I interview David Sanger in this episode on his new book, “The Perfect Weapon – War, Sabotage, and Fear in the Cyber Age.” It is an instant history of how the last five years have transformed the cyberwar landscape as dozens of countries follow a path first broken by Stuxnet. And then, to our horror, branch out into new and highly successful ways of waging cyberwar. Mostly against us.  David depicts an Obama administration paralyzed by the Rule of Lawyers and a fear that our opponents would always have one more rung than we did on the escalation ladder. The Trump administration also takes its lumps, sometimes fairly and sometimes not. At center stage in the book is Putin’s uniquely brazen and uniquely impactful use of information warfare, but the North Koreans and the Chinese also play major roles.  It is as close to frontline war reporting as cyber conflict is likely to get.

Stewart Baker with David Sanger

Cyberlaw news this week is dominated by a couple of Supreme Court decisions: In Carpenter the Court held 5-4 that warrants are required to collect a week of location data from cell phone companies. Michael Vatis lays out the ruling, and I complain that the Court has kicked off a generation of litigation over the issues this decision opens up but fails to address. Tune in as Michael invokes James Madison and I counter with Ben Franklin. Who knew that the founding fathers had so much to say about the third-party doctrine?

Speaking of Court decisions that write checks for others to redeem, the 5-4 Wayfair decision is equally insouciant about triggering a generation of litigation about when internet companies must collect sales tax. After 50 years of waiting for Congress to decide a question that is clearly better resolved by legislation than judicial rule, the Court gave up and struck down the holding that a physical presence was required before sales tax had to be collected. Pat Derdenger explains just how much litigation he’ll be involved in. To his plea that Congress step in, I repeat a line I first used 25 years ago: Why should a Republican Congress enable the collection of taxes it can’t spend?

North Korea may be our president’s best bud these days, but it’s still hacking banks and conducting cyberespionage, Matthew Heiman points out. Jim Lewis advances a Darwinian justification for letting the North Koreans keep it up.

Matthew and Jim also agree that Chinese hackers are getting stealthier—probably in part because they’re chiseling around the edges of their agreement not to steal commercial secrets from US firms. We also ask whether the Chinese have begun releasing data from their OPM hack to criminal actors.

David Sanger thinks not.

Our lack of a coherent cyberwar strategy is becoming apparent not just to adversaries but also to Congress, which is in the process of mandating a new commission on cyberwar strategy. Whether calling it Project Solarium, a hallowed name in defense thinking, will make the commission more successful remains to be seen.

The Administration is struggling to come up with privacy principles that can compete with GDPR. Matthew and I predict that it won’t succeed.

One last note: David Sanger is on a book tour—if you’re in the Washington, D.C. area, he will be hosting a talk and book signing at Politics & Prose on Thursday, June 28, at 7pm.

Download the 223rd Episode (mp3).

You can subscribe to The Cyberlaw Podcast using iTunes, Pocket Casts, Google Play, or our RSS feed!

As always, The Cyberlaw Podcast is open to feedback. Send your questions, comments, and suggestions for topics or interviewees to CyberlawPodcast@steptoe.com or leave a message at +1 202 862 5785. Remember: If your suggested interviewee appears on the show, we will send you a highly coveted Cyberlaw Podcast mug!

The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.