Bloomberg Businessweek’s claim that the Chinese bugged Supermicro motherboards leads off our News Roundup. The story is controversial not because it couldn’t happen and not because the Chinese wouldn’t do it but because the story has been denied by practically everyone close to the controversy, including DHS. Bloomberg Businessweek stands by the story. Maybe it’s time for the law, in the form of a libel action, to ride to the rescue.

Congress, astonishingly, has been doing things other than watch the Kavanaugh hearings. It produced a conferenced version of the FAA authorization including authority for DHS and DOJ to intercept drone communications and seize drones without notice or a warrant. This effort to get in front of dangerous technology yields the usual whines from the usual Luddite “technology advocates.” Meantime, Congress has also adopted a bill to change the name of DHS’s cyber and infrastructure security agency to, well, the Cybersecurity and Infrastructure Security Agency. 

ZTE’s troubles continue, as a federal judge slammed the company for violating the terms of its probation. The judge extended ZTE’s probationary term and the term of its monitor – meaning the company now has two US monitors watching as it tries to rebuild its business.

The Trump Administration is following in the Obama Administration’s footsteps, Gus Hurwitz reports, trying to build consensus around norms for cyber conflict. I remain dubious, but at least this effort is limited to countries not actively engaged in cyber hostilities with the United States.  

California has its own air pollution standards; why not its own net neutrality law? Probably because the FCC under Ajit Pai is not the EPA. Gus and I discuss whether any part of California’s law can withstand preemption.

The hits just keep on coming for the GRU, a formerly vaunted Russian intelligence service, which now can’t even keep secret the names of its most secret agents. Bellingcat, a private website, totally pantses the agency, outing not just its nerve agent operatives but 300 others for good measure.  Piling on, the Justice Department indicts another batch of GRU operatives for hacking sports anti-doping authorities. Even Germany musters the courage to join the UK in fingering Russia for its cyberattacks while the mighty Dutch counter-hacking team joins in the sack dance.

Is the Turing test easier if you only have to convince Californians that you’re human? That may be the theory behind California’s SB 1001, making it unlawful for a bot to deceive a Californian about its botitude “in order to incentivize a purchase or sale of goods or services in a commercial transaction or to influence a vote in an election.”

More bad news for Justice in Silicon Valley, according to leaks from a court case in which the Department is rumored to have sought a court order forcing Facebook to cooperate in a wiretap of MS-13 members.  

Finally, Dr. Megan Reiss reports, North Korea is apparently getting rich robbing banks. Surprisingly, though, it seems not to be robbing American banks. Yet. 

Download the 234th Episode (mp3).

You can subscribe to The Cyberlaw Podcast using iTunes, Pocket Casts, Google Play, or our RSS feed!

As always, The Cyberlaw Podcast is open to feedback. Be sure to engage with Stewart on social media: @stewartbaker on Twitter and on LinkedIn. Send your questions, comments, and suggestions for topics or interviewees to CyberlawPodcast@steptoe.com. Remember: If your suggested interviewee appears on the show, we will send you a highly coveted Cyberlaw Podcast mug!

The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.