The Cyberlaw Podcast

In our 287th episode of The Cyberlaw Podcast, Stewart Baker is joined by Paul Rosenzweig (@RosenzweigP), Nate Jones (@n8jones81), and Nick Weaver (@ncweaver) to discuss: Former Twitter employees were accused of spying on behalf of Saudi Arabia.; India appears to be using NSO Group’s spyware.; Facebook’s political ad policy faces criticism.; A judge issued a wide-ranging warrant to review a DNA database.; The National Security Commission on Artificial Intelligence issued its interim report.; Russia is taking steps to protect its hackers from extradition.; And more! The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.

In our 286th episode of The Cyberlaw Podcast, Stewart Baker interviews Andy Greenberg. Andy is an award-winning senior writer at Wired, where he covers cybersecurity. His new book, Sandworm: A New Era of Cyberwar and the Hunt for the Kremlin's Most Dangerous Hackers, is out now. The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.

In our 285th episode of The Cyberlaw Podcast, Stewart Baker is joined by David Kris (@DavidKris), Mark MacCarthy (@Mark_MacCarthy), and Matthew Heiman to discuss: The Committee on Foreign Investment in the United States is investigating ByteDance’s acquisition of Musical.ly.; WhatsApp is suing NSO Group over its Pegasus spyware.; The ACLU is suing the FBI, the Department of Justice, and the DEA for “secrecy” over facial recognition.; There’s a ransomware hero living in Normal, Illinois.; The Defense Innovation Board offered some principles for ethical use of artificial intelligence.; Israel is going to create its own foreign investment review panel.; The Interior Department grounded its entire drone fleet, citing risk from Chinese manufacturers.; And more! The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.

In our 284th episode of The Cyberlaw Podcast, Stewart Baker is joined by Brian Egan, Maury Shenk, and Paul Rosenzweig (@RosenzweigP) to discuss: Trump officials are battling over plans to keep technology out of Chinese hands.; The Georgia Supreme Court says police need a warrant to access your car’s data.; The Department of Homeland Security is considering mandating federal vulnerability disclosure programs.; China will be rolling out tougher cybersecurity rules soon.; A biased algorithm was found in a healthcare system.; India is fighting Facebook over WhatsApp’s end-to-end encryption.; Congresswoman Katie Hill faces a scandal involving political “revenge porn.”; Academic research suggests YouTube’s algorithm may not be to blame for right-wing radicalization.; And more! The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.

In our 283rd episode of The Cyberlaw Podcast, Stewart Baker interviews Alex Joel, the former Chief of the Office of Civil Liberties, Privacy, and Transparency at the Office of the Director of National Intelligence and currently scholar-in-residence and adjunct professor at the American University Washington College of Law. Stewart and Alex are joined by Gus Hurwitz (@GusHurwitz), Dave Aitel (@daveaitel), and Dan Podair to discuss: The Ninth Circuit reversed a district court’s decision on a case involving Section 230 and anticompetitive behavior.; Business takeaways from the recently announced regulations under the California Consumer Privacy Act.; The US launched a cyber operation against Iran following the attacks against Saudi oil facilities.; Avast was attacked and compromised, but maybe not fatally.; APT group Turla appears to have taken over the attack infrastructure of the APT group OilRig.; Some of Equifax’s embarrassing security failings were exposed.; FireEye issued a report on APT41’s espionage and cybercrime activities.; CrowdStrike issued a report on Chinese efforts to steal aircraft intellectual property.; The British government dropped its plan to require identification to view online pornography. The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.

In our 282nd episode of The Cyberlaw Podcast, Stewart Baker interviews Sultan Meghji, the CEO and co-founder of Neocova and adjunct professor at the Washington University in St. Louis. Stewart and Sultan are joined by Nick Weaver (@ncweaver) and Matthew Heiman to discuss: The California attorney general unveiled proposed regulations under the California Consumer Privacy Act.; The Supreme Court allows blind people to sue if websites are not accessible.; The United States is shielding Big Tech through trade agreements.; The United States sanctioned eight Chinese firms over Beijing’s treatment of the Uighurs.; There’s a new nation-state malware that has a clever attack on TLS.; Apple and Google bowed to pressure from China to remove Hong Kong protest apps.; India is creating a national facial recognition system.; CISA, a component of DHS, is seeking subpoena power.; Are the French being hypocritical over “cyber sovereignty”?; A whitehat hacker stole and publicly released decryption keys from a ransomware gang.; And more! The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.

In our 281st episode of The Cyberlaw Podcast, Stewart Baker is joined by David Kris (@DavidKris) and Nick Weaver (@ncweaver) to discuss: The European Union Court of Justice ruled that Member States can force Facebook to do global takedowns.; The Court of Justice also ruled that tracking cookies require explicit, active user consent.; The FDA has warned that there are security flaws lurking within medical devices.; Net Neutrality was killed – sort of – in the DC Circuit’s Mozilla v. FCC decision.; Elizabeth Warren has a plan to revive the Office of Technology Assessment.; Google wants to implement DNS-over-HTTPS, and ISPs are not happy about it.; Uzbekistan gave a masterclass in how NOT to do operational security.; France is going to roll out a nationwide facial recognition identification program.; Cops in Germany shut down a Dark Web data center.; Attorney General Bill Barr is pushing Mark Zuckerberg not to implement end-to-end encryption in Facebook’s products.; And more! The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.

In our 280th episode of The Cyberlaw Podcast, Stewart Baker interviews John Samples from the Cato Institute regarding his essay, “Why the Government Should Not Regulate Content Moderation of Social Media.” They are joined by Evan Abrams, Matthew Heiman, David Kris (@DavidKris), and Nate Jones (@n8jones81) to discuss: A CLOUD Act treaty may be signed with the United Kingdom this year.; The president apparently has a beef with CrowdStrike.; Lawmakers appear willing to let the NSA’s phone surveillance program lapse.; The Electronic Frontier Foundation and the New York Times are pushing the National Security Letter issue.; The Department of Justice is suing to collect the royalties from Edward Snowden’s new book.; Shareholders have alleged that FedEx covered up damages caused by NotPetya.; The Committee on Foreign Investment in the United States has some new rules.; Some people doubt the future viability of end-to-end encryption.; China is assigning social credit scores to businesses.; TikTok censors videos that Beijing doesn’t like.; France issued its outlook on international law and cyber conflict.; Speaking of cyberwar, there’s a renewed international effort to build cyber norms. The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.

In our 279th episode of The Cyberlaw Podcast, the Blockchain Group takes over the podcast. Host Alan Cohn is joined by Gary Goldsholle, Will Turner, and Evan Abrams to discuss: The SEC has issued its second token-related no-action letter to Pocketful of Quarters, Inc., giving more guidance and opening a number of issues.; The SEC has brought a double-headed complaint against ICOBOX, an entity that both conducted an initial coin offering (ICO) and facilitated ICOs for others.; The US has brought the Financial Action Task Force along on its travel rule adventure.; The SEC and FINRA have custody guidance.; FinCEN has guidance on convertible virtual currencies.; The SEC has brought a complaint against FantasyCoin for what amounts to sheer, brazen fraud.; The SEC settlement in SimplyVital Health, with Steptoe as counsel, shows the SEC’s willingness to work with companies that voluntarily remediate errors. The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.

In our 278th episode of The Cyberlaw Podcast, Stewart Baker interviews Joel Trachtman, professor of international law and director of the LLM Program in International Law at Tufts University’s Fletcher School. Steptoe’s own Claire Schachter joins Stewart and Joel for the interview. They discuss Joel’s latest paper, “The Internet of Things Cybersecurity Challenge to Trade and Investment: Trust and Verify?” Stewart is also joined by Paul Rosenzweig (@rosenzweigP), Mark MacCarthy (@Mark_MacCarthy), and Klon Kitchen (@klonkitchen) to discuss: The Ninth Circuit upheld that scraping publicly available information does not violate the Computer Fraud and Abuse Act.; California is close to making app-based companies treat workers as employees, not contractors.; The Treasury Department sanctioned North Korean hacking groups.; Russia may have been trying to destroy Ukraine’s grid in 2016.; Did Israel plant spy devices near the White House?; A student pleaded guilty to trying to access the president’s tax returns via a false FAFSA filing.; Second thoughts on that deepfake voice scam.; The Mar-a-Lago trespasser was found guilty after acting as her own lawyer, ending a truly bizarre tale.; The NSA’s Glenn Gerstell weighed in on the implications of the “digital revolution.”; The Carnegie Endowment issued a report in an attempt to move the encryption debate forward. The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.

In our 277th episode of The Cyberlaw Podcast, Stewart Baker interviews Camille Stewart, Cybersecurity Policy Fellow at New America, Security Fellow at the Truman National Security Project, and author of the new paper, "Full Court Press: Preventing Foreign Adversaries from Exfiltrating National Security Technologies through Bankruptcy." Stewart is also joined by Maury Shenk, Matthew Heiman, and Mieke Eoyang (@MiekeEoyang) to discuss: A UK court ruled that police use of facial recognition is acceptable.; Speaking of which, according to a Pew survey, a majority of Americans agree that police are capable of using that tech responsibly.; The Department of Homeland Security will use fake social media accounts to facilitate investigations of immigrants.; The incoming EU leadership has big plans for tech oversight and regulation.; Fraudsters used AI to mimic a CEO's voice in a strange cybercrime incident.; Facebook has called for global standards on data portability.; Denmark has appointed an "ambassador" to Silicon Valley.; And more! The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.

In our 276th episode of The Cyberlaw Podcast, Stewart Baker interviews Alex Stamos, Adjunct Professor at Stanford University’s Freeman Spogli Institute and Visiting Scholar at the Hoover Institution, regarding the Stanford Internet Observatory’s new research, “Taiwan: Presidential Election 2020 Scene Setter.” The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.

In our 275th episode of The Cyberlaw Podcast, Stewart Baker is joined by Dave Aitel (@daveaitel) and David Kris (@DavidKris) to discuss: Cyber Command launched a cyberattack against the Iranian Islamic Revolutionary Guard Corps in June.; The Hong Kong protests and the emergence of Chinese information warfare.; Someone – likely China – was exploiting iOS, Android, and Windows zero-days for years.; The US-China trade war.; The massive backdoor in the Webmin system, a popular utility for managing Unix servers.; Boiling the crypto frog.; Anxiety over speech, censorship, and unsubstantiated allegations of bias.; A security firm has sued BlackHat for failing to uphold its code of conduct. The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.

In our 274th episode of The Cyberlaw Podcast, Stewart Baker interviews Paul Scharre (@paul_scharre) from the Center for a New American Security and Greg Allen (@gregory_c_allen) from the Defense Department’s newly formed Joint Artificial Intelligence Center. Stewart is also joined by Dave Aitel (@daveaitel), Mieke Eoyang (@MiekeEoyang), and Nick Weaver (@ncweaver) to discuss: Attorney General Bill Barr revived the “warrant-proof encryption debate, but did Facebook inadvertently guarantee Barr’s victory in that debate?; Election hacking is all over the news: The Office of the Director of National Intelligence has created a new position to oversee election security intelligence.; A new Senate Intelligence Committee report concluded that all 50 states were targeted by the Russians in 2016.; NSA is going to establish a Cybersecurity Directorate this year.; Dave Aitel’s own firm, Immunity Inc., stirred controversy when it released a version of the BlueKeep exploit in its commercial pentesting software.; Marcus Hutchins, the hero of WannaCry, pled guilty to distributing malware but was sentenced to time served.; And more! The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.

In our 273rd episode of The Cyberlaw Podcast, Stewart Baker interviews Frank Blake, a former co-clerk of Stewart’s for the late Justice Stevens, former CEO of Home Depot, and host of the Crazy Good Turns podcast. They are joined by Matthew Heiman, Gus Hurwitz (@GusHurwitz), and Nick Weaver (@ncweaver) to discuss: The president has threatened to investigate Google’s ties to China.; Amazon has fallen under the European antitrust microscope.; Julian Assange reportedly turned the Ecuadorean embassy into an election meddling command post.; The FTC is working on a settlement with Google.; The Kazakh government is trying to intercept all HTTPS traffic.; And more! The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.