pm

U.S. Sen. Bill Nelson (D-FL) issued the following statement in response to the Trump administration's release of its NASA budget proposal:

“The administration’s budget for NASA is a nonstarter,” said Nelson. “If we’re ever going to get to Mars with humans on board and return them safely, then we need a larger funding increase for NASA.  The proposal would also end support for the International Space Station in 2025 and make deep cuts to popular education and science programs.  Turning off the lights and walking away from our sole outpost in space at a time when we’re pushing the frontiers of exploration makes no sense.”

Thune and Nelson Statements on White House Infrastructure Proposal

Mon, 02/12/2018 - 12:00pm
U.S. Sens. John Thune (R-S.D.) and Bill Nelson (D-Fla.), the chairman and ranking member of the Committee on Commerce, Science, and Transportation, which exercises jurisdiction over aviation, railroad, broadband, and other key infrastructure, issued the following statements on the national infrastructure proposal unveiled by the White House today.

Committee Announces Hearing for FTC Nominees

Wed, 02/07/2018 - 12:00pm

WASHINGTON – U.S. Sen. John Thune (R-S.D.), chairman of the Senate Committee on Commerce, Science, and Transportation, will convene a hearing at 10:00 a.m. on Wednesday, February 14, 2018, for the president’s nominees to serve as Federal Trade Commissioners.

The nominees’ questionnaires are available at www.commerce.senate.gov/nominations

Witnesses:

  • Mr. Joseph Simons, of Virginia, to be a Federal Trade Commissioner, Chairman Designate
  • Mr. Rohit Chopra, of New York, to be a Federal Trade Commissioner
  • Mr. Noah Joshua Phillips, of Maryland, to be a Federal Trade Commissioner 
  • Ms. Christine S. Wilson, of Virginia, to be a Federal Trade Commissioner

Hearing Details:

Wednesday, February 14, 2018
10:00 a.m.
Full Committee 

This hearing will take place in Russell Senate Office Building, Room 253. Witness testimony, opening statements, and a live video of the hearing will be available on www.commerce.senate.gov.

Testimony

Tue, 02/06/2018 - 10:10am

Testimony

Tue, 02/06/2018 - 10:07am

Testimony

Tue, 02/06/2018 - 10:05am

Testimony

Tue, 02/06/2018 - 9:58am

Commerce Ranking Member Bill Nelson Opening Statement

Tue, 02/06/2018 - 2:59am

Today’s hearing is the latest edition in a long history of hearings that the Commerce Committee has held on high profile data breaches.  Uber now joins Equifax, Yahoo, Target, Sony, and the University of Maryland, among others, as a breached entity telling its story to this committee and to Congress.  And this story at this hearing only once again underscores the need for comprehensive and strong federal legislation that will provide adequate protections to consumers.  

In this regard, Senator Blumenthal and I have once again introduced such legislation, the Data Security and Breach Notification Act, which would require companies to secure their data and to promptly notify consumers when there is a breach. 

The bill would also impose criminal penalties on corporate officials that willfully disguise breaches from the public, and it would provide for robust enforcement by the Federal Trade Commission and state attorneys general working together to hold companies accountable.

As in previous Congresses, I will continue to work with Chairman Thune and other interested members of the committee to craft bipartisan and meaningful data security legislation.  

However, any such bill cannot simply cater to corporate interests.  A bipartisan bill must provide consumer protections that are better than what is in current law.  

Currently, the FTC is the key federal agency that is bringing enforcement actions against breached companies that collected and stored vast amounts of consumer data with lax security standards in place.  And a myriad of state laws currently provide American consumers with a limited degree of protection from data breaches.  

We should not adopt federal legislation that undercuts the FTC’s existing, long-standing and well-established authority; nor should we consider a bill that eviscerates all state legal protections and replaces them with weak federal standards.  

From my standpoint, I can only support a data security bill that provides consumers with protections that are stronger than current ones.  It would be better for Congress to pass no bill at all than pass a bill that provides consumers with less protections under the status quo.

Thank you again, Mr. Chairman. I look forward to hearing from our witnesses.

Data Security and Bug Bounty Programs: Lessons Learned from the Uber Breach and Security Researchers

Tue, 02/06/2018 - 2:45am

WASHINGTON – U.S. Jerry Moran (R-K.S.), chairman of the Senate Subcommittee on Consumer Protection, Product Safety, Insurance, and Data Security will convene a hearing titled, “Data Security and Bug Bounty Programs: Lessons Learned from the Uber Breach and Security Researchers,” at 2:45 p.m. on Tuesday, Feb. 6, 2018. The hearing will examine the October 2016 Uber data breach, the overall value of so-called “bug bounty” programs and other approaches to identify vulnerabilities, and the allegations of impermissible payments by Uber to conceal the security incident.  

Witnesses:

  • Mr. John Flynn, Chief Information Security Officer, Uber Technologies, Inc.
  • Mr. Marten Mickos, Chief Executive Officer, HackerOne, Inc.
  • Ms. Katie Moussouris, Chief Executive Officer, Luta Security, Inc.

*Witness list subject to change

Hearing Details:

Tuesday, February 6, 2018
2:45 p.m.


This hearing will take place in Russell Senate Office Building, Room 253. Witness testimony, opening statements, and a live video of the hearing will be available on www.commerce.senate.gov.

<p>Good afternoon. Welcome to the

Mon, 02/05/2018 - 5:51am

Good afternoon. Welcome to the Consumer Protection, Product Safety, Insurance, and Data Security Subcommittee’s hearing on “Data Security and Bug Bounty Programs: Lessons Learned from the Uber Breach and Security Researchers.” The Subcommittee will come to order. 

Thank you all for being here today to discuss the October 2016 Uber data breach and the allegations against the company regarding impermissible payments to conceal a security incident through its bug bounty program. A bug bounty is a reward offered to someone outside of the company who identifies an error or vulnerability in a computer program or system in connection with a coordinated vulnerability disclosure program. The committee plans to examine the value of these innovative programs and other coordinated approaches to identify cyber vulnerabilities and prevent these types of incidents.

In late 2016, Uber was notified by anonymous sources that certain archived copies of its databases had been compromised. According to a letter in response to an inquiry made by this committee in partnership with the Senate Finance Committee, Uber’s security team “took immediate steps to respond to and limit the impact of the incident,” including identifying the parties responsible and paying $100,000 to them in exchange for assurances that the compromised data would be deleted.

An independent forensic analysis found that the exposed data included information pertaining to approximately 57 million users in total, from both drivers and riders.  25 million of those affected users were from the United States, and the driver’s license numbers of about 600,000 drivers were compromised in the breach.

The fact that the company took approximately a year to notify impacted users raises red flags within this Committee as to what systemic issues prevented such time-sensitive information from being made available to those left vulnerable. Additionally, my colleagues and I seek specific clarification as to what policy safeguards are currently in place to prevent bug bounty programs from being used as extortion pay-out mechanisms in the future.

These substantive concerns, however, should not completely outweigh the overall utility of this innovative, crowd-sourced approach that many industry actors have taken to proactively identify “chinks in their technological armor” through effectively administered bug bounty programs and other cyber vulnerability disclosure efforts. 

As the American public becomes more and more dependent on innovative technologies to complete everyday tasks, cybersecurity vulnerabilities pose a direct threat, whether it be through a critical telehealth monitoring system, an autonomous vehicle transporting your family, or access to personally identifiable information.  Cyber threats are continuously evolving with the technology we rely on.

My goal for this hearing is to find out exactly what prevented Uber from immediately notifying its users who were impacted by the 2016 breach, the specifics of the related payments and what steps Uber is taking internally to improve its notification protocols. I also want to have a larger discussion on how vulnerability disclosure programs, like bug bounties, can be used effectively to deter cyber threats from harming consumers.

It is my pleasure to introduce our panel today. Thank you all for being here.

Mr. John “Four” Flynn is the Chief Information Security Officer for Uber Technologies, Inc.  He is an expert in information security with over 10 years of experience in the field, including leading infrastructure security at Facebook and managing security operations at Google. 

Mr. Martin Mickos is the Chief Executive Officer of HackerOne, which is a leading bug bounty firm in the country serving a variety of government and private sector clients, including Uber, in administering their crowd-sourced vulnerability disclosure programs. 

Ms. Katie Moussouris is the Founder and CEO of Luta Security, Inc., which advises its clients on vulnerability coordination programs and applicable internal company policies. 

Mr. Justin Brookman is the Director for Consumer and Technology Policy for the Consumers Union, which is an independent nonprofit consumer organization.  In his role, he focuses on policies related to consumer data privacy and security. 

I look forward to hearing the testimonies of this expert witness panel.  I now turn to my colleague Ranking Member Blumenthal for his opening remarks.

Committee Announces Hearing to Examine Data Security and Bug Bounty Programs

Tue, 01/30/2018 - 12:00pm

WASHINGTON – U.S. Jerry Moran (R-K.S.), chairman of the Senate Subcommittee on Consumer Protection, Product Safety, Insurance, and Data Security will convene a hearing titled, “Data Security and Bug Bounty Programs: Lessons Learned from the Uber Breach and Security Researchers,” at 2:45 p.m. on Tuesday, Feb. 6, 2018. The hearing will examine the October 2016 Uber data breach, the overall value of so-called “bug bounty” programs and other approaches to identify vulnerabilities, and the allegations of impermissible payments by Uber to conceal the security incident.  

Witnesses:

  • Mr. John Flynn, Chief Information Security Officer, Uber Technologies, Inc.
  • Mr. Marten Mickos, Chief Executive Officer, HackerOne, Inc.
  • Ms. Katie Moussouris, Chief Executive Officer, Luta Security, Inc.

*Witness list subject to change

Hearing Details:

Tuesday, February 6, 2018
2:45 p.m.


This hearing will take place in Russell Senate Office Building, Room 253. Witness testimony, opening statements, and a live video of the hearing will be available on www.commerce.senate.gov.

Copyright

© 2017 Women Construction Owners & Executives USA
WCOE grows your contacts, contracts & bottom line