By Robert Hackett
February 10, 2018

Good morning, Cyber Saturday readers.

On Tuesday, the U.S. Senate convened two hearings on a couple of this newsletter’s favorite topics: cryptocurrencies and bug bounty programs. The day’s testimonies were chock full of fresh insights—and were a welcome diversion, for this author, from the government’s unending budgetary troubles.

The first hearing before the Senate Banking Committee saw Jay Clayton, chair of the Securities and Exchange Commission, and Christopher Giancarlo, chair of the Commodity Futures Trading Commission, dish about virtual money. Amid cratering prices, repeated thefts, and recent banking credit bans, Bitcoin investors had braced themselves for the worst. The regulators, however, struck several positive notes during the session, praising Bitcoin for spurring innovations in digital ledger technology. Giancarlo, for one, promised “a thoughtful and balanced response, and not a dismissive one” to the digital gold rush.

One point to keep an eye on: Clayton warned entrepreneurs against “initial coin offerings,” recent fundraising phenomena that founders have used to raise billions of dollars through the sale of digital tokens. “To the extent that digital assets like ICOs [initial coin offerings] are securities—and I believe every ICO I’ve seen is a security—we have jurisdiction and our federal securities laws apply,” he said. Expect Clayton’s agency to continue to pursue action against projects it deems in violation of securities laws.

The second hearing before the Senate Subcommittee on Consumer Protection invited cybersecurity professionals to the Hill to discuss the historically uneasy relationship between companies and hackers. Some highlights: John Flynn, Uber’s chief information security officer, told the panel that his company “made a misstep” by failing to promptly report a 2016 data breach that recently came to light. Mårtin Mickos, CEO of HackerOne, a bug bounty startup, urged legislators to revise laws used to prosecute hackers and to standardize data breach notification requirements at the federal level. And Katie Moussouris, founder of Luta Security, a bug bounty consultancy, pressed companies to adopt clear policies around vulnerability reporting. (HackerOne posted a nice recap of the day’s happenings, which you can read on its blog here.)

Both hearings were highly encouraging. Let’s hope that when the lawmakers reexamine their books, they’ll keep the good sense of these experts in mind.

Have a great weekend.

Robert Hackett

@rhhackett

robert.hackett@fortune.com

Welcome to the Cyber Saturday edition of Data Sheet, Fortune’s daily tech newsletter. Fortune reporter Robert Hackett here. You may reach Robert Hackett via Twitter, Cryptocat, Jabber (see OTR fingerprint on my about.me), PGP encrypted email (see public key on my Keybase.io), Wickr, Signal, or however you (securely) prefer. Feedback welcome.

SPONSORED FINANCIAL CONTENT

You May Like