TIME technology

FBI Director Implies Action Against Apple and Google Over Encryption

FBI Director James Comey testifies at a Senate Judiciary Committee hearing on "Oversight of the Federal Bureau of Investigation" on Capitol Hill in Washington
FBI Director James Comey testifies at a Senate Judiciary Committee hearing on "Oversight of the Federal Bureau of Investigation" on Capitol Hill in Washington May 21, 2014. Kevin Lamarque—Reuters

The law enforcement chief made it clear, however, that he was speaking only for his own agency and not others

FBI Director James B. Comey has expressed exasperation at the advanced data encryption technologies that companies like Apple and Google say they will offer their customers, and implied that the government might attempt regulations to ensure a way around them.

“Perhaps it’s time to suggest that the post-Snowden pendulum has swung too far in one direction — in a direction of fear and mistrust,” Comey told the Brookings Institution in a speech Thursday. Comey also spoke of the need for a “regulatory or legislative fix” to hold all communications companies to the same standard, “so that those of us in law enforcement, national security and public safety can continue to do the job you have entrusted us to do, in the way you would want us to.”

But in response to questions from reporters and Brookings experts, the FBI director made it clear that he was only talking on behalf of his own organization and thus could not speak for the NSA or other intelligence agencies, reports the New York Times.

This is not the first time that Comey has spoken out against Apple and Google’s move to give users complete control over data encryption, but the implications of legislative action against these companies is a step forward in government efforts to thwart it.

While Apple and Google have not commented on Comey’s latest remarks, technology companies have previously said that the move toward personal data encryption will not slow down, and will in fact probably be stepped up.

“I’d be fundamentally surprised if anybody takes the foot of the pedal of building encryption into their products,” Facebook’s general counsel Colin Stretch told the Times. He added that encryption was a “key business objective” for technology companies.

TIME Security

Experts Doubt ISIS Could Launch Major Cyberattack Against the U.S.

A member loyal to the ISIL waves an ISIL flag in Raqqa
A member loyal to ISIS waves an ISIS flag in Raqqa, Syria in June 29, 2014. Reuters

Experts say the Islamist militants' social media savvy doesn’t translate into a real cybersecurity threat against the U.S.

The Islamist militants who have taken over swathes of Syria and Iraq have proven remarkably adept at using 21st century technology.

In the Islamic State of Iraq and Greater Syria’s (ISIS) drive to establish what it calls a new caliphate, the group has gathered between 20,000 and 31,500 fighters, partly thanks to its recruitment campaign over social media networks like Facebook, Twitter and YouTube. Widely disseminated video footage of executed American and British citizens have become ISIS’s tools for terror; the Internet is ISIS’s vehicle.

Today, ISIS’s adroit use of modern technology is raising a new specter: cyberterrorism. Several prominent national security experts and cyber analysts warned this week that ISIS could someday threaten the United States, elevating fears about the West’s vulnerability to a cyberattack.

“ISIS has already had success in utilizing technology, using the web for recruiting, distribution of terrorist information and scare tactics,” David De Walt, the chief executive of tech security company FireEye told the Financial Times this week. Now, De Walt said, “[w]e’ve begun to see signs that rebel terrorist organizations are attempting to gain access in cyber weaponry.”

And on Tuesday, National Security Agency Director Michael Rogers warned that the U.S. needs to bolster its defenses against digital attacks from terrorist groups like ISIS.

“It’s something I’m watching,” Rogers said of ISIS’s aggressive use of Internet technology at a cybersecurity conference in Washington, D.C. “We need to assume that there will be a cyber dimension increasingly in almost any scenario that we’re dealing with. Counterterrorism is no different.”

But do we really need to fear a cyber attack from ISIS? As it turns out, probably not: ISIS’s social media savvy doesn’t necessarily translate into a real cybersecurity threat against the United States, and much of the talk about the group’s growing cyber-prowess overstates the point, experts told TIME.

“I don’t think anyone has any proof that there’s an imminent attack or that ISIS has acquired the manpower or the resources to launch an attack on the infrastructure of the United States,” said Craig Guiliano, senior threat specialist at security firm TSC Advantage and a former counterterrorism officer with the Department of Defense. “It could be a potential threat in the future, but we’re not there yet.”

ISIS, a group with little technological infrastructure, doesn’t have many resources to wage a cyberwar against the United States. Compared to larger, state-sponsored hacking operations, ISIS is miles behind. Chinese hackers, for instance, who have been accused of attacking U.S. businesses and government contractors, are reported to have wide-ranging support from Chinese authorities, with many of the hackers hailing directly from the Chinese army.

A few ISIS-related figures have been connected with cyberattacks or cybercrime. Abu Hussain Al Britani, a British hacker who has since moved to Syria and begun recruiting for ISIS, was jailed in 2012 for hacking into former Prime Minister Tony Blair’s Gmail account. One of the more prominent tech-savvy ISIS supporters, Al Britani maintains a Twitter account that calls for new ISIS recruits.

And a group called “Lizard Squad” that has claimed responsibility for high-profile cyberattacks that have brought down the websites of the Vatican, Sony and others has tenuously been linked to ISIS on the basis of tweets like this one:

But ISIS doesn’t appear to have the manpower to launch sophisticated attacks against the United States. “You need some resources. You need access to certain kinds of technology. You need to have hardcore programmers,” Jim Lewis of the Center for Strategic and International Studies said. “ISIS doesn’t have those capabilities.”

Unlike China’s state-sponsored hackers, who have a strong interest in attacking U.S. businesses to hawk trade secrets and intellectual property, ISIS is more concerned with taking real-world territory and controlling it. ISIS’ first priority is establishing control over the disparate desert regions from the outskirts of Aleppo in Syria to Falluja in Iraq and creating an Islamic caliphate—not an expensive and often intangible cyberwar against American websites.

“ISIS wants to conquer the Middle East, not hack websites in Omaha,” said Lewis.

That’s not to say that ISIS is incapable of launching an attack in the future. ISIS is believed to be well-funded, likely capable of purchasing simple malware on the black market and using it against the West. But the kinds of attacks ISIS would be able to carry out would likely be more of an annoyance than a debilitating strike on the United States’ infrastructure, the kind of attack that national security experts really worry about.

During the most recent spate of violence between Gaza and Israel, for example, hackers on both sides launched distributed denial of service (DDoS) attacks, which involves using multiple servers to overload a website and briefly disable it. That kind of attack is a far cry from shutting down power plants in the U.S. or attacking nuclear reactors. Still, the threat of a cyber strike, particularly against financial institutions as a means of funding ISIS’s expansion, may grow over time.

“ISIS is continuously looking for new ways to carry out high impact high visibility events to bring attention to their cause,” said John Cohen, recently the counterterrorism coordinator at the Department of Homeland Security and currently a professor at Rutgers University. “One has to speculate they are looking at the results of major cyber breaches such as Target or Home Depot and against critical infrastructure, and thinking about them as a potential avenue.”

TIME Innovation

Five Best Ideas of the Day: September 19

1. China should match its massive investment in Africa with robust support for the Ebola fight.

By James Gibney in Bloomberg View

2. The market alone can’t drive advances in biomedical science. Philanthropy has a role.

By David Panzirer in Wired

3. Far from radical, the new USA Freedom Act protects citizens from government spying with better oversight and less secrecy.

By Mary McCarthy in USA Today

4. Outdated laws on debt collection and wage garnishment are crushing the working poor.

By Paul Kiel in ProPublica and Chris Arnold at National Public Radio

5. Scotlands referendum was a reassuring exercise in the ‘majesty of democracy.’

By Michael Ignatieff in the Financial Times

The Aspen Institute is an educational and policy studies organization based in Washington, D.C.

TIME New Zealand

Snowden: NSA Collected Data on New Zealand Citizens

Edward Snowden Julian Assange Kim Dotcom Moment of Truth
Edward Snowden, Julian Assange, Internet Party leader Laila Harre, Robert Amsterdam, Glenn Greenwald and Kim Dotcom discuss the revelations about New Zealand's mass surveillance at Auckland Town Hall in Auckland, New Zealand on Sept. 15, 2014. Hannah Peters—Getty Images

New Zealand prime minister denies his government helped U.S. collect data on private citizens by gaining access to undersea cables

Documents released by former National Security Agency contractor Edward Snowden purport to show U.S. and New Zealand officials have collected Internet data via underwater cables that connect New Zealand, Australia and North America.

The documents, reported by The Intercept and the Sydney Morning Herald, are said to show the program, called “Speargun,” had initially been implemented in 2012 or early 2013 by the Government Communications Security Bureau (GCSB) of New Zealand.

The GCSB was alleged to have gained covert access to a Trans-Pacific undersea cable network through which data is transmitted between Australia, New Zealand, Fiji and Hawaii, to allow the NSA to harvest data.

Prime Minister of New Zealand John Key denies that the GCSB has participated in mass surveillance of citizens, though he reportedly would not discuss the existence of the program New Zealand reportedly used to conduct surveillance.

Snowden said in an interview with The Intercept website, which first reported the program’s existence, that the Prime Minister was fully aware of the program. “The Prime Minister’s claim to the public, that ‘there is no and there never has been any mass surveillance’, is false,” Snowden said. “The GCSB, whose operations he is responsible for, is directly involved in the untargeted, bulk interception and algorithmic analysis of private communications sent via internet, satellite, radio, and phone networks.”

[Sydney Morning Herald]

TIME privacy

U.S. Threatened Yahoo With Massive Fines Over User Data

Yahoo's Headquarters In Sunnyvale, California
A sign is posted in front of the Yahoo! headquarters on May 23, 2014 in Sunnyvale, Calif. Justin Sullivan—Getty Images

Yahoo tried to fight the government's requests for user information

The U.S. government threatened Yahoo with a $250,000-a-day fine in 2008 if the tech company did not comply with requests for user information, according to roughly 1,500 pages of newly released legal documents.

“We refused to comply with what we viewed as unconstitutional and overbroad surveillance and challenged the U.S. Government’s authority,” Yahoo’s General Counsel Ron Bell wrote in a Tumblr post published on Thursday. “The released documents underscore how we had to fight every step of the way to challenge the U.S. Government’s surveillance efforts.”

Yahoo’s multiple challenges against the government were unsuccessful however, and the company started providing user data to PRISM, the controversial National Security Agency program that was shut down in 2011 and revealed to the public by Edward Snowden in 2013, the Washington Post reports.

Yahoo felt these government requests, which asked for data about whom and when users outside of the U.S. emailed (though not email content itself), bypassed required court reviews of each surveillance target.

Federal Judge William C. Bryson of the Foreign Intelligence Surveillance Court of Review ordered the unsealing of the documents as part of a move to declassify cases and documents that established the legal basis for the PRISM program.

TIME hackers

Founder of America’s Biggest Hacker Conference: ‘We Understand the Threat Now’

Black Hat founder Jeff Moss speaks during the Black Hat USA 2014 hacker conference at the Mandalay Bay Convention Center in Las Vegas
Hacker Jeff Moss also known as The Dark Tangent speaks during the Black Hat USA 2014 hacker conference at the Mandalay Bay Convention Center in Las Vegas, August 6, 2014. Steve Marcus—Reuters

The hacker who has presided for 22 years over what is today the biggest hacker conference in the United States talks to TIME about Edward Snowden, Dorian Gray and hackers' changing role in society.

For one weekend every year, thousands of the world’s best—or worst, depending on your point of view—hackers meet in Las Vegas, Nevada, for Defcon. It’s one of the biggest hacker conferences on Earth, with about 15,000 attendees this year. It’s an event that some feel pushes the boundaries of legality, as hackers teach one another skills from lock picking and password cracking to evading government surveillance. The weekend is a celebration of hackish whimsy, the right to privacy and radical freedom of expression.

The light-up electronic badge needed to get into the conference can only be purchased with cash, and organizers collect no information about attendees’ identity. The place is rumored to be teeming with cybercriminals and federal agents alike, plus hordes of hackers trying to crack each other’s systems. Using the Wi-Fi is highly discouraged by some, for good reason: One room is home to an electronic bulletin board called the “Wall of Sheep,” which lists the user ID and partial password of any hapless hacking victim at the conference.

While covering the 22nd annual Defcon, TIME caught up with the founder and patriarch of the conference, Jeff Moss — better known by his hacker handle, “The Dark Tangent,” more commonly rendered simply as “DT.” With his pink t-shirt, short curly black hair, thin-framed rectangular glasses and a bouquet of badges dangling from his neck, DT looked the part of a pasty chieftain presiding over an ancient rite in digital dystopia. He doesn’t give out his age (Wikipedia places it at 39, which seems close enough).

This interview has been edited for length.

TIME: You’re ageless.

DT: I know. But I’m afraid at one point it’ll all come crashing down. What’s the horror movie where when the painting on the wall burns and everybody ages?

Do you have a Dorian Gray painting somewhere?

That’s my concern.

This conference has a nefarious reputation. Is that fair?

Oh yeah. I think there’s a little bit of nefariousness. The nefariousness is really more of an irreverence. You’re judged on what you know and what you can do, so it’s really kind of a put up or shut up culture, and you’re judged on what’s in your head, not how you look or what kind of watch you own. Sometimes people don’t know how to deal with that.

Is the Wi-Fi here safe to use?

It’s funny. It used to be you wouldn’t use our secured network because nobody really trusted it, they’d use their phone. Now everybody’s hacking the phones and intercepting phone calls and SMS messages, and nobody trusts their phone thanks to Snowden and all, and they want to use our secured Wi-Fi.

The last Defcon happened just after National Security Agency leaker Edward Snowden was first granted temporary asylum in Russia. Where does he fit into the zeitgeist of this community?

I think the cult of personality around Snowden has been replaced by concerns about what he revealed. Last year, there was sort of this sense of impending doom. It was like, “My God, what are you going to tell us next?” Now it’s like, “Ok, we understand the threat now. We understand what’s going on due to the revelations.”

Last year, it was just this sense that offense was so totally overwhelming, defense is helpless, what are we going to do, woe is me, the sky is falling. Now we’ve had a year, and you can see what the reaction has been: more energy than ever from the Electronic Frontier Foundation and the [American Civil Liberties Union]. Hackers like Josh Corman [an Internet security expert] trying to make a contribution to make things more secure. IETF [the Internet Engineering Task Force, which develops the protocols on which the Internet is based] has decided that pervasive Internet surveillance is a threat and needs to be taken into account for all future Internet protocols. You see Google and Microsoft investing money to create foundations to audit software. Everybody’s responding in their own way, so this year it feels much more hopeful. I think that’s a much more healthy response. We feel like we’re trying to take our own future into our hands.

Nothing changed before or after Snowden’s revelations. The security researchers knew that of course that’s what the NSA or any government can do. If you talked to the hackers last year it was like, “Of course you can do that. I’ve been doing that for 10 years.” But now that it’s sunken in at a more policy level you can have the conversation. Before you would say something to your parents and they’d be like, “Oh hahaha. You’re paranoid.” Next thing you know your parents are like, “Oh my God. You were not crazy. You’re not my paranoid son.” Now we’re at a place where people can relate and that’s a much more healthy place for us to be.

Do you have any demographic information on the people who attend this conference?

We don’t collect anything. Just the number of people. This is clearly a record. We plan for 5% growth or something and we exceeded that. Nobody saw the growth coming and there’s just this dot com feeling of people piling in more than ever.

I mean, this is the first Defcon TIME Magazine has attended.

Yeah! Do you know who else is here? C-SPAN!

…Really…

Yeah!

First time, huh?

First time. First it was just hackers talking to hackers, and then companies came in, and then it was other verticals, like telecoms. Now all of a sudden we’ve got medical, we’ve got policy, government. Just when we think we’ve gotten as many people who care about what we do here, all of a sudden a new greenfield [in engineering terms, a new creative frontier] room pops open and it’s airplanes, pacemakers and smart cars. That’s why I feel like there’s this energy. It’s like, “Oh my god, they’re listening to me! There’s a new avenue. I can do something new, try a new skill, develop my software.” It’s like greenfield again. Last year it sucked and this year it’s awesome.

TIME cybersecurity

Surveillance in the Movies: Fact vs. Fiction

Experts at a hacker conference answer the question every spy-movie watcher has asked: “Can they really do that?”

For those of us who don’t work at a spy agency, the “intel” we’ve gathered on what state surveillance is like comes primarily from movies and TV shows. But just how realistic are those portrayals? A panel of experts at Defcon, one of the world’s top hacker conferences taking place in Las Vegas over the weekend, had some answers.

The Simpsons Movie (2007)

“You’re collecting all this hay. How many needles are you finding in the hay?” says Kevin Bankston, policy director for the Open Technology Institute at the New America Foundation, describing the practice of bulk collection. The answer? Not many. Bulk collection has led to “one case where they convicted a cabdriver in San Diego for donating less than $10,000 to a Somali terror group,” Bankston said. “So the question is: Is it worth collecting all of our phone records for that conviction?”

When it comes specifically to this Simpsons clip, Nicole Ozer, technology and civil liberties policy director for the American Civil Liberties Union, says there have indeed been cases of “local surveillance being rolled out in the buses.”

The Bourne Supremacy (2004)

No clip available online, but, to summarize: high-tech devices listening in on conversations around the world pick up on a single phrase — “blackbriar” — that tips off the government.

“As a civil libertarian, this movie was like cinematic crack to me,” Bankston said. With the quantity of data the NSA intercepts and the data-mining abilities of modern computers, picking out a keyword from a random conversation overheard by a surveillance program is not far fetched, he said. “This is not fiction.”

Brazil (1985)

The scene above depicts government agents discussing the use of surveillance tools to eavesdrop on a love interest.

“This brings me back to my days inside the belly of the beast,” says Timothy Edgar, who from 2006 to 2009 served as the first deputy for civil liberties in the Office of the Director of National Intelligence. “It’s a very realistic depiction of the kinds of compliance issues we had to address,” he said, though in reality “the technology was only slightly more obsolete.” According to Edgar, a review of NSA practices by the agency’s inspector general found that over a 10-year period there were 12 instances of intentional misuse of NSA surveillance, all relating to love interests.

The Dark Knight (2008)

A program that uses the microphones in the cell phones to create a sonar map of the city is mostly, but not entirely, insane.

“It’s a great mixture of actual plausible technology and really stupid technology,” Bankston said. Law-enforcement and intelligence agencies routinely take control of cell phones by remote in order to turn on microphones and cameras to spy on targets, but doing so with every phone in town at once would probably overwhelm the network. Bankston adds that if 30 million citizens of Gotham brought a class-action lawsuit against Bruce Wayne for this violation of the Wiretap Act, he’d be on the hook, per damages prescribed in the law, for $300 billion.

The Company You Keep (2012)

“This is a pretty straightforward depiction of cell-phone tracking,” Bankston said, which is “routinely done by local law enforcement, as well as the Feds, as well as the intelligence community.”

Minority Report (2002)

This kind of government search — thermal imaging followed by spider robots scurrying through a building and terrifying its inhabitants — is clearly unconstitutional, not to mention creepy. What’s interesting, Edgar notes, is the question of why it’s creepy.

“Is it the fact that they could find Tom Cruise by extracting this data from people in the apartment or the fact that they did it in a creepy way?” he said. (I.e., with bots that look like insects many find terrifying in their own right.) “What if we could just extract the data from the Internet of things that [were] already in your house?” With our homes becoming smarter and more wired, it’s easy to see how timely that question is.

Enemy of the State (1998)

In this scene, the head of the NSA tries to persuade a Congressman not to stop a bill that would give the agency broad new surveillance powers. The Congressman makes the argument — which we hear echoed today by firms like Google and Facebook — that the surveillance state doesn’t just invade privacy, but is bad for business at companies that depend on the trust of clients, including people outside the U.S.

Bankston noted that in the film, (spoiler alert) the NSA goes on to assassinate the Congressman. Edgar pointed out that any such assassination attempt would clearly step on Central Intelligence Agency toes.

“They would object very strongly to the NSA’s doing that,” he said.

TIME National Security

Reports: Snowden Granted 3 More Years in Russia

Former intelligence contractor Edward Snowden poses for a photo during an interview in an undisclosed location in December 2013 in Moscow.
Former intelligence contractor Edward Snowden in an undisclosed location in Moscow, December 2013. Barton Gellman—Getty Images

"If I could go anywhere in the world, that place would be home," Snowden said in an interview in May.

Former National Security Agency contractor Edward Snowden received permission to stay in Russia for an additional three years, his lawyer told local media Thursday, amid the worst U.S.-Russian relations since the Cold War.

Snowden revealed troves of classified information on the American government’s surveillance activities before fleeing the U.S. more than a year ago. He was shortly thereafter granted temporary asylum in Russia, which expired Aug. 1.

His lawyer in Russia, Anatoly Kucherena, was quoted in Russian news agencies saying Snowden received an extended temporary residency for three years, the Associated Press reports. However, Snowden has not received political asylum, which would allow him to stay indefinitely. Kucherena said applying for political asylum requires a separate process, but Kucherena did not say whether Snowden had begun that procedure.

The lawyer’s statements in Russia could not be immediately confirmed.

Snowden faces charges of espionage in the U.S., but Russia, which does not have an extradition treaty with the U.S., has refused to hand him over. The case was a major source of tension between the two countries even before relations deteriorated further following Russia’s annexation of Crimea earlier this year and its suspected support for pro-Russian separatists in eastern Ukraine.

[AP]

TIME Television

Maggie Gyllenhaal on Israel and Palestine — and How Obama Broke Her Heart

"I still root for him," she says

Maggie Gyllenhaal comes from a long line of lefties, including her mom Naomi Foner, whose screenplay for Running On Empty was nominated for an Oscar. The actress has been politically outspoken before standing up against the Iraq war. So it’s kind of surprising that she’s not such a fan of Obama,not will she take sides in the Israeli-Palestinian conflict.

Or maybe not that unexpected. Taking sides in the Middle East could turn potential viewers away from her new miniseries The Honorable Woman, which starts on July 31 on Sundance. “You know, you say one word on one side or the other, and you alienate hundreds of thousands of people,” she says in the longer version of her interview for the 10 Questions page of Time. “And I’m hoping actually to open many people’s minds and hearts even the tiniest bit. So, yes, I’m trying to think about what my ultimate intention is…and I’m trying to think before I speak.”

In the longer video below (pro-tip: skip the first minute if you watched the one above), Gyllenhaal also explains how President Obama broke her heart. “I really believed in him and I’m not sure what he believes in any more.” She thinks he wasn’t aggressive enough in dealing with the National Security Agency, after it was shown that their activities were Enemy of the State-ish than most Americans had been led to believe. “I still root for him,” says Gyllenhaal. “But I feel a little hopeless right now….I hope for a leader who will stand up and be unpopular.”

 

 

 

 

TIME intelligence

Senate NSA Reform Bill Earns Cautious Praise From Privacy Advocates

NSA Surveillance-Privacy Report
The National Security Agency campus in Fort Meade, Md., June 6, 2013. Patrick Semansky—AP

Senator Leahy’s USA Freedom Act carries stronger reforms than a version passed out of the House earlier this year

Advocates for reform of the National Security Agency’s domestic surveillance activities cautiously hailed the USA Freedom Act, put forth in the Senate on Tuesday, as a major step in reforming controversial programs at the agency.

“We commend the Senate Democratic and Republican co-sponsors of this version of the USA Freedom Act, which significantly constrains the out-of-control surveillance authorities exposed by Edward Snowden,” said Laura W. Murphy, director of the legislative office of the American Civil Liberties Union. “While this bill is not perfect, it is the beginning of the real NSA reform that the public has been craving since the Patriot Act became law in 2001.”

Introduced by Senate Judiciary Committee chairman Patrick Leahy, Democrat of Vermont, the USA Freedom Act would impose new restrictions on so-called bulk surveillance of American cell-phone records and Internet traffic, banning the practice of vacuuming up all cell-phone metadata from a particular area or phone-service provider, for instance. The legislation also places restrictions on what business records the government can collect, imposes new transparency requirements on the government, and creates a position of a special privacy advocate to represent civil-liberties interests in the Foreign Intelligence Surveillance Court, the secretive body that oversees NSA surveillance activities.

Many in the technology industry, where business has been threatened by investors skittish at NSA snooping on Internet traffic in the U.S., have joined calls for serious NSA reform. Privacy advocates contend that the exposed surveillance efforts also weaken security protocols of American companies.

The bill “would go a long way toward stemming the costs of the NSA’s spying programs and restoring trust in the American Internet industry,” said Kevin Bankston, policy director with the New America Foundation’s Open Technology Institute. “But ensuring that a strong version of USA Freedom becomes law is only the first step toward repairing the damage that the NSA has done to America’s tech economy, its foreign relationships, and the security of the Internet itself.”

Compared with similar legislation passed in May by the House, also called the USA Freedom Act, the Leahy bill goes significantly further in curbing what civil-liberties groups see as extraconstitutional overreach by the NSA since passage of the 2001 Patriot Act gave the spy agency broad new surveillance powers. Privacy advocates pulled support for the House bill before it came to a vote, after substantial changes to the measure gutted the bill of key reform provisions. It’s unclear if the Senate will take up the Leahy bill before the November midterm elections.

Your browser, Internet Explorer 8 or below, is out of date. It has known security flaws and may not display all features of this and other websites.

Learn how to update your browser