Cybersecurity and the 119th Congress
The 119th Congress has been sworn in, but exactly what the next phase of U.S. tech policy will look like remains to be seen. For cybersecurity, there are several mistakes of the last Congress that should not be repeated. There are also several new security-protective paths to be explored.
Previous years have seen proposals that would have required operating systems to allow sideloading, the process of downloading applications outside pre-vetted app stores. Fortunately, these proposals failed to become law. Sideloading is an inherently insecure process, and consumers should have the option to purchase devices block it if they so choose. This year, Congress should leave its mistakes in the past and opt not to pursue anti-security bills.
Where America wisely paused efforts to degrade cybersecurity, Europe catapulted forward. Last year the EU’s Digital Markets Act (DMA) went into force, placing massive burdens on predominantly American tech companies. A fundamentally protectionist law, the DMA mandates sideloading — despite the fact that European officials recognized the attendant dangers.
Unfortunately, U.S. policymakers haven’t done much to push back on the DMA. In fact, the Federal Trade Commission coordinated with the EU to enforce it. The 119th Congress should make it a priority to do everything necessary to resist European overreach. Technology regulations often cannot be contained by borders, and it is likely that parts of the DMA will be felt by American users.
Cybersecurity policy is becoming ever more important as technology develops. Any nation that intentionally weakens the cybersecurity of its citizens for reasons related to competition policy will have dealt a serious blow to the digital safety of its citizenry. Congress should work to harden American cyber-defenses and avoid all proposals that would weaken them.
Published on February 7, 2025