Steptoe Cyberlaw Podcast (general)

Stewart Baker, Maury Shenk, and Michael Vatis discuss this week in NSA: The House passes an NDAA amendment to regulate "secondary" searches of 702 data; the GCHQ defends its view that sending email thru Yahoo and Hotmail is an "external" communication; Darryl Issa raises questions about the FTC's investigation into LabMD and asks for an IG investigation; an Irish court backs the Irish data protection authority's decision not to investigate Facebook for cooperating with NSA; the Eighth Circuit decision on bank liability for weak security; the Senate Intelligence Committee's information sharing bill; and privacy class actions. In our second half we have an interview with Ralph Langner, decoder of Stuxnet and founder of the Langner Group, which specializes in industrial control system security.

Direct download: Episode_25.mp3
Category:general -- posted at: 9:17pm EDT

Stewart Baker, Michael Vatis, and Jason Weinstein discuss this week in NSA: A federal judge in San Francisco announced that she was not willing to take the Justice Department's word that several FOIA'd FISA court opinions cannot be partially declassified and demanded that they be produced for in camera inspection; Crowdstrike outs another PLA hacker by name; the Chinese claim that the US government needs to provide more information about alleged Chinese hacking; and the DoD authorization bill is due to add a few more provisions tightening restrictions on China's IT sector; Microsoft's legal objections to getting a warrant for other people's data stored in Ireland; fourth amendment news: Wi-Fi moochers have no expectation of privacy, but how to treat location data stored by cell phone companies continues to drive the federal courts to distraction; a study that Stewart and Jim Lewis of CSIS unveiled last week on the cost of cybercrime; the West Virginia data breach doctrine; and the FCC catches up to the FTC and SEC in cybersecurity "nudge" regulation. In our second half we have an interview with Paul Rosenzweig, consultant at Red Branch Consulting, blogger for Lawfare, writer for the Homeland Security Institute, and lecturer for the Great Courses on Audible.

Direct download: Episode_24.mp3
Category:general -- posted at: 7:31am EDT

Stewart Baker, Stephanie Roy, and Michael Vatis discuss Google's effort to implement the European Court of Justice's "right to be forgotten" decision; New York Court of Appeal's case on cyberbullying; Google's decision to promote more encryption; how stingray cell phone location systems work, and why the US marshals might seize stingray records from the Florida police; the regulatory issues that might be involved with using satellites to provide internet service to developing countries; this week in NSA: German prosecutors have opened a criminal investigation into the tapping of Angela Merkel's phone but not the hacking of her computer; and the EFF still wants NSA to hang on to more Americans' records than NSA wants to keep. In our second half we have an interview with Congressman Mike Pompeo (R-KS), a member of the House Intelligence Committee who joined the House in 2010.

Direct download: Episode_23.mp3
Category:general -- posted at: 7:50am EDT

Stewart Baker, Michael Vatis, and Jason Weinstein discuss this week in NSA: Edward Snowden's NBC interview and his claim to have raised concerns about the agency's intelligence programs before he launched his campaign of leaks; the New York Times' article on face recognition by the NSA; China responds to the indictment of its hackers by pointing to old Snowden documents; the FTC issues a report on data brokers; the LabMD litigation continues; Google starts to spell out how it will implement the right to be forgotten; NSL transparency is back in court; Iranian cyberattacks; and what happened with TrueCrypt. In our second half we have an interview with Ron Deibert, director of the Canada Centre for Global Security Studies and the Citizen Lab at the Munk School at the University of Toronto.

Direct download: Episode_22.mp3
Category:general -- posted at: 6:52am EDT


In our twenty-first episode of the Steptoe Cyberlaw Podcast, Stewart Baker, Maury Schenk, Michael Vatis, and Jason Weinstein discuss this week in NSA: The House passage of the USA Freedom bill; LabMD goes to trial; China lashes back over the Justice Department's indictment of PLA members; Apple loses a preliminary fight over its liability for the privacy practices of third party apps; the Blackshades indictments; the mild treatment given to the Anonymous hacker, Sabu; and California's Attorney General's guidance on how to comply with California's latest privacy law. In our second half, we have an interview with Peter Schaar, a proponent of the right to be forgotten and an eminent former data protection chief. From 2003 to 2013, Peter was the Federal Commissioner for Data Protection and Freedom of Information. He is currently Chairman of the European Academy for Freedom of Information and Data Protection (EAID) and a guest lecturer at the University of Hamburg.
Direct download: Podcast_21.mp3
Category:general -- posted at: 10:13am EDT

In our twentieth episode of the Steptoe Cyberlaw Podcast, Stewart Baker, Stephanie Roy, and Michael Vatis discuss Breaking News: American counterattack on Chinese cyberspying - the indictment of several PLA members for breaking into US computers to steal commercial information; this week in NSA: It turns out that telcos did challenge the 215 program; Glenn Greenwald's book claims that NSA considers Israel the most effective at spying on the US after China and Russia; Greenwald also says that NSA modifies equipment after it's been sold to make hacking easier; and Greenwald's book has now been leaked to Bittorrent; it looks as though LabMD is down to one lawsuit; the Justice Department released a statement that some kinds of information sharing don't violate the antitrust laws. Now it's put out a white paper saying that ISPs can release aggregate information about cybersecurity without violating the Stored Communications Act's prohibition on releasing customer information; net neutrality and the difference between Title II and section 706 as a basis for net neutrality; and the European Court of Justice's embrace of the "right to be forgotten" In our second half, we have an interview with Shane Harris, senior writer at Foreign Policy magazine, where he covers national security, intelligence, and cyber security. Shane's book, The Watchers, offered thoughtful insights into the rise of surveillance in America.

Direct download: podcast20.mp3
Category:general -- posted at: 4:30pm EDT

Stewart Baker and Michael Vatis discuss this week in NSA: Al-Jazeera gets an exclusive on e-mails where google execs turn down NSA invitations and talk briefly about online security threats; the State Department's Coordinator for Cyber Issues; Oracle wins a Federal Circuit victory over Google, establishing that APIs can be copyrighted; New York State issues a short report on bank cybersecurity practices and promises to start asking banks about these practices in inspections; in other litigation, LabMD claims a victory over the FTC, and we interview LabMD's CEO, Michael Daugherty; the ACLU argues that criminal defendants who are acquitted should have no more privacy rights than those who are convicted; Zynga and Facebook get a reprieve from the Court of Appeals, but can face lawsuits under state law for breach of contract; and Snapchat finds itself exposed at the FTC. In our second half, we have an interview with Chris Painter, the State Department's Coordinator for Cyber Issues. Chris discusses norms in cyberconflict, MLAT reform, Brazil's recent Net Mundial conference, and much more.

Direct download: Podcast19.mp3
Category:general -- posted at: 8:20am EDT

In our eighteenth episode of the Steptoe Cyberlaw Podcast, Stewart Baker and Michael Vatis discuss this week in NSA: The internal NSA briefing memo surmising that GCHQ probably hoped to expand its access to PRISM data; Microsoft loses a big case before a magistrate in SDNY, who rules that the government can enforce warrants requiring Microsoft to produce data stored abroad; The Supreme Court hears oral argument over cell phone searches incident to arrest; The White House has released a couple of reports on Big Data—one from the PCAST and one from John Podesta's group—along with several recommendations; The White House also released guidance on when NSA will exploit cybersecurity flaws and when it will try to fix them; GCHQ's own independent monitor has released a long and favorable report; and data breaches claim their first CEO, as Target makes room at the top. In our second half, we have an interview with Brian Krebs, the noted security researcher behind Krebs on Security. Brian comments on the week's news before giving us an interview on the latest in Russian cybercrime.

Direct download: Episode18.mp3
Category:general -- posted at: 6:16pm EDT

In our seventeenth episode of the Steptoe Cyberlaw Podcast, Stewart Baker, Stephen Heifetz, Stephanie Roy, Michael Vatis, and Jason Weinstein discuss this week in NSA: No new scandal stories but the principal new release came from the US government and consisted of a FISA court ruling that took apart the only decision declaring NSA's section 215 metadata program illegal - Judge Leon's opinion in Klayman; the top story this week is the claim that the FCC is gutting net neutrality; the New York Times' story suggesting that the FBI may have used Anonymous to help compromise foreign nations' networks; the cell phone warrant case; the Aereo case; Magistrate Facciola's approach to warrants, and DOJ's method to appeal his latest ruling; and DHS' announcement that it has notified all critical infrastructure companies that they are considered critical. In our second half, we have an interview with two government CFIUS experts, Elana Broitman, a deputy assistant secretary at DOD and Shawn Cooley, who manages DHS's participation in CFIUS as well as Team Telecom.

Direct download: Episode17.mp3
Category:general -- posted at: 4:14pm EDT

In our sixteenth episode of the Steptoe Cyberlaw Podcast, Stewart Baker, Chris Conte, Michael Vatis, and Jason Weinstein discuss this week in NSA: Edward Snowden questions Putin; and the Bloomberg story that NSA exploited the Heartbleed vulnerability steadily loses altitude and believers; the SEC releases thoughtful and detailed set of cybersecurity questions for its examiners to use in dealing with the private sector; US magistrate Facciola calls for an amicus brief on cell-site data; Kentucky adopts a state breach notice law; the conviction of Andew "Weev" Auernheimer for the AT&T hack was overturned on appeal; the implications of giving first amendment protection to censored search results; and in bitcoin news, a more plausible candidate for Satoshi Nakamoto has emerged. In our second half, we have an interview with Alex Joel, the Civil Liberties Protection Officer of the Office of the Director of National Intelligence.

Direct download: Episode16.mp3
Category:general -- posted at: 1:39pm EDT