The Cyberlaw Podcast

In our 154th episode of the Steptoe Cyberlaw Podcast, Carrie Cordero, Stephanie Roy, Markham Erickson, Jennifer Quinn-Barabanov, and Stewart Baker discuss: the Wikileaks Vault7 release, including Assange’s offer to work with Silicon Valley to fix vulnerabilities before disclosure; the increasingly dysfunctional rule that leaked documents remain classified after the leak; FCC investigating ATT 911 outage; Home Depot gets a $25m settlement; Second Circuit revives a TCPA class action; Tom Graves introduces a hackback defense to CFAA liability; Uber’s greyballing problems; piling on Geek Squad and why that might not be the best idea; and the end of a nasty porn copyright scam. Our guest interview is with Curtis Dukes, Executive Vice President of the Security Best Practices Automation Group and Tony Sager, Senior Vice President and Chief Evangelist, both from the Center for Internet Security. The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.

In our 153rd episode of the Steptoe Cyberlaw Podcast, Stewart Baker, Michael Vatis, and Maury Shenk discuss: Howard Schmidt, RIP; the Trump wiretap story; a federal magistrate judge in Wisconsin has ruled that the government can use a warrant issued under the Stored Communications Act to compel email providers to disclose the content of emails stored abroad; internet-connected teddy bear company hacked, 2 million parent-child voice messages exposed and held ransom; new analysis of the 50c army forces a reconsideration of who they are and what they do; the fight over 702 reauthorization warms up: lefty lawmakers want an estimate on how many innocent Americans are swept up in key surveillance programs up for reauthorization this year; a dozen civil society groups are asking Vera Jourová the European Commissioner for Justice, Consumer and Gender Equality, to suspend the US-EU Privacy Shield unless reforms are made to Section 702; and Wilbur Ross endorses Privacy Shield. Our guest interview is with Matt Tait, CEO and Founder of Capital Alpha Security. The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.

In our 152nd episode of the Steptoe Cyberlaw Podcast, Stewart Baker, Stephanie Roy, Maury Shenk, Jennifer-Quinn Barabanova, and Paul Rosenzweig discuss: Chairman Pai courts controversy to kill FCC security provisions; conclusion of EU legislative process for the Terrorism Directive, which includes an article authorizing blocking of Internet content related to promotion of terrorism; Time Magazine sued for disclosing reading habits of customers under Michigan privacy law-case survives standing challenge; Financial companies slap Arby's over data breach; Germanys' surveillance concern over Cayla the talking doll; Amazon's unpersuasive rational for withholding Alexa recordings; Fingerprint (non) disclosure decision out of the ND IL; the GSA IG report on 18F; the draft cyber Executive Order; the NASS's resolution to the DHS; and Chinese social media handle disclosure. The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.

In our 151th episode of the Steptoe Cyberlaw Podcast, Stewart Baker, Alan Cohn, and Maury Shank discuss: Microsoft calls for a cyber "Geneva Convention;" Chairman Michael McCaul (R-TX) opposes backdoors in encryption; the EU investigates robots; Turmoil in the White House cyber edition: Out like Flynn, in with McMaster; what's the impact on cyber?; White House staff are reportedly using encrypted messaging apps to communicate; Are the Russians Hacking the French election? Our guest interviews are with John "Four" Flynn, Chief Information and Security Officer at Uber, Heather Adkins, Director of Information Security at Google, and Troels Oerting, Group Chief Security Officer and Group Chief Information Security Officer at Barclays Bank. The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.

In our 150th episode of the Steptoe Cyberlaw Podcast, Stewart Baker, Alan Cohn, and Jennifer Quinn-Barabanov discuss: A federal judge currently in the spotlight for blocking President Donald Trump's travel ban executive order is now questioning the constitutionality of secrecy orders that accompany government surveillance demands; US District Court for the Western District of Washington Judge James Robart issued a 47-page opinion today allowing Microsoft to proceed with a lawsuit claiming a First Amendment violation when the government restricts internet providers from notifying subscribers about requests for their data; In coming down on smart-TV maker Vizio for tracking users' viewing habits without their consent, the Federal Trade Commission adopted broader definitions of "sensitive" information and consumer harm. But experts say not to expect a trend there, given the acting chairwoman's reservations about the settlement; The Trump Administration could soon begin asking foreigners coming to the United States — particularly from some Muslim-majority countries — to turn over their social media accounts and passwords, according to Homeland Security Secretary John Kelly; The new volume of the Tallinn Manual — named Tallinn 2.0 is out. It explores the applicability of international law to cyber activity below the threshold of armed conflict. A global group of 19 experts, aided by input from governments and international organizations, prepared the manual over the course of four years; The cybersecurity Executive Order that President Donald Trump is expected to sign this week would kick off a far-reaching White House review of each federal agency's cybersecurity risks, according to an updated draft; Hal Martin indicted: The theft may go well beyond what is in the indictment; The No. 2 official at the NSA is not leaving because of Trump. Richard Ledgett, whose departure the agency confirmed Friday, said politics had nothing to do with it; Google has warned a number of prominent journalists that state-sponsored hackers are attempting to steal their passwords and break into their inboxes. Our guest interview is with Dominic Rochon, Deputy Chief of Policy and Commmunications at the Communications Security Establishment, and Patricia Kosseim, Senior General Counsel and Director General of the Office of the Privacy Commissioner of Canada. The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.

In our 149th episode of the Steptoe Cyberlaw Podcast, Stewart Baker, Michael Vatis, and Meredith Rathbone discuss: Google loses its Microsoft Ireland case, probably because it would have to be called the “Google Cyberspace” case; FSB relief spurs momentary political meltdown among Washingtonians who don’t listen to the Steptoe Cyberlaw Podcast; Neil Gorsuch opines on computer searches and child porn; What’s happened to the cyber Executive Order?; The FSIA and suits against sovereign hackers; Brexit passes Commons and May promises data deal with EU; Google’s settlement approved despite cy pres objections; Austrian hotel guests inconvenienced but not imprisoned by ransomware; CFAA violations cost the Cardinals two high draft picks and $2 million. Our guest interview is with Jason Healey, Senior Research Scholar at Columbia University's School for International and Public Affairs. The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.

In our 148th episode of the Steptoe Cyberlaw Podcast, Stewart Baker, Alan Cohn, Jennifer Quinn-Barabanov, and Maury Shenk discuss: Second Circuit denies rehearing in Microsoft Ireland case by an evenly divided vote; Meeting between Donald Trump and Theresa May this week (including Russia sanctions), and UK Supreme Court decision on role of Parliament and Brexit; President Trump order on Privacy Act application to foreigners roils the Atlantic; New FTC Chair to shift data security focus to actual harm; But Ohlhausen may not end up with the top job, for ideological reasons; Trump’s cybersecurity review order; China disses attribution, and Russia shows the human risks of doing too good a job of attributing attacks; ADT settlement of early IOT security suit; No surprise here: Only government can unredact bulk data opinions; Lloyds bank accounts targeted in huge cybercrime attack; and President using outdated Android to tweet while watching TV. Our guest interview is with Corin Stone, Executive Director of the National Security Agency. The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.

In our 147th episode of the Steptoe Cyberlaw Podcast, Stewart Baker, Michael Vatis, Maury Shenk, and Alan Cohn discuss: The D-Link case: Another challenge for the FTC; The Obama administration reminds us why we'll miss them, and also why we won't: Retrospective on Obama cybersecurity, Obama Administration farewell statement on privacy; DHS issues a farewell report on incident response; The FCC's public safety team issues a white paper; EU judicial redress act squeaker: Europe designated, but not Brexiting UK; Trump's policy paper: "Cyberwarfare is an emerging battlefield, and we must take every measure to safeguard our national security secrets and systems. We will make it a priority to develop defensive and offensive cyber capabilities at our U.S. Cyber Command, and recruit the best and brightest Americans to serve in this crucial area."; The flap over WhatsApp security "back door"; and Alan Cohn’s special foreign correspondent report from Davos. Our guest interview is with Jack Goldsmith, Harvard Law Professor and co-founder of Lawfare. The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.

In our 146th episode of the Steptoe Cyberlaw Podcast, Stewart Baker, Stephanie Roy, Michael Vatis, and Maury Shenk discuss: Does the 1878 Posse Comitatus Act really make Trump’s plan to rely on military cybersecurity illegal?; St. Jude, FDA issues security update for device at center of short-selling; FCC privacy news; Europe roundup: EU says US explanation of Yahoo email scanning not enough, Germany's plan to fight fake news; If a Best Buy technician is a paid FBI informant, are his computer searches legal?; and Obama Administration releases long awaited new Executive Order 12333 rules on sharing of raw signals intelligence information within intelligence community. For live audience feedback, Gus Hurwitz, Assistant Professor of Law and Co-Director of Space, Cyber, and Telecommunications at the Nebraska College of Law, joins us to discuss the FTC and CSF from last week. The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.

In our 145th episode of the Steptoe Cyberlaw Podcast, Stewart Baker, Michael Vatis, and Alan Cohn discuss: Russia hacking: The intel report and Trump’s surprisingly nuanced reaction; Report; What was Russia’s motivation? Occupy Wall Street and 201; Coverage of report Intercepts of Russian comms supports conclusion; UK role; Is Trump right to think that the Obama Administration is tilting intel to make him look bad?; When will Trump’s Twitter account be hacked?; China forces Apple to drop the NYT app from its China app store; Russia forces Apple and Google to drop the LinkedIn app from their Russian app stores; LabMD gets lots of amicus support; Rediscovering US libel law as a way to shut critics up; Europocrisy Prize starts to get traction? Our interview is with Davis Hake, former director of cybersecurity strategy at Palo Alto Networks, and Nico Sell, co-founder and CEO of Wickr. The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.

In our 144th episode of the Steptoe Cyberlaw Podcast, Stewart Baker, Maury Shenk, Meredith Rathbone, and Jennifer Quinn-Barabanov discuss: European Court of Justice decision that further limits data retention; Russian sanctions and the FBI/DHS Joint Analysis Report; The Vermont Yankee hacking flap; Listing of Russian Federal Security Service (FSB) has raised significant issues for US companies that get encryption import approvals from FSB; Wassenaar Arrangement effort to control exports of "intrusion software"; Class action fairness advocacy organization is challenging the Google settlement. The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.

In our 143rd episode of the Steptoe Cyberlaw Podcast, Stewart Baker, Michael Vatis, and Maury Shenk discuss: ENISA report shows European debate; Ashley Madison settles with the FTC; Google settles its class action on email scanning; OTT privacy rules; German, EU politicians talk tough punishments for fake news; and Russia hacking issue spins up even further. Our interview is with Matthew Green, Assistant Professor at the Johns Hopkins Information Security Institute. The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.

In our 142nd episode of the Steptoe Cyberlaw Podcast, Stewart Baker, Michael Vatis, and Stephanie Roy discuss: Lindsey Graham and some Democrats want to investigate Russia’s role in the election; President-elect Trump still thinks that is fake news; FISA-derived evidence allowed by the United States Court of Appeals for the Ninth Circuit; What the FCC is likely to do with net neutrality and cybersecurity regulation; Gen. John Kelly named to head DHS; this tells us more or less nothing about cyber issues; Runnerup for DHS, Chairman Michael McCaul gives speech on DHS, wants to go back to crypto commission; Rep. Adam Schiff says the obvious: Trump will lean toward law enforcement in crypto debate but Congress is not ready to do anything. Our interview is with Kiersten Todt, Executive Director at the Presidential Commission on Enhancing National Security. The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.

In our 141st episode of the Steptoe Cyberlaw Podcast, Stewart Baker, Michael Vatis, and Maury Shenk discuss: Umbrella agreement passes European Parliament; Investigatory Powers Act gains royal assent; Trump says Department of Defense will protect civilian infrastructure, Cyber Command elevated, Firing Adm. Michael Rogers?; Department of Justice and a boatload of other countries sinkhole "Avalanche" botnet; Sen. John Cornyn holds off left/libertarian attackers to keep Rule 41 changes; CFIUS halts Chinese acquisition; National Commission delivers recommendations; Saudi Arabia suffers major Iranian attack. Our interview is with Corporate Vice President for Trustworthy Computing at Microsoft, Scott Charney. The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.

In our 140th episode of the Steptoe Cyberlaw Podcast, Stewart Baker, Alan Cohn, Maury Shenk, and Jennifer Quinn-Barabanov discuss: Five EU members say they want EU-wide crypto controls; FBI hacked more than 8,000 computers in 120 countries; Undisclosed collection of data on massage device spurs class action; and Wages of defeat: Election hack fever seizes the left and fake news fever seizes the left. Our interview is with New York Times reporter and author of "Machines of Loving Grace" John Markoff. The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.