The Cyberlaw Podcast

In our 139th episode of the Steptoe Cyberlaw Podcast, Stewart Baker, Alan Cohn, and Katie Cassel discuss: Personnel is Policy in new Trump Administration: Will the head of NSA be fired or promoted? Mike Rogers at the center of the storm; President-elect Donald Trump's surprise decision Friday to nominate Rep. Mike Pompeo to run the CIA; Sen. Jeff Sessions pick "could be a sign that the Trump administration may take a tougher approach with the nation's tech industry; Personnel is Policy in the Senate: In one of the biggest shake-ups, Sen. Dianne Feinstein will leave her spot as the No. 1 Democrat on the Intelligence Committee; An advertising industry initiative has launched an anti-malware certification program; DHS releases recommendations for protecting internet-connected devices; NIST issues small business guidance; Two for the price of one: Secret “backdoor” software uncovered in Androids for sending users’ personal data to China; A piece of Chinese firmware for cheap Android phones has been found that allows unsecured firmware updates; Kaspersky whines about Microsoft Defender; Rule 41 override still dead as General Franco. Our interview is with Steven Weber and Betsy Cooper from the UC Berkeley Center for Long Term Cybersecurity. The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.

In our 138th episode of the Steptoe Cyberlaw Podcast, Stewart Baker, Katie Cassel, and Maury Shenk discuss: 11th Circuit decides the case against the Commission in granting a stay that the Commission should have granted; LabMD says it will soon be a miniseries; DMCA exemption for security research takes effect; Yahoo admits knowing of 2014 breach in 2014, says it is unsure the Verizon deal will go through; Russia prepares to block LinkedIn for localization violations; Section 230 immunity gets weirder; German prosecutors investigate Facebook over hate posting; Big DDOS attack on Russian banks; Russian hackers target think tanks in post-election attacks; Amazon to repay parents for kids’ in-app purchases. Our interview is with former Deputy Assistant Secretary for Policy at Department of Homeland Security and noted cybercommentator, Paul Rosenzweig, and Daily Beast reporter, Shane Harris. The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.

In our 137th episode of the Steptoe Cyberlaw Podcast, Stewart Baker, Maury Shenk, and Michael Vatis discuss: Privacy Shield Agreement challenged; China adopts cybersecurity legislation; FDA gets Congressional mail on device security response; FTC issues Business Guide to Data Breach Response; US Cyber Command has Warned Russia; Indonesia’s ‘Right to Be Forgotten’ Raises Press Freedom Issues; US Bank Regulator Notifies Congress of Major Data Security Breach; DMCA rules updated to give security experts legal backing to research. Our interview is with Associate Vice President and Director of the Center for Cyber and Homeland Security at George Washington University Frank Cilluffo. The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.

In our 136th episode of the Steptoe Cyberlaw Podcast, Stewart Baker, Michael Vatis, and Kaitlin Cassel discuss: FBI gets reinforcements in the Great Crypto War: Europrosecutors Call for Tools to Crack Islamic State Encryption; Privacy Shield; Security reporting mandates proliferate: U.S. Treasury tells banks to provide details on cyber attacks; NHTSA Releases Proposed Cybersecurity Guidance For Vehicles; EU Issues Data-Protection Warning to WhatsApp, Yahoo; FCC adopts “opt-in” privacy rules for ISPs; HHS Imposes $2.1M Fine For Accidental File-Sharing Disclosure Of PHI; 23 out of 535 lawmakers against Rule 41 changes. Our interview is with Harvard Law Professor Jonathan Zittrain. The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.

In our 135th episode of the Steptoe Cyberlaw Podcast, Stewart Baker, Michael Vatis, Maury Shenk, and Kaitlin Cassel discuss: The overhyped flap-over search warrants that require phoneprints UK tribunal finds that GCHQ violated law in not disclosing mass collection of data; New cybersecurity regulations proposed for financial industry; DOD issues contractor cyberattack reporting regulations; Harold Martin: Source of the Shadowbrokers toolset after all?; Dynamic IP addresses are personal data, EU top court rules Blowing national security secrets gets a shrug from the press, but blowing John Podesta’s secrets leaves Julian Assange trying to mooch wifi from the neighbors; DDoS attacks slow web traffic for many sites. Our interview is with Assistant Secretary for Cybersecurity Policy at the Department of Homeland Security Robert Silvers. The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.

In our 134th episode of the Steptoe Cyberlaw Podcast, Stewart Baker, Maury Shenk, and Michael Vatis discuss:The Geofeedia flap over police access to public posts, UK ICO releases best practices for privacy notices, Banking security, Akamai confirms exploitation of IoT for mass hacking (along with mass DDOS), China’s internet child protection proposals stir unease, DOJ seeks rehearing in Microsoft Ireland case, and Russia announces attempt to break Western end to end encryption. Our interview is with outgoing Assistant Attorney General for National Security John Carlin. The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.

In our 133rd episode of the Steptoe Cyberlaw Podcast, Stewart Baker, Alan Cohn, Maury Shenk, and Kaitlin Cassel discuss: DNI Fingers Russia for DNC hack Yahoo searches provoke another fake scandal Third Circuit rules that a badly sourced Glenn Greenwald article is all you need to survive a motion to dismiss TalkTalk case pulls data protection agency into cybersecurity standards business FCC’s proposed privacy regulations revised HHS Imposes $400K Fine For Outdated BAA Our interview is with The Grugq. The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.

In our 132nd episode of the Steptoe Cyberlaw Podcast, Stewart Baker, Markham Erickson, and Meredith Rathbone discuss: EU proposal on surveillance software exports; Gmail privacy suit trimmed, but Spokeo ruling keeps it alive; California passes law requiring removal of actor ages by database sites on request; and FCC pulls set-top box plan from meeting agenda. Our interview is with Ellen Nakashima of the Washington Post. The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.

In our 131st episode of the Steptoe Cyberlaw Podcast, Stewart Baker, Jennifer Quinn-Barabanov, and Michael Vatis discuss: Microsoft's new datacenters aim to put customer data beyond the reach of US snooping; British Billionaire's Suit Over Alleged Leak Offers First Test of Privacy Law Yahoo! suffers big, old data breach, gets sued Brian Krebs, podcast alum, sets unenviable record: victim of world’s biggest DDOS attack, fueled by the IOT Our interview is with Matt Cutts and Lisa Wiswell of the Pentagon’s Defense Digital Service. The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.

In our 130th episode of the Steptoe Cyberlaw Podcast, Stewart Baker, Katie Cassel, Maury Shenk, and Michael Vatis discuss: NY Department of Financial Services issues cybersecurity regulations for banks and insurers EU finds its comparative advantage in writing regulations, not code Sixth circuit finds breach standing without allegations of injury CFTC Approves Final Rules On Cybersecurity Testing Ninth circuit allows “failure to warn” claim despite CDA 230 FTC wants to make the rubble bounce at LabMD. The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.

In episode 129b Stewart talks with Ciaran Martin, the chief executive of the UK’s National Cyber Security Centre. While the US political climate makes it implausible that the National Security Agency would be asked to head a nationwide cybersecurity center designed to work with the private sector, that’s exactly the job that the United Kingdom given to GCHQ, the British equivalent of NSA. Stewart asks why, and a lot more too. The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.

In our 129th episode of the Steptoe Cyberlaw Podcast, Stewart Baker, Alan Cohn, and Phil West discuss: The OPM report from Government Oversight Unpacking the Ireland Apple tax dispute Another case (US v. Torres) falls out of the FBI’s PlayPen NIT. The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.

In our 128th episode of the Steptoe Cyberlaw Podcast, Stewart Baker and Maury Shenk discuss: SWIFT Fraud Privacy Shield is up, and a lot of companies are signing up Equation Group tools outed – was NSA hacked by Shadow Brokers? Crypto World War Russia is hacking US politics CareFirst is kicking butt in injury-free breach lawsuits [Stewart] ECJ limits data protection jurisdiction LabMD loses before FTC and now can go to a neutral forum FTC loses turf in Ninth Circuit FTC finally notices that NIST has a Cybersecurity Framework UK watchdog endorses bulk collection of data Baltimore uses aerial surveillance tool from Iraq war Yahoo! skates with meaningless settlement of wiretap class action Our interview is with Scott DePasquale, CEO of Utilidata, to talk about cybersecurity and his contribution to the Internet Security Alliance’s upcoming book, The Cyber Security Social Contract. The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.

In our 127th episode, Stewart Baker talks with Charles Allen, who became intelligence chief for DHS after a full career at CIA, and John McLaughlin, who ended his career at CIA as the Deputy Director and Acting Director about the DNC hack. The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.

In our 126th episode of the Steptoe Cyberlaw Podcast, Stewart Baker, Maury Shenk, and Katie Cassel discuss: 9th Circuit: It’s a federal crime to visit a website after being told not to visit it The GOP platform and Hillary’s tech policy paper both straddle crypto issue GOP endorses hackback in platform Scottrade Could Get Off Scot-Free After Breach Massive Data Leaks target Hillary and Erdogan – Putin’s doing? EU Court Adviser Green-Lights Data-Retention Rules to Fight Serious Crime There have now been over 100 ISIS-linked terror plots against the West since 2014, according to a report released today by Homeland Security Committee 'NSA-Proof’ Phone Maker Raises $50M In Funding WhatsApp Is Briefly Shut Down in Brazil for a Third Time Our interview is with Ed Hammersla, CSO of Forcepoint Federal and Brian White, COO of RedOwl to talk about the new DOD rule requiring contractors to devise insider monitoring plans. The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.