'This Is Happening Every Day': Kweisi Mfume Presses Expert On Data Breaches By Foreign Adversaries

Forbes Breaking News

During a House Oversight Committee hearing on Thursday, Rep. Kweisi Mfume (D-MD) spoke about data breaches by foreign adversaries.

Transcript

00:00Thank you, and I'll now recognize Mr. Mfume for five minutes.

00:04Madam Chairwoman, thank you very much.

00:06My thanks to the guests who have come to GATE.

00:10One of the things that strikes me about this hearing is that we don't have enough time,

00:14and we're all trying to get a lot in here.

00:17So I will certainly use the right that members have to submit questions for the record for five business days

00:25because there are a number of you.

00:26Mr. Shaw, in particular, I want to ask some questions of you.

00:29Through that process, and Mr. Schneier, your testimony was chilling, to say the very least,

00:38so hopefully we can talk about that.

00:40But, Ms. Miller, I'd like to start with you.

00:43Much of your work focuses on fraud prevention, and before we get to that,

00:47I'd like to go back to something that I heard that was just as chilling,

00:51and that was your description of these outdated privacy laws,

00:56which don't afford any protection whatsoever to what's happening now in 2025 at the rapid pace of this technology and its development.

01:06It's very scary to believe and to hear, quite frankly, that we are behind in that

01:12because the privacy of Americans is absolutely important.

01:16It's just as important as what Ms. Norton brought up earlier,

01:21and that is the fact that people who are looking for Social Security

01:25or trying to get Medicaid or trying to figure out SNAP benefits

01:29are running into this technology and being run over by it in many instances.

01:33So, can we talk just a minute about these privacy laws,

01:37which I assume they predate all of this discussion,

01:43and that there is, as I understand, not a real determined effort to upgrade them

01:48to be able to protect industry and be able to protect government and individuals.

01:53Yeah, thank you, Congressman.

01:55And then the Privacy Act was passed in 1972, which was 52 years ago, almost 53,

02:02and we still have, that's still the law that governs how we protect privacy today,

02:09which obviously is exceptionally outdated.

02:13There are, in my opinion, there isn't a lot that can be done through the legal system

02:19to protect Americans' personally identifiable information anymore.

02:23I think we just live in an entirely new world now,

02:26and foreign adversarial nation-state actors, criminal rings.

02:29We've, all of our data has been monetized, is being monetized today.

02:3396% of information that's stolen through a data breach is used to monetize by a threat actor.

02:40And so, because we have such an asymmetric situation when it comes to data,

02:45government is going to have to get much better about using technology to protect privacy.

02:49And there are technologies that are in place, I'm sure, that some of the panelists here today

02:54are using in the private sector.

02:57We can anonymize data.

02:59And so we can do things that can protect people's privacies,

03:03and we're going to need to think about this both from a legislative perspective,

03:06not hamstringing agencies.

03:08The Privacy Act and the Computer Matching Act keep agencies from being able to share data

03:12that they desperately need to be able to find these actors.

03:15And again, these actors are foreign adversarial actors.

03:18Thank you very, very much.

03:20Mr. Schneier, let's go back to your assessment of the bigger you are,

03:25the bigger target you are, the more data is collected on you,

03:28and the more harm that will come to you, your community, your agency, your government,

03:33in this instance.

03:34Walk me down that, briefly, down that street again,

03:37because you didn't go into the fact that this is not science fiction.

03:41This is happening every day, and it's happening to the United States of America.

03:45I mentioned China, the OPM breach from the last decade,

03:50where China went into OPM and took the data, among other things,

03:55all the clearance forms of United States citizens.

03:58And you can imagine why they might do that,

04:00why they might identify who spies are,

04:02might look for people they can influence.

04:05And that is the sort of thing that countries are doing today.

04:08I mean, I'm assuming we're doing it to them.

04:11And so this data is very valuable at the government level for a lot of different things.

04:17I mentioned two scenarios.

04:19I mentioned a potential war scenario, a potential peace scenario.

04:22The more data we have, and our data is being collected everywhere.

04:27And so, I mean, a lot of data is had by social media companies

04:30that know a lot about what we like and who we are

04:33and who our friends are and who is important to us.

04:36But the data we give governments is a different sort of data.

04:39You think about the data that's on the tax return

04:43or the data that the Census Bureau collects or the military data.

04:49That's personal on a different level.

04:51And countries want that.

04:54They're going to want that in aggregate to figure out things about us,

04:57and they're going to want it individually.

04:59And coercion is a lot of it depends who you are, what coercion means.

05:03My time has expired.

05:04Madam Chair, thank you very much.

Category

Transcript

Recommended