The Cyberlaw Podcast

Stewart Baker, Michael Vatis, Jason Weinstein, and Meredith Rathbone are joined by Juan Zarate, a senior adviser at the Center for Strategic and International Studies (CSIS), in a discussion of new credit cards may fall short on fraud control; FBI says warrants are not needed for stingrays; EU data supervisor presses for privacy overhaul in 2015; Lyft and Uber answer Senator Franken on privacy; NY District Attorney criticizes Apple, Google for phone encryption plans; German government sites shut down by cyberattack; Sony hackers ‘Got Sloppy' says FBI director; FBI asks for information sharing; FCC will continue punishing data security violations; Russia extends deadline for data localization; and French terror attacks will affect surveillance in both Europe and the US. In our second half, Juan Zarate offers his insights on US sanctions on North Korea following the Sony attack. The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.

Stewart Baker, Michael Vatis, Jason Weinstein, and Stephanie Roy are joined by Jim Lewis, a senior fellow and director of the Strategic Technologies Program at CSIS, in a discussion of: will fingerprint phone locks protect you from the police?; Google faces $18m fine from Dutch privacy watchdog; over 80% of dark net traffic goes to child abuse sites; German iron plant suffers severe damage due to cyberattack; NSA forced to disclose oversight reports of past violations; the FCC and FTC are increasingly policing the same beat, such as text message "cramming" and privacy and security failures; FBI investigates banks for revenge hacking of Iran; and an update on the Sony hack. In our second half, Jim Lewis offers his insights on China's approach to cyber conflict. The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.

Stewart Baker, Jason Weinstein, and Chris Conte, discuss this week in NSA: the FISA court renews the section 215 orders for metadata; the GCHQ allegedly broke into Belgacom; Russia's cyberattack of Turkish oil pipeline; amicus brief filed in support of Microsoft on behalf of Verizon, Cisco, HP, eBay, Salesforce, and Infor; Sony breach fallout continues to be severe; new rules from the SEC on cybersecurity; five cybersecurity bills pass in Congress; and Iranian hack of the Sands Casino Resort may be the first cyberattack on US soil. In our second half, we have an interview with Joanne McNabb, Director of Privacy Education and Policy for the California Attorney General's Office. The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.

Stewart Baker, Michael Vatis, Jason Weinstein, and Doug Kantor, discuss this week in NSA: Ryan Gallagher's NSA story on The Intercept is almost unreadable; this week in GCHQ: a British tribunal has cleared GCHQ of human rights violations; The perceived weakness of the US MLAT process; this week in Breaches: a ruling in the Target case results in actual law; Boston Hospital settles a breach case; and Sony Hack: Was it North Korea? What is the potential additional liability beyond that of a typical privacy breach. In our second half, we have an interview with returning guest, Shane Harris, senior writer at Foreign Policy magazine, where he covers national security, intelligence, and cyber security. Shane's book, His latest book, @War: The Rise of Military-Internet Complex, discusses the past, present and future of cyber-conflict. The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.

Stewart Baker, Michael Vatis, Jason Weinstein, and Doug Kantor, discuss this week in NSA: NSA's privacy officer, Becky Richards, gives an interview; Symantec claims to have uncovered a highly sophisticated piece of malware developed by state-sponsored "English speakers;" Angela Merkel's phone was also tapped by the British, the Chinese, the Russians and the North Koreans; the Supreme Court hears an argument about when online abuse passes from colorful rap-lyric imitation to prosecutable threats; what the newly republican-dominated Congress means for cybersecurity; an overview of the growing library of lawsuits against Home Depot; US tech companies come under fire by the Article 29 Working Party; the Justice Department has a success in its campaign against spyware; and the All Writs Act may now be a part of the future of US tech companies. In our second half, we interview Troels Oerting, the Assistant Director and Head of European Cybercrime Centre (EC3), as well as the Head of Counter Terrorist and Financial Intelligence Centre (CTFC). The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.

In our forty-fourth episode of the Steptoe Cyberlaw Podcast, Stewart Baker, Michael Vatis, and Jason Weinstein, discuss:  This week in NSA: Section 215 appears to be sticking around; NSA director, Admiral Michael Rogers, is warning that China has the ability to bring down the electric grid in the United States  Insecam's massive criminal confession has come to an end  This week in the FTC: The long running Wyndham dispute is going to mediation; The FTC settles with TRUSTe  AT&T has filed an amicus brief demanding clearer standards before the government can get access to location information  Baltimore abandons a criminal case to keep from describing the technology and how it's used  This week in the right to be forgotten: Google's Global Privacy Council, Peter Fleischer, disclosed new details about how the search giant administers the right; Norway has adopted the doctrine; France fines Google for refusing to apply a French defamation takedown order to its Google.com domain  Uber comes under fire over its ability to routinely track where people are going and to compile a dossier on someone if it wants to In our second half, we interview Salvatore Stolfo, Professor at Columbia University's Computer Science Department and the CEO of Allure Software. The Cyberlaw Podcast is now open to feedback. Send your questions, suggestions for interview candidates or topics to CyberlawPodcast@steptoe.com. If you'd like to leave a message by phone, contact us at +1 202 862 5785. Download the forty-fourth episode (mp3). Subscribe to the Cyberlaw Podcast here. We are also now on iTunes and Pocket Casts! The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm

Stewart Baker, Michael Vatis, Jason Weinstein, and Markham Erickson discuss this week in NSA: the USA Freedom Act is showing signs of life as Sen. Reid promises Sen. Leahy floor time in the lame duck session; the US raises cyber charges against China; the week's new feature the "Law Behind the Headlines": Insecam website streams video from surveillance cameras still using manufacturers' default login credentials; law enforcement uses flying DRT Boxes and ground-based stingrays to imitate cell towers and accurately locate particular phones; the Ninth Circuit will revisit the "Innocence of Muslims" copyright ruling; this week in data breaches: Anthem Blue Cross puts medical advice and data in the subject line of its emails to patients; Argentina's Supreme Court joins the debate over search engine liability; and Google weighs in on another privacy issue, taking Europe's side in the debate over whether and how non-Americans should be covered by the Privacy Act. In our second half, we interview Ambassador Sepulveda, Deputy Assistant Secretary of State and US Coordinator for International Communications and Information Policy in the State Department's Bureau of Economic and Business Affairs (EB). The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.

In our forty-second episode of the Steptoe Cyberlaw Podcast, Stewart Baker, Michael Vatis, and Stephanie Roy are joined by Orin Kerr, computer crime law guru and professor of law at Georgetown Washington University, in a discussion of this week in NSA: both the NSA and GCHQ directors comment on Silicon Valley's data encryption policies; The election's effect on the bills intended to deal with the section 215 metadata program; The DC Circuit heard argument in the appeal of Judge Leon's famously exclamatory invalidation of the 215 metadata program; the Nebraska Supreme Court weighs in on the Supreme Court's decision in Riley; according to the Southern District of New York, webmail provider's terms of use determine whether the contents of webmail accounts are protected from government searches; they are also in the process of preparing to fight with a resistant phone manufacturer to get help unlocking a suspect's phone; the President comments on Net Neutrality; a Virginia court has ruled that suspects may be forced to apply their fingers to cellphones protected by fingerprint readers; Google finishes its "right to be forgotten" road trip in Europe; Sweden joins the UK in demanding continued retention despite a European Court of Justice ruling against the directive that originally led to retention requirements; and the financial industry calls for more activists government action relating to cybersecurity. The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.

Stewart Baker, Stephanie Roy, and Michael Vatis discuss Google's effort to implement the European Court of Justice's "right to be forgotten" decision; New York Court of Appeal's case on cyberbullying; Google's decision to promote more encryption; how stingray cell phone location systems work, and why the US marshals might seize stingray records from the Florida police; the regulatory issues that might be involved with using satellites to provide internet service to developing countries; this week in NSA: German prosecutors have opened a criminal investigation into the tapping of Angela Merkel's phone but not the hacking of her computer; and the EFF still wants NSA to hang on to more Americans' records than NSA wants to keep. In our second half we have an interview with Congressman Mike Pompeo (R-KS), a member of the House Intelligence Committee who joined the House in 2010.

Stewart Baker, Michael Vatis, and Jason Weinstein discuss this week in NSA: Edward Snowden's NBC interview and his claim to have raised concerns about the agency's intelligence programs before he launched his campaign of leaks; the New York Times' article on face recognition by the NSA; China responds to the indictment of its hackers by pointing to old Snowden documents; the FTC issues a report on data brokers; the LabMD litigation continues; Google starts to spell out how it will implement the right to be forgotten; NSL transparency is back in court; Iranian cyberattacks; and what happened with TrueCrypt. In our second half we have an interview with Ron Deibert, director of the Canada Centre for Global Security Studies and the Citizen Lab at the Munk School at the University of Toronto.

In our twenty-first episode of the Steptoe Cyberlaw Podcast, Stewart Baker, Maury Schenk, Michael Vatis, and Jason Weinstein discuss this week in NSA: The House passage of the USA Freedom bill; LabMD goes to trial; China lashes back over the Justice Department's indictment of PLA members; Apple loses a preliminary fight over its liability for the privacy practices of third party apps; the Blackshades indictments; the mild treatment given to the Anonymous hacker, Sabu; and California's Attorney General's guidance on how to comply with California's latest privacy law. In our second half, we have an interview with Peter Schaar, a proponent of the right to be forgotten and an eminent former data protection chief. From 2003 to 2013, Peter was the Federal Commissioner for Data Protection and Freedom of Information. He is currently Chairman of the European Academy for Freedom of Information and Data Protection (EAID) and a guest lecturer at the University of Hamburg.

In our twentieth episode of the Steptoe Cyberlaw Podcast, Stewart Baker, Stephanie Roy, and Michael Vatis discuss Breaking News: American counterattack on Chinese cyberspying - the indictment of several PLA members for breaking into US computers to steal commercial information; this week in NSA: It turns out that telcos did challenge the 215 program; Glenn Greenwald's book claims that NSA considers Israel the most effective at spying on the US after China and Russia; Greenwald also says that NSA modifies equipment after it's been sold to make hacking easier; and Greenwald's book has now been leaked to Bittorrent; it looks as though LabMD is down to one lawsuit; the Justice Department released a statement that some kinds of information sharing don't violate the antitrust laws. Now it's put out a white paper saying that ISPs can release aggregate information about cybersecurity without violating the Stored Communications Act's prohibition on releasing customer information; net neutrality and the difference between Title II and section 706 as a basis for net neutrality; and the European Court of Justice's embrace of the "right to be forgotten" In our second half, we have an interview with Shane Harris, senior writer at Foreign Policy magazine, where he covers national security, intelligence, and cyber security. Shane's book, The Watchers, offered thoughtful insights into the rise of surveillance in America.

Stewart Baker and Michael Vatis discuss this week in NSA: Al-Jazeera gets an exclusive on e-mails where google execs turn down NSA invitations and talk briefly about online security threats; the State Department's Coordinator for Cyber Issues; Oracle wins a Federal Circuit victory over Google, establishing that APIs can be copyrighted; New York State issues a short report on bank cybersecurity practices and promises to start asking banks about these practices in inspections; in other litigation, LabMD claims a victory over the FTC, and we interview LabMD's CEO, Michael Daugherty; the ACLU argues that criminal defendants who are acquitted should have no more privacy rights than those who are convicted; Zynga and Facebook get a reprieve from the Court of Appeals, but can face lawsuits under state law for breach of contract; and Snapchat finds itself exposed at the FTC. In our second half, we have an interview with Chris Painter, the State Department's Coordinator for Cyber Issues. Chris discusses norms in cyberconflict, MLAT reform, Brazil's recent Net Mundial conference, and much more.

In our eighteenth episode of the Steptoe Cyberlaw Podcast, Stewart Baker and Michael Vatis discuss this week in NSA: The internal NSA briefing memo surmising that GCHQ probably hoped to expand its access to PRISM data; Microsoft loses a big case before a magistrate in SDNY, who rules that the government can enforce warrants requiring Microsoft to produce data stored abroad; The Supreme Court hears oral argument over cell phone searches incident to arrest; The White House has released a couple of reports on Big Data—one from the PCAST and one from John Podesta's group—along with several recommendations; The White House also released guidance on when NSA will exploit cybersecurity flaws and when it will try to fix them; GCHQ's own independent monitor has released a long and favorable report; and data breaches claim their first CEO, as Target makes room at the top. In our second half, we have an interview with Brian Krebs, the noted security researcher behind Krebs on Security. Brian comments on the week's news before giving us an interview on the latest in Russian cybercrime.

In our seventeenth episode of the Steptoe Cyberlaw Podcast, Stewart Baker, Stephen Heifetz, Stephanie Roy, Michael Vatis, and Jason Weinstein discuss this week in NSA: No new scandal stories but the principal new release came from the US government and consisted of a FISA court ruling that took apart the only decision declaring NSA's section 215 metadata program illegal - Judge Leon's opinion in Klayman; the top story this week is the claim that the FCC is gutting net neutrality; the New York Times' story suggesting that the FBI may have used Anonymous to help compromise foreign nations' networks; the cell phone warrant case; the Aereo case; Magistrate Facciola's approach to warrants, and DOJ's method to appeal his latest ruling; and DHS' announcement that it has notified all critical infrastructure companies that they are considered critical. In our second half, we have an interview with two government CFIUS experts, Elana Broitman, a deputy assistant secretary at DOD and Shawn Cooley, who manages DHS's participation in CFIUS as well as Team Telecom.