The Cyberlaw Podcast has now succumbed to an irresistible media trend: We begin the episode with a tweet from President Trump. In this one, he promises to get ZTE “back in business, fast.” Paul Rosenzweig and Nick Weaver provide the backstory on and a large helping of dismay at the president’s approach to the issue.

I question the assumption that this will make the life of Chinese telecom equipment makers easier in the U.S. If anything it could be worse. The 2019 National Defense Authorization Act being drafted in the House will make it very difficult for telecom companies that do business with the Pentagon to rely on Chinese (or Russian) equipment. (See Page 259). If anything, the president probably ensured a unanimous Democratic vote for the measure.

The cyber coordinator position in the White House is on the endangered list. Paul explains why it should survive. His take is not completely snark-free. Summing up the first two stories, I suggest that every president gets the White House he deserves.

Nick explains how badly American democracy could be harmed by a relatively trivial Russian (or Iranian, or North Korean) cyberattack on voter registration databases later in 2018. Indeed, they had a chance to launch such an attack in 2016, according to the Senate intelligence committee. This is an avoidable disaster if election officials take action now, I point out, but Paul doubts they will.

Paul and I lament the insouciance and ahistoricity of the Fourth Circuit’s new ruling adding half a dozen new judicial constraints to border searches of cell phones.

Speaking of cyberattacks, you’d better buckle up, because Iranian retribution for U.S. withdrawal from the Joint Comprehensive Plan of Action is probably being prepared as you read this. And according to a highly educational Recorded Future/Insikt report, Iran’s semi-privatized hacking ecosystem is likely to err on the side of escalation.

The Iranians aren’t the only ones upping their game. Nick reports on an excellent Crowdstrike report on the new sophistication of Nigerian scammers.

We close with Nick’s dissection of the troubling code decisions underlying a pedestrian death caused by Uber’s autonomous vehicle.

The Cyberlaw Podcast is hiring a part-time intern for our Washington, DC offices.

As always The Cyberlaw Podcast is open to feedback. Send your questions, suggestions for interview candidates or topics to CyberlawPodcast@steptoe.com or leave a message at +1 202 862 5785.

Download the 216th Episode (mp3).

Subscribe to The Cyberlaw Podcast here. We are also on iTunes, Pocket Casts, and Google Play (available for Android and Google Chrome)!

The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.

Our interview is with Nick Schmidle, staff writer for the New Yorker. His report on cybersecurity work that goes to the edge of the law and beyond turns up some previously unreported material, including the tale of Shawn Carpenter, a cybersecurity researcher with a talent for showing up in all the best hackback stories.

In the news, Jamil Jaffer reports on domain fronting, a weird form of protection for people hiding the site they’re connecting to behind some bland Google or AWS site. Some of those people are dissidents in authoritarian lands; many are authoritarian governments hacking secrets out of corporate networks. In any event, domain fronting is disappearing before it had even made an impression on the public’s mind. I say good riddance, bolstered in my opinion by the wailing of professional privacy groups that (Do I have to remind you?) don’t care about your security at all.

The Supreme Court takes a case of great interest to social media and other tech firms who attract class actions. Jennifer Quinn-Barabanov explains the law and the likely outcome. I mostly quibble about how to pronounce “cy pres.”

Move fast and break things probably isn’t the best motto if the thing you’re likely to break is, um, you. Megan Reiss talks about the death of Aaron Traywick, and the risks of bringing the hacking ethic to genetic engineering.

Europol and a host of allies were bragging last week about taking down ISIS’s online recruiting and propaganda infrastructure. But this week they’ve had to admit that ISIS is back on line. Jamil and I talk about what lessons can be drawn from cyber-whac-a-molery.

For Chinese phone makers, it never rains but it pours. Fresh off a ban on Chinese phones from US military retail stores, there may be even more pain in the works for ZTE and other Chinese mobile infrastructure providers.

Finally, Megan Reiss and I dig deep into Rep. Ruppersberger’s thoughtful take on cybersecurity, information sharing and DHS.

The Cyberlaw Podcast is hiring a part-time intern for our Washington, DC offices.

Jennifer Quinn-Barabanov with Dr. Megan Reiss

As always The Cyberlaw Podcast is open to feedback. Send your questions, suggestions for interview candidates or topics to CyberlawPodcast@steptoe.com or leave a message at +1 202 862 5785.

Subscribe to The Cyberlaw Podcast here. We are also on iTunes, Pocket Casts, and Google Play (available for Android and Google Chrome)!

The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm

This episode features a new technology-and-privacy flap. The police finally catch a sadistic serial killer, and the press can’t stop whining about DNA privacy. I argue that DNA privacy is in the running for “Dumbest Privacy Issue of the Decade.” Because privacy is all about making sure the police can’t use your data to catch killers. Paul Rosenzweig refuses to take the other side of that debate.

Ray Ozzie has released a technical riposte to the condescending Silicon Valley claim that math proves the impossibility of securely accommodating law-enforcement access to encrypted data. Paul and I muse on the aftermath, in which Silicon Valley will actually have to win the debate rather than claiming that there is none.

Jim Lewis and I note the likelihood that ZTE is contemplating litigation against the U.S. ban on technology sales to the company. What really bothers Jim, though, is the likelihood that the U.S. sanction will accelerate China’s move to complete self-sufficiency in the technology sphere. That’s something that neither the U.S. government nor U.S. industry is really ready for.

The House intelligence committee’s report on Russia and the election is out. It finds no scandal, other than Russia’s shocking attack on our institutions, though it does criticize “ill-advised” action by Trump campaign officials. The minority report says that the investigation should have gone on even longer. Paul and I have different takes on the value of the exercise.

Gen. Paul Nakasone is about to take over at NSA after a remarkably easy ride to confirmation. Jim Lewis finds comfort and diversion in the effort of privacy campaigners to add some bumps to the general’s road.

Finally, Paul and I debate whether Donald Trump, Jr. committed a Computer Fraud and Abuse Act felony by logging on to an opposition website with “guessed” credentials supplied by WikiLeaks. Actually, there isn’t much debate about whether that’s a crime, but I question whether criminalizing such a trivial violation of network mores raises more questions about the CFAA than about Don Jr.

And a bit of special pleading: How can there possibly not be any reviews of The Cyberlaw Podcast on Stitcher Radio? Yet it appears to be true. Please get out there and comment, loyal Stitcher listeners to the podcast!

The Cyberlaw Podcast is hiring a part-time intern for our Washington, DC offices.

As always The Cyberlaw Podcast is open to feedback. Send your questions, suggestions for interview candidates or topics to CyberlawPodcast@steptoe.com or leave a message at +1 202 862 5785.

Download the 214th Episode (mp3).

Subscribe to The Cyberlaw Podcast here. We are also on iTunes, Pocket Casts, and Google Play (available for Android and Google Chrome)!

The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.

In a news-only episode, we get a cook’s tour of the RSA conference from attendees Paul Rosenzweig, Jim Lewis, and Stewart Baker. Top trends we saw at RSA: more nations attacking cybersecurity firms over attribution, more companies defending themselves outside their own networks ("hacking back"), and growing (if still modest) respect for the Department of Homeland Security's role in cybersecurity. Oh, and Microsoft’s Digital Geneva Convention is still a mashup of profound naïveté and deep cynicism, but Microsoft’s Cyber Tech Accord may do better—at least until the Federal Trade Commission gets hold of it.

In other news, ZTE is going to be hammered for showing contempt for U.S. export control enforcement. But the back-splatter on U.S. suppliers will be severe as well. The United States is picking a big, big fight with China on the future of technology, and it’s going to need a strategy. Xi Jinping reads the writing on the wall.

Speaking of big fights, Telegram is in a doozy with Russia over its refusal to supply crypto keys to the government. It looks as though Telegram’s use of Google and other domains as proxies (“domain fronting”) is making it hard for Russia to work its will without harming other internet companies. So far, it looks as though Russia is willing to bring the pain, but the ban isn’t completely effective.

In what may be related news, Google is engineering domain fronting out of its products. The press whining about the civil liberties implications of Google’s moves triggers a classic Baker rant about how privacy zealots don’t really care about security—since domain fronting is a principal method by which network security is defeated and crime facilitated.

And while my rant is rolling, why not include the EU’s shameful drive-by execution of the WHOIS database. I call on the Obama NTIA officials who killed off our last leverage over ICANN to apologize to Ted Cruz for the debacle.

Maury lays out the remarkable parallelism between the U.S. Cloud Act and a new EU regulation on cross-border data sharing for law enforcement.

Finally, or nearly so, Paul unpacks the way in which liability for the SWIFT hacks may drive cybersecurity standards for banks.

And in closing, I note that China is now the clear leader in face recognition, having found a single suspect in a crowd of 60,000 concertgoers. It’s the leader not because of China’s technical strength, though that’s impressive, but because of Silicon Valley political correctness. Remember that when law enforcement agencies end up buying Chinese tech and paying the cybersecurity price.

The Cyberlaw Podcast is hiring a part-time intern for our Washington, DC offices. If you are interested, click here.

As always The Cyberlaw Podcast is open to feedback. Send your questions, suggestions for interview candidates or topics to CyberlawPodcast@steptoe.com or leave a message at +1 202 862 5785.

Download the 213th Episode (mp3).

Subscribe to The Cyberlaw Podcast here. We are also on iTunes, Pocket Casts, and Google Play (available for Android and Google Chrome)!

The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.

In episode 212 of the podcast, Stewart Baker is at RSA, and Brian Egan, Maury Shenk, and Pete Jeydel of Steptoe are joined by David Kris and Nate Jones of Culper Partners LLC to cover the good, the bad and the ugly of the week that was.

In U.K. cyber issues: Brian, Maury, David and Nate discuss the U.S.-U.K.-France weekend airstrikes against Syria’s chemical weapons program, and reported threats of Russian “cyber retaliation” against the British. We also note the continued trends of intelligence disclosures reflected in last week’s speech by the GCHQ director condemning Russia over the Skripal attack and disclosing U.K. offensive cyber operations against the Islamic State.

David provides insights into the government’s proposed use of a U.S. government “taint team” to conduct a privilege review of the materials seized during the FBI’s raid of Michael Cohen’s offices. Bottom line: (1) Warrants to seize evidence from attorneys are relatively rare but not unprecedented, (2) President Trump and Michael Cohen’s requests to conduct their own screening of the materials probably won’t fly, and (3) a scenario in which an independent special master oversees the review is quite possible (but has been delayed for the moment).

Maury discusses the latest in the Schrems data protection litigation against Facebook: last week’s unsurprising decision by the Irish high court to refer questions related to the EU Standard Contractual Clauses to the European Court of Justice. Maury explains why he remains skeptical that the EU court will invalidate the use of these clauses.

Pete explains why Treasury is probably considering its (very broad) options under the International Emergency Economic Powers Act in answering President Trump’s call for more restrictions on Chinese investments.

And David and Nate discuss the latest in the encryption debates, including a Justice Department inspector general's report criticizing the FBI’s mishandled attempts to break the encryption of the San Bernadino shooter’s iPhone, and the latest in encryption-decryption litigation before the lower courts.

Steptoe Partner Brian Egan (right) with Nate Jones

The Cyberlaw Podcast is hiring a part-time intern for our Washington, D.C. offices. If you are interested, click here.

As always The Cyberlaw Podcast is open to feedback. Send your questions, suggestions for interview candidates or topics to CyberlawPodcast@steptoe.com or leave a message at +1 202 862 5785.

Download the 212th Episode (mp3).

Subscribe to The Cyberlaw Podcast here. We are also on iTunes, Pocket Casts, and Google Play (available for Android and Google Chrome)!

The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.

Our interview is with Chris Bing and Patrick Howell O’Neill of Cyberscoop. They’ve broken two cyberscoops in the last week or so. First, an in-depth look at Kaspersky’s outing of a U.S. cyberespionage program aimed at foreign terrorists. Hint to Kaspersky: Bringing out a brass band to warn terrorists that they’re being tracked by the US government is not likely to help you win your PR and legal battles in the United States. Chris Bing also covers his other scoop—the surprisingly advanced talks among the leaders of the Senate judiciary committee on a bill to address the FBI’s “going dark” problem.

In the news, Jennifer Quinn-Barabanov and I debate the impact of two recent incidents on the future of self-driving cars. She thinks they’ll weather these events and that the lives such cars save will outweigh the deaths. I’m less sure, mainly because the mistakes that lead to autonomous vehicle deaths are so different from the usual human-driver error and therefore inherently compelling and disquieting.

Nick Weaver and I cover the Grindr security flap and the company's transmission of HIV status without complete encryption protection. I think there’s less to the story than meets the eye and that Grindr is getting more heat than it deserves.

Sens. Ed Markey (D.-Mass.) and Blumenthal (D.-Conn.), on the other hand, deserve a lot more heat than they’ve gotten so far. How clueless can they be to send thirteen “when did you stop beating your husband” questions to Grindr’s CEO and not notice that he’s based in Hong Kong? In fact, Grindr was bought last year by a Chinese company. Neither senator, though, bothers to ask where the database of gay Americans is stored and what access the Chinese government has to it? Or how that deal got through CFIUS. Sad! To coin a phrase.

Nick covers the big new internet-of-things botnet’s tryout and asks why it was the banks that got attacked. I’ve got some theories, as does Nick. Along the way, he dispenses advice for people who have just realized that their router is probably the weakest link in their home network’s security.

When does the first amendment allow researchers to violate websites’ terms of service? Judge John Bates has some preliminary answers in the Sandvik case, says Brian Egan, who thinks the case may turn into an important and perhaps unhappy ruling for websites in the future.

In other topics, Softbank is getting a CFIUS workout. YouTube’s demonetization policy leads to a mass shooting and suicide at company headquarters. Stingrays blanket the District of Columbia. And Keeper can’t even get through a news cycle about its lame lawsuit without another story about its lame security.

The Cyberlaw Podcast is hiring a part-time intern for our Washington, D.C. offices.

As always The Cyberlaw Podcast is open to feedback. Send your questions, suggestions for interview candidates or topics to CyberlawPodcast@steptoe.com or leave a message at +1 202 862 5785.

Download the 211th Episode (mp3).

Subscribe to The Cyberlaw Podcast here. We are also on iTunes, Pocket Casts, and Google Play (available for Android and Google Chrome)!

The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.

In the news roundup, Nick Weaver, Ben Wittes and I talk about the mild reheating of the encryption debate, sparked not just by renewed FBI pleading but by the collapse of the left-lib claim that building in access is impossible because math. The National Academy report on encryption access has demonstrated that access is practicable, with support from a group of prominent tech experts, such as Ray Ozzie, all of whom know math.

Speaking of law enforcement, it was a good week for cybercrime enforcement. Nick and I touch on two victories for the good guys, with the Carbanak mastermind busted in Spain and Yevgeny Nikulin extradited to the U.S. over Russian objections.

Meanwhile, the Department of Homeland Security is moving forward on one of the more significant efforts to prevent terrorist travel across borders by using social media data effectively. The agency will be requiring social media names (but not passwords) from visa applicants, according to a proposed rule now gathering comments. Maury Shenk, Ben, Nick, and I talk about the privacy and first amendment issues implicated by the policy. We don’t agree on most of those issues.

But we find surprising unanimity in mocking Julian Assange for deservedly losing his internet access at the Ecuador embassy. The panel even endorses Matt Green’s wicked suggestion for trolling Assange from the sidewalk outside Assange’s Ecuadoran squat.

We close with a quick sack dance over the prone form of Keeper Security, which has dropped its libel suit against Dan Goodin and Ars Technica, probably because it was going to lose; the defendants’ coverage of Keeper’s serious security problems was straight and fair. Bottom line: there are plenty of good password managers; why use one whose management sues to suppress news of its product’s security holes? When that sinks in, Keeper won’t just be a loser; here’s hoping it will be a weeper too.

Our interview with David Sanger covers the vulnerability of the US grid, the psychic income and electoral popularity that Vladimir Putin gets from crossing the West’s red lines, and whether we’d be better off sparking an escalating set of cyberattacks now or later.

If the last question reminds you that John Bolton will soon be the national security adviser, you’re not alone. We take a few minutes off from plumbing cyberlaw to exploring just what kind of national security adviser Bolton will be. My bottom line: better than his reputation, and maybe much better.

Maury Shenk, Ben Wittes and Stewart Baker (left to right)

Steptoe partner Stewart Baker with David Sanger

As always The Cyberlaw Podcast is open to feedback. Send your questions, suggestions for interview candidates or topics to CyberlawPodcast@steptoe.com or leave a message at +1 202 862 5785.

The Cyberlaw Podcast is hiring a part-time intern for our Washington, DC offices. If you are interested, visit our website at Steptoe.com/careers.

Download the 210th Episode (mp3).

Subscribe to The Cyberlaw Podcast here. We are also on iTunes, Pocket Casts, and Google Play (available for Android and Google Chrome)!

The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.

It was a cyberlaw-packed week in Washington. Congress jammed the CLOUD Act into the omnibus appropriations bill, and boom, just like that, it’s law. Say goodbye to the Microsoft Ireland case just argued in the Supreme Court. Maury Shenk offers a view of the Act from the United Kingdom, the most likely and maybe the only beneficiary of the Act. Biggest losers? For sure, the ACLU and EFF and their ilk, who were more or less rendered irrelevant when they lost the funding and implicit backing of Silicon Valley business interests.

But wait, there’s more congressional action, and it is bad news for Silicon Valley business interests. For the first time, the immunity conferred on social media platforms by Section 230 of the Communications Decency Act has been breached. Jamil Jaffer and I discuss FOSTA/SESTA, adopted this week. In theory, the act only criminalizes media platforms that intentionally promote or facilitate prostitution, but any platforms that actually read their own content are likely at risk. Which is what Craigslist concluded, killing its personals section in response to the act. Worse for Silicon Valley, this may just be the beginning, as its unpopularity with left and right alike starts coming home to roost.

Not to be upstaged by Congress, President Trump announces a plan to impose $60 billion in tariffs on Chinese goods and new investment limits on Chinese money. Sue Esserman explains the plan and just how serious an issue it’s addressing.

Jim Lewis tells us about the FCC’s rumored plan to pile on Chinese telecom manufacturers, adopting a rule to bar the use of Universal Service funds to purchase Chinese telecom infrastructure gear. If we want to keep China out of our telecom infrastructure, he says, we should be prepared to pay a hefty price.

In any other week, Jim and Jamil would get to spend quality time chewing over the indictment and sanctioning of Iranian hackers charged with massive thefts of intellectual property. Not this week. They give their bottom line up front: Indictments and sanctions are a good first step but can’t be our only response.

Speaking of hating Silicon Valley, there’s a wave of criticism—and a lawsuit—building against Uber in what may be a self-driving car accident that better tech could have prevented. Jamil urges caution in reaching conclusions.

We barely have time for the massive flap over Facebook and Cambridge Analytica. Still, I can’t help noting that in 2012, when the Obama campaign bragged about stripping the social graph of its Facebook followers, there was no privacy scandal. Today, after Cambridge Analytica made dubious claims to have done something similar, the EU’s Vera Jourova sees a “threat to democracy.” If you’re a conservative who supports new privacy attacks on Facebook, don’t blame me when it turns out that the new privacy law is weaponized against the right, just as the old one has been.

And, as a token bit of international news, China’s social credit system is being implemented in a totalitarian fashion that reminds me of Lyft’s embrace of the McCarthyite Southern Poverty Law Center, in that both systems deny transportation to those suffering from wrongthink. Maury Shenk says it also tells us something about the efficiency and clarity of authoritarian uses of new technology.

Speaking of wrongthink, Google’s YouTube is banning firearms demo videos. Some of the banned videos may soon be hosted on Pornhub, which at least allows all those guys who used to read Playboy “for the articles” to visit pornhub “for the gun instructional videos.”

Finally, for our interview, Cyberlaw Podcast joins forces with the hosts of National Security Law Today, a podcast of the ABA Standing Committee on Law and National Security.

We interview Michael Page of OpenAI, a nonprofit devoted to a nonprofit devoted to developing safe and beneficial artificial intelligence. It’s a deep conversation, but lawyers will want to spend time with the latest study suggesting that AI reads contracts faster and better than most lawyers. Brrr!

As always The Cyberlaw Podcast is open to feedback. Send your questions, suggestions for interview candidates or topics to CyberlawPodcast@steptoe.com or leave a message at +1 202 862 5785.

The Cyberlaw Podcast is hiring a part-time intern for our Washington, DC offices. If you are interested, visit our website at Steptoe.com/careers.

Download the 209th Episode (mp3).

Subscribe to The Cyberlaw Podcast here.  We are also on iTunes, Pocket Casts, and Google Play (available for Android and Google Chrome)!

The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm

All of Washington is mad at Silicon Valley these days, as our news roundup reveals. Democrats and the media have moved on from blaming Hillary Clinton’s loss on Vladimir Putin; now they’re blaming Facebook and Cambridge Analytica. Gus Hurwitz and I have doubts about the claims of illegality, but I reprise my frequent critique of privacy laws: They are uniquely likely to be enforced against those who annoy governing elites (because they’re so vague and disconnected from objectionable conduct that they can be enforced against almost anyone).

Alan Cohn describes the many regulatory agencies now feeling emboldened to take a whack at cryptocurrencies. He’s hopeful that only bad actors will actually feel the blow.

I lay out the remarkably aggressive and novel enforcement philosophy behind CFIUS’s rejection of the Broadcom-Qualcomm deal—and the steadily advancing congressional effort to regulate Silicon Valley’s Chinese connections more closely. That effort has featured some remarkably harsh political attacks on tech giants like IBM and General Electric.

Is all this hate for techies good or bad for the effort to re-impose net neutrality through the courts? The states? Stephanie Roy maps the terrain, which turns out to be every bit as muddled as you thought the last time you read about it.

Need another reason to hate technology? How about this: It’s soon going to kill someone. I explain the latest scary reports from Saudi Arabia’s industrial control system—and America’s.

Pressed for time, we do quick hits on stories that deserved more but got crowded out:

• Why you won’t go wrong betting that privacy zealots hate cybersecurity.
• Trouble in AMD’s chipsets raises backdoor and supply chain worries.
• Treasury sanctions the usual Russians for election meddling.
• Hal Martin’s dumb argument for making mass theft of classified documents harder (“Geez, who can keep track of a single document when you’re stealing terabytes?”) is rejected.
• And for those who wonder why the right is starting to hate Big Tech as much as the left, here’s one week’s worth of stories from Silicon Valley that got heavy attention from conservative sites:

Finally, our interview is with Pete Chronis, Turner’s Chief Information Security Officer and author of a new book, The Cyber Conundrum. Pete lays out his vision for a cybersecurity moonshot, and the two of us explore particular cybersecurity remedies that make up the effort. We take detours to explore the vulnerabilities equities process, bot in the U.S. and in China. We also touch on the unwise purist stand being taken by IETF on TLS 1.3, which seems determined to offer internet users what might be called “Privacy and Insecurity—By Design.” (And to bring this post full circle, if you were wondering why ordinary people are getting sick of dancing to the tune of Silicon Valley engineers, the IETF’s stiff-necked and counterproductive position on security for corporate network users would be a good place to start.)

As always The Cyberlaw Podcast is open to feedback.  Send your questions, suggestions for interview candidates or topics to CyberlawPodcast@steptoe.com or leave a message at +1 202 862 5785.

The Cyberlaw Podcast is hiring a part-time intern for our Washington, DC offices. If you are interested, visit our website at Steptoe.com/careers.

Download the 208th Episode (mp3).

Subscribe to The Cyberlaw Podcast here. We are also on iTunes, Pocket Casts, and Google Play (available for Android and Google Chrome)!

The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.

Our interview this week is with Amb. Nathan Sales, the State Department’s counterterrorism coordinator. We cover a Trump administration diplomatic achievement in the field of technology and terrorism that has been surprisingly under covered (or maybe it’s not surprising at all, depending on how cynical you are about press coverage of the Trump administration). We also explore new terrorism technology challenges and opportunities in social media, State’s role in designating terrorists, the difference a decade can make in tech and terror policy, and how the ambassador lost his cowboy boots.

In the news roundup, China seems to be hiding behind half our stories this week. Brian Egan and I sift through the entrails of CFIUS’s pronouncements on the Qualcomm-Broadcom takeover fight charts, where Chinese competition in 5G is an ever-present subtext.

More broadly, we point to a flood of stories suggesting that the U.S. government is just beginning to struggle with the challenge posed by an economically strong adversary nation. These include accusations of “weaponized capital,” naïve and compromised US academic institutions, and what amounts to a Chinese intelligence-industrial-unicorn complex.

The SEC says digital coin exchanges may be unlawful; bitcoin takes a market hit. But Matthew Heiman, in his first appearance on the podcast, expresses some doubt about the SEC’s authority over many of the businesses the agency called out.

The SEC wants something else to worry about, maybe it should be paying more attention to the Internet Engineering Task Force, where techno-privacy zealots are getting ready to cripple the ability of business enterprises to secure their networks and comply with employee monitoring requirements. Living down to my rock-bottom view of privacy campaigners, the IETF seems to be saying that in order to signal their virtue on privacy issues, they are happy to sacrifice our security – and compliance with law.

Part of the problem may be a lack of technically sophisticated staffers in government; Matthew and Jamil Jaffer chew over the cyber staffing crisis in government, and what can be done about it.

Finally, Jamil and Matthew comment on FBI director Wray’s statement that the FBI is not looking to blow a regulatory whistle on data-breached companies that ask for the Bureau’s help.

Our guest interview is with Nathan Sales, ambassador-at-large and coordinator for counterterrorism at the State Department.

As always, the Cyberlaw Podcast is open to feedback. Send your questions, suggestions for interview candidates or topics to CyberlawPodcast@steptoe.com or leave a message at +1 202 862 5785.

The Cyberlaw Podcast is hiring a part-time intern for our Washington, DC offices. If you are interested, visit our website at Steptoe.com/careers.

Download the 207th Episode (mp3).

Subscribe to The Cyberlaw Podcast here. We are also on iTunes, Pocket Casts, and Google Play (available for Android and Google Chrome)!

The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.