CyberWire Daily - Encore: You will pay for that one way or another. [Caveat]
Episode Date: January 18, 2021Dave's got the story of a landlord who may run afoul of the Computer Fraud and Abuse Act, Ben wonders if the big tech CEOs could be held liable for contact tracking apps, and later in the show my conv...ersation with Joseph Cox. He is a Senior Staff Writer at Motherboard and will be discussing his recent article How Big Companies Spy on Your Emails. While this show covers legal topics, and Ben is a lawyer, the views expressed do not constitute legal advice. For official legal advice on any of the topics we cover, please contact your attorney. Links to stories: Apple and Google CEOs should be held responsible for protecting coronavirus tracking data, says GOP Sen. Hawley The twitter thread from Dave's story Got a question you'd like us to answer on our show? You can send your audio file to caveat@thecyberwire.com or simply leave us a message at (410) 618-3720. Hope to hear from you. Learn more about your ad choices. Visit megaphone.fm/adchoices
Transcript
Discussion (0)
What people may not be aware of is that many of these apps are actually scraping the contents
of the email inbox.
Hello, everyone, and welcome to Caveat, the CyberWire's law and policy podcast.
I'm Dave Bittner, and joining me is my co-host, Ben Yellen,
from the University of Maryland's Center for Health and Homeland Security.
Hello, Ben.
Hi, Dave.
On this week's show, I've got the story of a landlord
who may run afoul of the Computer Fraud and Abuse Act.
Ben wonders if big tech CEOs should be held liable for contact tracking apps.
And later in the show, my conversation with Joseph Cox.
He's a senior staff writer at Motherboard, and we'll be discussing his recent article, How Big Companies Spy on Your Emails.
While this show covers legal topics and Ben is a lawyer, the views expressed do not constitute legal advice.
For official legal advice on any of the topics we cover, please contact your attorney.
We'll be right back after a word from our sponsors.
And we are back. Then before we get into our stories this week, some quick follow-up. But
last week we talked about the notion that the Supreme Court may be taking on the CFAA,
the Computer Fraud and Abuse Act. And since that episode was published, there's been some
movement there. There has. So the case we discussed on our last episode was Van Buren v. The United States.
And in the time since we recorded that episode, the Supreme Court has granted certiorari over that case, meaning they will hold oral arguments next fall and make a decision sometime in early 2021.
So definitely listen to our previous episodes for the details on the case.
But when we had discussed it, we said it was likely, but only a possibility that they'd
take up the case.
And now we know that they, in fact, have taken up the case.
Yeah, I've been seeing on Twitter anyway, that folks in the cybersecurity world seem
to be kind of pumped up about this.
Yeah, there's a lot of interest.
I mean, for compliance purposes, it's very difficult to have multiple interpretations of the Computer
Fraud and Abuse Act, depending on which judicial circuit you happen to be sued in. So having the
Supreme Court decide and hand down on tablets once and for all what the Computer Fraud and Abuse Act
actually means and what the act means by unauthorized access
is going to be a huge relief for people who rely on definite interpretations of this statute.
The only warning I'll have is, you know, you occasionally get these cases where the Supreme
Court can't really come up with a definitive decision. So there are multiple part opinions
joined by, you know, there's the plurality opinion joined by two other justices.
And then there's a concurrence dissenting in part, you know, type thing.
So I hope we get a true definitive answer and not one of those wishy-washy decisions that we see sometimes.
All right. Well, time will tell. So obviously, we will keep a close eye on that.
Let's move on to our stories this week.
Ben, why don't you kick things off for us?
Sure.
So my story comes from CNBC.
The headline is Apple and Google CEOs should be held responsible for protecting coronavirus tracking data, says GOP Senator Hawley.
So this is Josh Hawley, a freshman Republican senator from Missouri.
Josh Hawley, a freshman Republican senator from Missouri.
As our listeners may know, Google and Apple announced they have developed a voluntary application to help with tracking of coronavirus cases.
So it would use, and I think we've talked about this, it would use Bluetooth and alert people if they've come into close contact with those that have tested positive for the virus. Obviously, in the privacy and civil liberties community, there was a lot of concern, even though this would be both a voluntary program and the data
would be anonymized. We know that there's always the potential for anonymized data to be exploited.
And, you know, you can unmask people just based on anonymized data. And that piqued the concern
of Senator Josh Hawley from Missouri. He's kind of a rebel within the Republican caucus.
He's a pretty staunch privacy advocate and has been a very large critic of the tech companies
on this issue and others. And he wrote a letter to the CEOs of Google and Apple,
who will probably put this directly into their paper shredders,
paper shredders, figuratively, if not literally. And he said that if you are going to introduce these applications, you as CEO should be held personally liable for any privacy errors, for any
privacy invasions of the users of these applications. So to put this in colloquial terms, that's not really a thing. The reason why
companies incorporate themselves turn into corporations is really for two reasons. One
is for tax purposes, and the other is to shield themselves personally from liability. So you see
the companies, you don't sue generally the CEO of companies. That's what's called piercing the,
you can try and pierce the corporate veil. But generally the CEO of companies. That's what's called piercing the, you can try and pierce the
corporate veil. But generally the reasons corporations incorporate is to make it so
that the senior officers are not subject to personal liability. So this letter is really
more of a stunt. It's saying, you know, you have assured your consumers through various public
disclosures, posts on Medium, etc., that you are
going to protect their privacy through this voluntary application. And you've promised them
that this application will cease to exist once this emergency has passed. And what the senator
here is saying is put up or shut up. You know, if you are so sure that you're not going to violate people's
digital privacy, then why don't you make yourself personally liable, personally on the hook
for any potential lawsuits? We could never put it past politicians to engage in this type of
gimmicky behavior. But I do think, you know, it's sort of a warning shot across the bow to these
companies saying Congress is watching you.
We appreciate that you're putting forth this effort. We know that one of the ways we're going
to get out of this crisis is through this type of tracking and surveillance, but we're not going to
let you do it in a way that exploits consumers. And at least that's the view of this senator.
I have some insights here. I actually did an interview with a researcher from Boston
University who was part of a large team of folks who were putting together a system called PACT,
which is one of the systems that is being put forward for contact tracing. And these are folks
from Boston University, from MIT, folks who know about these sorts of things.
If you're interested, there's an entire episode of it on the CyberWire's Research Saturday show, so a little plug for that.
We go into a lot of the details.
Let me say, these folks are focused on privacy.
They are laser-focused on privacy.
Their hope is to work along with Apple and Google, whose systems are very similar. It seems like all of these systems are coming at this from similar directions. So
they're taking similar approaches. And I have to say, after my conversation, I was very impressed
with the degree to which privacy has been a priority for these folks, and actually how little information,
personal information, is being gathered and exchanged with the way that these apps work?
Yeah, I mean, I've sort of been struck by the same thing as well, and that's an interesting insight. I mean, there are a lot of privacy barriers that these companies have put in place.
First of all, you have to opt in to having your data collected. So, you know, there are a lot of
applications that we use where this type of data sharing is not opt in. You're going to hear about some of them on the
interview in today's show. So that's certainly something that doesn't always exist. The contact
tracing is done on a user's device with only non-identifying keys stored on the Google and
Apple server. So that's a pretty robust privacy protection.
You can put into place all the protections you want.
There are always going to be some vulnerabilities.
And if you read the senator's letter,
I think he identifies several of the potential vulnerabilities. If so many people are downloading this app onto their device,
there could be some sort of enterprising hacker
who could exploit the system and steal personal information.
But you have to strike
that balance. There are pretty robust privacy protections. And in order for us to go to our
hair salons again, and, you know, to go to public swimming pools over the summer, we're going to
have to do this type of contact tracing. So as a policy matter, given these robust privacy
protections, and given the necessity of this project, I think a lot of us, you know, are kind of willing to give this a try.
I think what the senator is saying to these companies here is give it your best shot.
But if you screw up, this is on you and you should be bearing the brunt of any damage you cause in terms of stolen data or compromised data to the user.
So, you know, I think in reality, this isn't going to make Apple or Google think twice about
introducing this application. And, you know, senior people at all levels of government seem
far more amenable than the senator does to this type of tracking technology, especially since it
is a public-private partnership.
But I thought it was particularly interesting that one senator was so gung-ho about putting
these company CEOs on notice.
Yeah.
And I suppose there's something to be said for saying that, you know, we've got our eye
on you and we're going to be watching what you're doing here because it's important.
It sure is.
You know, one thing I worry about in general in this period that we're in is it's much more difficult for Congress to actually conduct oversight because they're not holding hearings.
So if we were not dealing with a global pandemic, Senator Hawley and, you know, his committee members could haul the CEO of Google and Apple to Capitol Hill via subpoena and ask them under oath, how are you going to protect
user privacy? They're not doing that right now because Congress has largely been out of session.
So I think that's just something to watch over as well. Oversight is a general concern when Congress
is, you know, for probably good reason, not coming to Washington to do its work.
All right. Well, yeah, I think it's really going to be interesting to see as these things are rolled
out to see how many people are comfortable using them and how useful they actually are.
This is new ground, right?
It is.
This is new stuff for all of us.
And it's like, we got to try something, you know?
I mean, I think that's the attitude of these companies and most governments in general
is, you know, we just had a story this week that the state of Maryland, in an effort to procure enough testing kits, made a deal with the nation of
the Republic of South Korea to obtain 500,000 testing kits. So it's sort of like we're all
just trying our best to get through this. And I think Google and Apple are engaged in that effort.
And I think it's important and good that they're trying.
All right.
Well, that's interesting stuff.
My story this week, this came via Twitter,
and this is an exchange that has attracted a lot of attention.
Because it has come through Twitter
and because it is difficult to vet these sorts of things
that come through online,
I think it's best for us to approach this hypothetically.
Sure.
Rather. But there are some very interesting things
that this hypothetical exchange illustrates here.
I tell you what, Ben, how about,
this is a text message exchange.
To do a dramatic reading?
Yeah, I was thinking, let's do a dramatic reading.
I will be the landlord and you can be the tenant.
And it starts off, and it goes like this.
You got your stimulus, just asking, are you going to pay rent or part of rent with any?
I'm trying to close out the books for April.
Hey, how do you know I got my check?
Because I had to check several people today and checked yours also.
People were calling me.
How did you check it? Online. Where?
IRS. So you accessed this information on the IRS website?
Did you like need to use my SSN for that or
something? Yes. I did this for everyone who called me today and yesterday.
So are you going to be making a payment towards rent so I can close the books out
for April? And scene.
All right.
So, okay, let's unpack this, Ben.
Let's say I am renting an apartment from you.
And obviously as part of my rental application, there's going to be all sorts of information on that application, including my social security number.
You may want to
run a credit check on me, those sorts of things, all regular parts of doing business.
And so we find ourselves in this situation now where there's a website that the IRS has put up
where you can check to see if your stimulus check has come in. And so in this hypothetical situation,
we imagine a landlord using the information that they have from that rental application,
social security number, those sorts of things, logging on to the IRS's website as the tenant to see if they got their money.
Help me understand the many things that are wrong with this.
Yeah, so there are many things wrong here. First of all, let's start with what the IRS has done
wrong, which I think, you know, in creating this portal, they really had to do it under a rush
timeline. The stimulus was passed, you know, in the last month. And they had to work very quickly
to give people a portal to look up whether they've received their payments. Now, to enter that portal and to get
information on your own stimulus check, I think you have to enter your date of birth, social
security number. Was it maybe like the returns, you know, maybe for additional information,
you had to put in the amount of refund you got in the previous tax year or something like that.
But I think for just basic information, it might have just been date of birth,
social security number. That's something that's readily accessible to a landlord. Not to mention, beyond
a landlord, those are the types of things that can be found on the dark web. I think I read
somewhere else that because of the Equifax breach, a lot of that information for millions of users
is online. So, you know, I could find out probably if my neighbor received her stimulus check,
you know, so that that's problematic behavior on the IRS's part. I guess that gets to the problems
with the landlord, which are obviously significant. This seems like a textbook violation of the
Computer Fraud and Abuse Act. If you go to that IRS website, they have a very clear user agreement
that says you can only access this database for an authorized purpose.
And if you access it for an unauthorized purpose,
you are potentially going to violate both the Computer Fraud and Abuse Act
and various IRS laws and regulations about unauthorized access to tax returns.
So this is likely illegal if you've determined that your landlord has been going into that portal to see if you've received your stimulus check, to see if you are able to pay your rent, it's probably worthwhile to contact your attorney.
In those circumstances, it certainly strikes me as a violation of that user agreement with the IRS and a pretty clear-cut violation of multiple federal laws.
So certainly not the best behavior on the part of this landlord. And I understand, you know,
landlords are in a difficult position right now. Many of them have voluntarily said to their
tenants, you know, you don't have to pay rent for a couple of months. I'm trying to be generous.
I want to be one of those wonderful landlords that shows up on John Krasinski's Some Good News program. I'm so nice.
You know, you won't have to pay your rent, blah, blah, blah. Other states have suspended evictions.
So if people are unable to make rent payments, the landlord is unable to evict the tenant. And,
you know, that puts the landlord in a pretty difficult financial position. So you can understand from the landlord's perspective, like, look,
is this guy getting his twelve hundred and whatever dollars from the federal government?
I know he has told me personally he can't pay rent, which is whatever, six hundred dollars a
month. But I know I, you know, have documented proof that he has that money.
But how I handle my budgeting is not my landlord's business nor concern.
It certainly is not. It certainly is not. And that's why that's clearly an unauthorized use
of this IRS database. So, you know, if you are a landlord, you know, I do think we have to be
sympathetic because everybody's going through a difficult period here financially.
But this is not a way to handle that difficulty.
Some of the follow-up to this thread on Twitter say that appropriate law enforcement people have been notified and have expressed interest in following up on this.
So we'll see how it plays out.
Yeah, it seems like the Justice Department expressed interest in following up on this. So we'll see how it plays out. Yeah, it seems like the Justice Department expressed interest. And they probably,
there's probably like, you know, out of the 1000 things that the Justice Department expresses
interest in, they probably take action on less than 100 of them. But it's certainly worth watching.
And this is not just something isolated to this potentially non-verifiable Twitter exchange. I
think we've
seen it. There have been many cases across the country of landlords engaging in this behavior.
Yeah. All right. Well, be kind to each other, everybody. We're all in this together in this
tough time. So have a little empathy, right? Those are our stories. A quick reminder that
if you have a question for us, we would love to hear from you.
Our call-in number is 410-618-3720.
That's 410-618-3720.
You can also email us.
It's caveat at thecyberwire.com.
Coming up next, my conversation with Joseph Cox.
He is a senior staff writer at Motherboard, and we're going to be discussing his recent article, How Big Companies Spy on Your Emails. But first, a word from our sponsors.
And we are back. Ben, I recently had the pleasure of speaking with Joseph Cox. He is a senior staff
writer at Motherboard. And he recently penned an article. It was titled, How Big Companies Spy on
Your Emails. Some really interesting insights
here. Here's my conversation with Joseph Cox. On the Apple App Store or the Google Play Store,
there are plenty of different apps that promise to either streamline or professionalize your email
inbox. Maybe they get rid of clutter. Maybe they make your replies a bit smarter with machine
learning or AI or something
like that. But they basically try to offer some sort of benefit when it comes to email. Now, of
course, a lot of these apps are free and many, many people do download them. But what people may
not be aware of is that many of these apps are actually scraping the contents of the email inbox and then developing products off that.
This isn't just the metadata, who sent to whom, subjects, that sort of thing.
It's the actual content of the inbox itself, which these apps are pulling and then making a product out of that.
And then these companies sell it.
To what degree are they keeping this information personalized?
If someone's scraping my email box, can that be traced back to me?
It varies from company to company.
Some will say that they keep the data purely anonymized or pseudonymized.
So they may take the information and say, oh, this person has a load of receipts from
Uber, while this person has a load of receipts from Uber, while this person has a load of receipts from Lyft,
then maybe if we have a large enough data set, we could maybe work out, you know,
well, maybe this rideshare platform is more popular, that sort of thing. It's sort of
consumer insights. So it does vary, but it's still just something that individual users,
at least the ones I spoke to of a particular app called Edison, they weren't aware that this
was happening. On the Edison website and the app, it says that they provide research. The users
didn't necessarily understand that actually meant, well, we're scraping the contents of your emails.
Yeah, that was a particularly eye-opening thing to me when I read that in your article.
That phrase, create create research makes it
seem sort of benign. But I suppose some of the folks that you interviewed, when they found out
this information, they didn't feel that way about it. Yeah, the term research does give sort of a
academic twinge to it. I don't think the story is so much of the actual scraping itself. I mean,
a lot of us are going to be used to targeted
advertisement, people getting our browsing history, that sort of thing. It is more just that
the companies, at least according to the users I spoke to who actually use these products,
the companies weren't necessarily clear with what they're doing with user data.
Could this run afoul of GDPR, for example?
I mean, there could be the case that the privacy policies have not been clear enough.
And then that could be an avenue for, you know, debating whether this has violated certain laws or not.
I'm not a lawyer. I wouldn't make that legal argument.
But the fact that these users were confused or were not aware that this data collection was happening, I mean, it shows that there could be a case to be made there. How much of this do you suppose falls into the user's lap
for responsibility? I mean, there's that notion that if you're getting something for free,
that should make you wary in itself. Yeah, I mean, as you say, if you download a free app today,
it would be great if users considered, hey, how am I actually paying for this? It's almost become
a cliche at this point, but it just keeps cementing itself over and over again. If you're downloading
this app for free, you are paying for it in another way. And in this case, your data. It
would be good if users did exercise that skepticism a little bit more. But ultimately, the responsibility
is on the companies to be clear in the first place, and then users can make an informed decision, whether they want to download it or not.
It would be different if the companies were very clear and were very upfront,
and then the user didn't actually read the app description, and they still downloaded it. Well,
the onus is on the user. But it seems that if these users are to make informed decisions,
the companies do need to be clearer and not use words such as research, which is, you know, ambiguous.
Do these apps have an option to opt out of this sort of data gathering?
It does vary from company to company, and with some you can opt out.
And this seems to have especially changed with California's new consumer protection law when it comes to data privacy.
So you could go and say,
hey, please don't sell my data or please opt out. And of course, as we saw with GDPR as well,
it kind of makes sense for a lot of companies not to only enforce these sorts of measures for just
the Europeans, because then you have to maintain two different computer systems essentially.
And the same with the Californian law. When those measures came into effect and
these companies implemented systems, they just apply it to everybody. But still, the user needs
to be aware of and they need to know that they can opt out. But if you dig through, it can be
possible with some services, yeah. Help me understand the value here to the organizations
that are buying this data. If that data has been anonymized, I would
imagine keeps them from being able to directly market to me. So what are they getting out of
this? So the way we came across the story, first of all, was through a leaked document from JP
Morgan, sort of the investment side. And it has dozens and dozens of companies described in there
that would be of interest to investment bankers.
Maybe some will get location data so they could see that, oh, there are a lot of phones on this
oil platform. Maybe this area of the world is particularly resource heavy. Or in this case,
they can look through email inboxes and then develop a product from that.
When it comes to investment bankers or hedge funds or anything like that, the value may be, maybe they could spot the early signs of a successful startup. A lot of people
getting receipts from this company and it's coming out of nowhere. Maybe now would be a good time to
invest. Or they may be able to see if a company is declining in the number of customers as well.
And you could do that even if the data is anonymized. You just need to know how many receipts are going into somebody's inbox to do that. So it's of particular interest to
investment firms, bankers, and like that sort of financial sector. And they are huge on the
so-called alternative data industry, which includes all these sorts of novel, not first
party ways of getting information. That's fascinating. What has the response been since your article was published?
Have you seen any pushback?
Edison published a blog post on their Medium page, if I recall correctly, and they just laid out
what they do with the data and defended their position. And to be clear, I'm not attacking any individual business
or anything like that.
It's just when the users weren't aware,
it seemed like there was a story to be written
and that, well, people aren't aware of this
and they're even using the app.
So Edison has become a bit clearer
on what it does with the inboxes it scrapes.
In your estimation, what would be the ideal outcome here
in terms of these apps alerting their users as to
what they're doing and giving them options to control the amount of data they're sharing?
I think the ideal outcome is just that users can make informed decisions. They can look at an app,
it's clear on what they are paying with the app when they download it, be that their data or something else.
And they can decide whether they want to do that or not.
Again, if a user sees that and they decide they want to use that product,
that's absolutely fine.
And their pejorative is up to them.
But if the customer is not making a informed decision,
then I think there's a problem there.
Yeah, I mean, it strikes me as being sort of not unlike
what a lot of grocery stores do, where you have a loyalty card or something like that.
And in exchange for discounts on products, the grocery store gets to track the things that you do or the things that you buy.
And for many people, that's a reasonable exchange to make.
But again, as long as you're informed on that, then it's fine. But I guess
the point here is that when they're burying things inside of EULAs and so on and so forth,
as you mentioned, calling them research, that's not exactly forthcoming.
Yeah, that's a good comparison. As you say, with the grocery stores, I mean, people are very used
to these loyalty card programs. And maybe even if you and I and others may say that, you know,
well, if you're not paying
for the app, you're paying some other way, maybe there is still a little bit of a gap there because
people clearly aren't actually aware of it to the same degree that we are with loyalty cards and
other more, you know, established sort of data programs. What are your recommendations for people
who want to do a better job staying on top of this sort of thing. When you're out there in the App Store looking for tools like this that legitimately could help you streamline your day,
what are some of the things you should be aware of?
I would say, first of all, carefully read the description in the App Store,
as in the one in the Apple App Store or the one in the Google Play Store.
When you go to download the app, there'll be a description there of the service. Carefully read that and see if there are
any flags. If they sell, we don't sell personal data. Okay, that's not the same as selling we
don't sell data. If we don't sell user data, again, that's not exactly the same thing.
And then maybe try to make a decision off that. I don't think users should have to go read, you know, a small fine
print, really long privacy policy though, because that's going to be very tiring for the ordinary
user. It may be opaque anyway, and they may come away not actually understanding what the app does.
I think just exercise skepticism, vigilance, and just consider it.
And if you're okay with giving permission to a service to access your inbox, you can do that.
I mean, when you download an app, it will say things such as,
this wants to have access to your Gmail.
This wants to have access to your Outlook.
You may not know the exact nuances of what that product is doing,
but just think whether you want to grant
that access. After Cambridge Analytica and various other privacy stories, there's just so much more
renewed focus on this sort of thing, and especially with the new California law as well.
We're just going to see more and more of these companies not necessarily getting into the space,
but more people paying attention to how transparent they're actually being. All right, Ben, interesting stuff, huh?
Yeah, it's one of those proverbial no free lunch stories. Any application that you are going to
download for free, as Mr. Cox said, you will pay for that one way or another. That's why I always
feel better when I see advertising on my applications, because if that's the way I'm paying for it, that's probably among the better alternatives than them collecting personal information about you.
And I do think it was interesting that he talked about the sort of misleading nature of what these applications were claiming to be doing, saying that it was for research purposes. And as he said, that sounds very academic. And it doesn't sound
like what they are doing, which is scraping your information for business purposes.
So I think it's sort of a warning, especially to people who aren't as literate in these things as
our listeners are, that you should be very wary of downloading free applications and agreeing to
their terms of service, because you really probably are getting of downloading free applications and agreeing to their terms of service
because you really probably are getting it for free
because they're taking some private information from you.
So I think the interview was an important reminder of that
and I definitely recommend people read the story he wrote on Motherboard.
Yeah, it's an interesting shift too over the years,
over really, I suppose, the past couple of decades
of how we view some of these categories of apps.
You know, time was back in the age when dinosaurs roamed the earth and we were using dial-up internet connections.
You paid for your email app.
You know, you'd go and you'd buy an email.
Yeah, for 40 or 50 bucks, you know. And that was the way it was.
And now any computer you buy comes with an app usually.
And of course, there's free apps like Gmail and so on and so forth.
But as Joseph points out, and you highlight as well,
there's no such thing as a free ride.
There really isn't.
And it reminds us to always be more suspicious,
you know, the more free benefits we're getting. I'll also say like some of the services that these applications are providing just sort of raised my hairs a little bit in terms of suspicion.
it is they're claiming to do just seems like you'd have to stop and think, do I really need that as a service? And why would they be offering that to me as a service? There are lots of
different ways to unclutter your inbox. It would take a minimal amount of effort on the user's
part, just a matter of time to unsubscribe from all the lists we've subscribed to over the years.
So it just sort of would ruffle my feathers a little bit
and make me a little suspicious
to see an application promising a service like that.
You know, anybody who is claiming in so many words
that they're going to go through my inbox
for whatever purpose means, you know,
it's at least wise to be somewhat suspicious of that.
The Caveat Podcast is proudly produced in Maryland at the startup studios of DataTribe,
where they're co-building the next generation
of cybersecurity teams and technologies.
Our thanks to the University of Maryland
Center for Health and Homeland Security
for their participation.
You can learn more at MDCHHS.com.
Our coordinating producers are Kelsey Bond and Jennifer Iben.
Our executive editor is Peter Kilby.
I'm Dave Bittner.
And I'm Ben Yellen.
Thanks for listening.