Stewart Baker and Michael Vatis discuss this week in NSA: Glenn Greenwald decides not to expose individuals who are targeted for surveillance; The Washington Post reveals that "9 out of 10" targets in the NSA's datasets are non-targets; NSA Director Mike Rogers says that Snowden's thefts can be managed; the Seventh Circuit ruled that FISA intercepts cannot be routinely shown to defense counsel; Ellen Nakashima and Bart Gellman reveal that the NSA thinks it may have to gather foreign intelligence from every country in the world; government reports triggered by Snowden continue to multiply; Microsoft's fight with the US government over warrants for overseas data gets more support; Google continues to reveal how it is applying the right to be forgotten; New York's cyberbullying law is struck down; and the SEC has begun investigating network intrusions, starting with Target. In our second half we have an interview with David Heyman, former DHS Assistant Secretary for Policy. The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.

Stewart Baker, Michael Vatis, and Jason Weinstein discuss this week in NSA: The Lofgren amendment, which prohibits NSA and CIA from asking a company to "alter its product or service to permit electronic surveillance;" NSA's bulk collection program is extended again; the Supreme Court's 9-0 decision in Riley, refusing to allow police to routinely search the cell phones carried by people they arrest; Facebook challenges 300+ search warrants on behalf of the targets; Wyndham files an appeal on the FTC's jurisdiction over Internet privacy and security; and Steptoe launches the Data Breach Toolkit. In our second half we have an interview with Dmitri Alperovich, CEO of Crowdstrike, a well-known incident response cybersecurity startup whose recent report introduced the world to another unit of the PLA hacking force - one that is quite distinct from unit 61398, which was exposed by Mandiant last year, six of whose members were indicted recently by the Justice Department.

Stewart Baker, Maury Shenk, and Michael Vatis discuss this week in NSA: The House passes an NDAA amendment to regulate "secondary" searches of 702 data; the GCHQ defends its view that sending email thru Yahoo and Hotmail is an "external" communication; Darryl Issa raises questions about the FTC's investigation into LabMD and asks for an IG investigation; an Irish court backs the Irish data protection authority's decision not to investigate Facebook for cooperating with NSA; the Eighth Circuit decision on bank liability for weak security; the Senate Intelligence Committee's information sharing bill; and privacy class actions. In our second half we have an interview with Ralph Langner, decoder of Stuxnet and founder of the Langner Group, which specializes in industrial control system security.

Stewart Baker, Michael Vatis, and Jason Weinstein discuss this week in NSA: A federal judge in San Francisco announced that she was not willing to take the Justice Department's word that several FOIA'd FISA court opinions cannot be partially declassified and demanded that they be produced for in camera inspection; Crowdstrike outs another PLA hacker by name; the Chinese claim that the US government needs to provide more information about alleged Chinese hacking; and the DoD authorization bill is due to add a few more provisions tightening restrictions on China's IT sector; Microsoft's legal objections to getting a warrant for other people's data stored in Ireland; fourth amendment news: Wi-Fi moochers have no expectation of privacy, but how to treat location data stored by cell phone companies continues to drive the federal courts to distraction; a study that Stewart and Jim Lewis of CSIS unveiled last week on the cost of cybercrime; the West Virginia data breach doctrine; and the FCC catches up to the FTC and SEC in cybersecurity "nudge" regulation. In our second half we have an interview with Paul Rosenzweig, consultant at Red Branch Consulting, blogger for Lawfare, writer for the Homeland Security Institute, and lecturer for the Great Courses on Audible.

Stewart Baker, Stephanie Roy, and Michael Vatis discuss Google's effort to implement the European Court of Justice's "right to be forgotten" decision; New York Court of Appeal's case on cyberbullying; Google's decision to promote more encryption; how stingray cell phone location systems work, and why the US marshals might seize stingray records from the Florida police; the regulatory issues that might be involved with using satellites to provide internet service to developing countries; this week in NSA: German prosecutors have opened a criminal investigation into the tapping of Angela Merkel's phone but not the hacking of her computer; and the EFF still wants NSA to hang on to more Americans' records than NSA wants to keep. In our second half we have an interview with Congressman Mike Pompeo (R-KS), a member of the House Intelligence Committee who joined the House in 2010.

Stewart Baker, Michael Vatis, and Jason Weinstein discuss this week in NSA: Edward Snowden's NBC interview and his claim to have raised concerns about the agency's intelligence programs before he launched his campaign of leaks; the New York Times' article on face recognition by the NSA; China responds to the indictment of its hackers by pointing to old Snowden documents; the FTC issues a report on data brokers; the LabMD litigation continues; Google starts to spell out how it will implement the right to be forgotten; NSL transparency is back in court; Iranian cyberattacks; and what happened with TrueCrypt. In our second half we have an interview with Ron Deibert, director of the Canada Centre for Global Security Studies and the Citizen Lab at the Munk School at the University of Toronto.

In our twentieth episode of the Steptoe Cyberlaw Podcast, Stewart Baker, Stephanie Roy, and Michael Vatis discuss Breaking News: American counterattack on Chinese cyberspying - the indictment of several PLA members for breaking into US computers to steal commercial information; this week in NSA: It turns out that telcos did challenge the 215 program; Glenn Greenwald's book claims that NSA considers Israel the most effective at spying on the US after China and Russia; Greenwald also says that NSA modifies equipment after it's been sold to make hacking easier; and Greenwald's book has now been leaked to Bittorrent; it looks as though LabMD is down to one lawsuit; the Justice Department released a statement that some kinds of information sharing don't violate the antitrust laws. Now it's put out a white paper saying that ISPs can release aggregate information about cybersecurity without violating the Stored Communications Act's prohibition on releasing customer information; net neutrality and the difference between Title II and section 706 as a basis for net neutrality; and the European Court of Justice's embrace of the "right to be forgotten" In our second half, we have an interview with Shane Harris, senior writer at Foreign Policy magazine, where he covers national security, intelligence, and cyber security. Shane's book, The Watchers, offered thoughtful insights into the rise of surveillance in America.

Stewart Baker and Michael Vatis discuss this week in NSA: Al-Jazeera gets an exclusive on e-mails where google execs turn down NSA invitations and talk briefly about online security threats; the State Department's Coordinator for Cyber Issues; Oracle wins a Federal Circuit victory over Google, establishing that APIs can be copyrighted; New York State issues a short report on bank cybersecurity practices and promises to start asking banks about these practices in inspections; in other litigation, LabMD claims a victory over the FTC, and we interview LabMD's CEO, Michael Daugherty; the ACLU argues that criminal defendants who are acquitted should have no more privacy rights than those who are convicted; Zynga and Facebook get a reprieve from the Court of Appeals, but can face lawsuits under state law for breach of contract; and Snapchat finds itself exposed at the FTC. In our second half, we have an interview with Chris Painter, the State Department's Coordinator for Cyber Issues. Chris discusses norms in cyberconflict, MLAT reform, Brazil's recent Net Mundial conference, and much more.

In our eighteenth episode of the Steptoe Cyberlaw Podcast, Stewart Baker and Michael Vatis discuss this week in NSA: The internal NSA briefing memo surmising that GCHQ probably hoped to expand its access to PRISM data; Microsoft loses a big case before a magistrate in SDNY, who rules that the government can enforce warrants requiring Microsoft to produce data stored abroad; The Supreme Court hears oral argument over cell phone searches incident to arrest; The White House has released a couple of reports on Big Data—one from the PCAST and one from John Podesta's group—along with several recommendations; The White House also released guidance on when NSA will exploit cybersecurity flaws and when it will try to fix them; GCHQ's own independent monitor has released a long and favorable report; and data breaches claim their first CEO, as Target makes room at the top. In our second half, we have an interview with Brian Krebs, the noted security researcher behind Krebs on Security. Brian comments on the week's news before giving us an interview on the latest in Russian cybercrime.