Andrea Peterson

Report: Cybercrime and espionage costs $445 billion annually

The Center for Strategic and International Studies, a Washington think tank, has estimated the likely annual cost of cybercrime and economic espionage to the world economy at more than $445 billion -- or almost 1 percent of global income.

The estimate is lower than the eye-popping $1 trillion figure cited by President Barack Obama, but it nonetheless puts cybercrime in the ranks of drug trafficking in terms of worldwide economic harm.

The report, funded by the security firm McAfee, which is part of Intel Security, represents one of the first efforts to analyze the costs, drawing on a variety of data. According to the report, the most advanced economies suffered the greatest losses. The United States, Germany and China together accounted for about $200 billion of the total in 2013. Much of that was due to theft of intellectual property by foreign governments.

Report: One in seven US consumers notified of personal data breaches in 2013

US consumers are increasingly victims of data breaches in which their personal data is stolen -- with one in seven being notified that their personal data was breached in 2013, according to a survey released by Consumer Reports. But most, 62 percent, have done nothing to protect their privacy online, the survey found.

Consumer Reports projected that 11.2 million people fell for e-mail phishing scams and 29 percent of Americans online had their home computers infected with malware since 2013. (The study was conducted in January 2014 by research company GfK for Consumer Reports and included interviews with 3,110 adults with home Internet access.)

Lawmakers want to sanction people who profit from economic cyberspying

Days after the Department of Justice announced the indictment of five Chinese military employees for crimes related to economic cyber-espionage, a bipartisan group of lawmakers introduced legislation that would punish the people that benefit from such spying where it hurts: In the pocketbook.

The Deter Cyber Theft Act -- introduced by Sens Carl Levin (D-MI), John McCain (R-AZ), John D. Rockefeller IV (D-WV) and Tom Coburn (R-OK) -- is a revised version of a proposal introduced in 2013. Foreign companies and individuals would be subject to a new category of sanctions under the International Emergency Economic Powers Act.

The bill also would require the director of national intelligence to publish an annual report of which foreign nations are contributing to commercial cyberspying against the United States -- be it by actively engaging in the practice themselves or by failing to prosecute it domestically. The report would include a watch list of countries actively using the Internet for economic or industrial espionage and identify which US technologies or trade secrets are being targeted by hackers among other things.

Why 76 lawmakers just voted against their own bill to reform the NSA

The House passed the USA Freedom Act, a bill aimed at reforming the National Security Agency's bulk collection of domestic phone records. But the version of that bill was different from the one that was recently approved by the House Intelligence and Judiciary Committees.

The new version from the House Rules Committee, privacy advocates say, significantly weakened the reform and included loopholes that could potentially allow bulk data collection on US citizens to continue.

Privacy advocates weren't the only ones upset about the changes. Many co-sponsors of the original version were also concerned. In fact, a Washington Post analysis of the votes shows that 76 of the 152 co-sponsors of the earlier version voted against passage of the altered version on the House floor. So, half of the co-sponsors ended up voting against what was supposed to be their own NSA reform bill. That includes Rep Jared Polis, (D-CO), who released a press statement about his change of heart after the vote.

“Unfortunately, the USA Freedom Act, which I cosponsored as introduced, has been watered down and co-opted to the point that it creates the possibility that NSA could misuse the bill- contrary to the legislative intent- to conduct broad searches of communication records," Rep Polis said.

Why Dyn just bought global-Internet-monitoring firm Renesys

When something goes wrong on the Internet, monitoring firm Renesys is watching.

Since 2000 the firm has tried to be the first to notify customers when Internet transmission goes dark, whether it's because of political strife or an undersea cable malfunction. Earlier, the company noticed another service outage in Syria's embattled Aleppo region.

Renesys announced that it was being acquired by Dyn, which monitors and manages its customers' Internet traffic. The sale price was not disclosed. Both companies are privately held. The acquisition reflects Web companies growing concern about the instability of the Internet. Internet outages have become more noticeable: Entire countries sometimes go off the map -- or traffic gets mysteriously rerouted.

"The world has become very flat when it comes to Internet usage," says Jim Cowie, Renesys' head of research and development. And that means more demand for intelligence about the status of the global Web, which can be volatile, he said.

Why the death of net neutrality would be a disaster for libraries

Q&A with to Lynne Bradley, the director of government relations at the American Library Association's Washington office.

The Internet's eyes turned to the Federal Communications Commission, as the panel approved a plan to consider allowing Internet service providers to charge Web sites like Netflix for higher-quality delivery of their content to consumers.

Another group who cares deeply about this issue is the library community. The Switch spoke to Bradley about how network neutrality affects libraries, the people who rely on them and public institutions at large.

“Net neutrality is really important for libraries because we are, first of all, in the information business. Our business now is not just increasingly, but dramatically, online, using digital information and providing services in this digital environment. That means that we need to have solid and ubiquitous Internet services,” she said.

As to the impact network discrimination could have on libraries, Bradley added: “And what we as librarians and as educators in our communities see is that subtle differences in these speeds can make a great difference in how a user receives and uses the information. Even slight slowdowns will have an impact and can potentially limit public access to public schools, to public libraries, to public education.”

Snowden: Why hasn’t the Director of National Intelligence been punished for lying to Congress?

Former National Security Agency contractor Edward Snowden said he came forward because he thought it was "the right thing to do." He repeatedly compared his actions with that of Director of National Intelligence James R. Clapper, who denied that the NSA was "wittingly" collecting data on millions of Americans in a Senate Intelligence Committee hearing last spring -- a claim at odds with revelations about domestic phone records collection as a result of documents provided by Snowden. Clapper later apologized to Congress in a letter, saying his answer was "clearly erroneous."

"The oath that I remember is James Clapper raising his hand, swearing to tell the truth and then lying to the American public," Snowden said. "I also swore an oath, but that oath was not to secrecy, but to defend the American Constitution." Snowden recalled raising what he called the "famous lie" with co-workers, questioning why no one did anything about it, only to be warned about potential consequences. Snowden has previously said he raised concerns internally, but that as a contractor, he did not have the same protections as a government employee.

While Clapper has accused Snowden of perpetrating the most "massive and damaging theft of intelligence" in US history, Snowden argues his actions were serving a larger public interest that superseded the national intelligence need for secrecy. Later in the speech, he described Clapper as having "committed a crime by lying under oath to the American people," and questioned why charges were never brought against the director. By contrast, Snowden said, charges were brought against him soon after he revealed himself as the source of the leaks.

Confused by Facebook privacy settings? So is the Supreme Court.

The Supreme Court heard oral arguments in a pair of cases that will shape what privacy protections Americans have against warrantless searches of electronic devices.

But during the two-hour discussion, Chief Justice John Roberts touched on a related issue that millions of Americans are challenged by every day: Facebook privacy settings. The privacy settings of the social network and its related applications came up in the discussion of Riley v. California, a case involving a San Diego college student, David Riley, who was pulled over for expired tags, only to have police seize his phone and use a photo on it to convict him for participation in a drive-by shooting.

Litigator Jeffrey Fisher, representing Riley, argued that even flipping through photos on a smartphone draws on a multitude of data that is "intrinsically intertwined" in the device in such a way that implicates the Fourth Amendment.

"Including information that is specifically designed to be made public?" asked Chief Justice Roberts, "I mean, what about something like Facebook or a Twitter account?" Depending on a user's privacy settings, Facebook activity can range from entirely public to only available to an individual user -- although Facebook changes the settings often enough that users aren't always aware of the current setup.

But Chief Justice Roberts went on to say there is not really "any privacy interest" in a Facebook account -- or it's "at least diminished because the point is you want these things to be public and seen widely" -- before asking if there would be a way to create a rule that police could search "those apps that, in fact, don't have an air of privacy about them."

Even Roberts's argument about accessing publicly posted information doesn't seem to be making a lot of sense -- which isn't entirely surprising considering the court's previous problems with technology concepts -- mostly because if something is already public, there would be no need for law enforcement to use an arrestee's device to access it.

How Washington’s last remaining video rental store changed the course of privacy law

After 33 years, Potomac Video is closing its doors. It was the last remaining brick-and-mortar video rental store in the District -- where big chains and local entries alike have disappeared since the dawn of the streaming era -- and one of the first when it opened in 1981.

But even as the local retail chain lets loose its dying moan, Potomac Video can still claim credit for changing the face of consumer privacy thanks to its role in the creation of the Video Privacy Protection Act, or VPPA.

Flash forward 20 years: that same legislation became a thorn in the side of the video rental industry as it shifted online. In 2008, the now-all-but-dead Blockbuster faced a class action suit alleging that it shared rental information with Facebook's online advertising project Beacon. Netflix, too, faced a suit in 2009 about its release of "anonymized" customer data as part of a context for improving its recommendation engine that may not have been quite so anonymous.

Netflix was so wary of being on the wrong side of the law that it excluded the United States when it first rolled out Facebook sharing in 2011 -- and urged users to lobby their legislators about changing the law. The streaming video did, ultimately, win that battle: The law was amended in early 2013, and Netflix extended Facebook sharing to US users in March 2013.

But even with the changes, the VPPA continues to provide consumers some leeway to keep their video-viewing habits private. Hulu, for instance, is embroiled in a years-long class action suit related to alleged violations.

CodeBabes: the latest thing to make women in tech cringe

Women in tech have yet another Web site to roll their eyes at: "CodeBabes" -- one that's dedicated to using women's bodies to teach basic coding skills.

The site, which appears to have launched earlier in April, features videos of how to do some basic coding.

The first course -- termed the "virgin" class -- features women who are mostly clothed, but the site says they will become more scantily clad as lessons become more difficult.

"Watch the lesson, absorb the info, pass the quiz, and your instructor removes one piece of clothing." Just enough to "motivate" users, it promises.

CodeBabes has not responded to a Washington Post inquiry asking whether it's a joke or a high production value parody that is uneasily close to real life (similar ventures that have leveraged women's bodies to attract interest in the tech world, like "Hot Tech Today," have turned out to be serious).