Header graphic for print
Steptoe Cyberblog

Category Archives: Data Breach

Subscribe to Data Breach RSS Feed

Steptoe Cyberlaw Podcast – Interview with Tom Finan

Posted in Cybersecurity and Cyberwar, Data Breach, Privacy Regulation, Security Programs & Policies

Our guest today is Tom Finan, Senior Cybersecurity Strategist and Counsel at DHS’s National Protection and Programs Directorate (NPPD), where he is currently working on policy issues related to cybersecurity insurance and cybersecurity legislation.  Marc Frey asks him why DHS, specifically NPPD, is interested in cybersecurity insurance, what trends they are seeing in this space for… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Shaun Waterman

Posted in Cybersecurity and Cyberwar, Data Breach, Privacy Regulation, Security Programs & Policies

Our guest for the podcast is Shaun Waterman, editor of POLITICO Pro Cybersecurity.  Shaun is an award-winning journalist who has worked for the BBC and United Press International; and an expert on counterterrorism and cybersecurity. We begin as usual with the week’s NSA news.  NSA has released its second privacy transparency report.  We’ve invited Becky… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Rob Corbet

Posted in Cloud Computing, Cybersecurity and Cyberwar, Data Breach, International, Security Programs & Policies

Our guest today is Rob Corbet, a partner and head of the Technology & Innovation group in Arthur Cox, a large Irish law firm.  Ireland is a uniquely important jurisdiction for US companies dealing with data protection issue.  I ask whether Ireland’s role is going to become more or less powerful under the proposed revision, … Continue Reading

Steptoe Cyberlaw Podcast – Interview with Admiral David Simpson

Posted in Cybersecurity and Cyberwar, Data Breach, Privacy Regulation, Security Programs & Policies

Our guest today is Admiral David Simpson, Chief of the FCC’s Public Safety and Homeland Security Bureau.  Admiral Simpson has more than 20 years of Information and Communications Technology experience supporting the Department of Defense.  Adm. Simpson is joined by Clete Johnson, his Chief Counsel for Cybersecurity.  The interview digs deep into Chairman Wheeler’s cybersecurity… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Julian Sanchez

Posted in Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

For those who think the podcast is best when we have a guest from the opposite end of the political spectrum, episode 35 should be a treat.  (We’re late this week, but it will be well worth the wait.)  Our guest is Julian Sanchez, a senior fellow at the Cato Institute who studies surveillance and… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Phyllis Schneck

Posted in Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

Our guest this week is Dr. Phyllis Schneck, the Deputy Undersecretary for Cybersecurity for the Department of Homeland Security’s National Protection and Programs Directorate (NPPD).  She and Marc Frey, Senior Director in Steptoe’s DC office and former Chief of Staff at DHS’s Office of Policy Development, discuss the status of cybersecurity legislation and DHS’s highest… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Orin Kerr

Posted in China, Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

Our guest this week is Orin Kerr, professor of law at George Washington University and well-known scholar in computer crime law and Internet surveillance.  Orin is our second return guest, and he demonstrates why, opining authoritatively on the future of NSA’s 215 program and the “mosaic” theory of fourth amendment privacy as well as joining… Continue Reading

Steptoe Cyberlaw Podcast – Interview with David Hoffman

Posted in Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

We’re back!  After a much needed hiatus, during which we shared wilderness paths with bison, woke up to wolf cries, and celebrated the value of ibuprofen, the Steptoe Cyberlaw Podcast is back on the net. The hiatus allows us to cover this month in NSA, which is a good thing, because the Snowden News Machine… Continue Reading

As Evidence Mounts, It’s Getting Harder to Defend Edward Snowden

Posted in Cybersecurity and Cyberwar, Data Breach, Privacy Regulation, Security Programs & Policies

The evidence is mounting that Edward Snowden and his journalist allies have helped al Qaeda improve their security against NSA surveillance.  In May, Recorded Future, a predictive analytics web intelligence firm, published a persuasive timeline showing that Snowden’s revelations about NSA’s capabilities were followed quickly by a burst of new, robust encryption tools from al… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Richard Danzig

Posted in Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

Wow, that was quick. I haven’t even turned on the air conditioning at home yet, and already we’ve done the last podcast of the summer.  The Steptoe Cyberlaw Podcast will go on hiatus for August and return after Labor Day! This week in NSA: The Senate Judiciary Committee, the most anti-NSA of the Senate committees… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Orin Kerr

Posted in China, Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

Our guest this week is noted computer law guru Orin Kerr, and the podcast is a deep dive into technology and law. This Week in NSA:  Snowden claims without substantiation that NSA employees are passing naked pix around.  And Greenwald’s venture reports that GCHQ has developed the ability to send spam and to rig web… Continue Reading

Steptoe Cyberlaw Podcast – Interview with David Medine

Posted in Cybersecurity and Cyberwar, Data Breach, International, PCLOB, Privacy Regulation, Security Programs & Policies

Our guest this week is Chairman of the Privacy and Civil Liberties Oversight Board (PCLOB), David Medine. We do a deep dive into the 702 program and the PCLOB’s report recommending several changes to it. Glenn Greenwald’s much-touted “fireworks finale” story on NSA may have fizzled, but this week David and I deliver sparks to… Continue Reading

Steptoe Cyberlaw Podcast – Interview with David Heyman

Posted in Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

Our guest this week is David Heyman, who recently completed a tour as DHS’s Assistant Secretary for Policy (my old job). David has had a long and productive career in homeland security, in government, and in the private sector. We take a tour of DHS’s horizon, covering DHS’s impressive progress in cybersecurity implementation, the Quadrennial… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Dmitri Alperovich

Posted in China, Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

This week in NSA: We take a look at the other half of the Lofgren amendment, which prohibits NSA and CIA from asking a company to “alter its product or service to permit electronic surveillance.”  So if Mullah Omar orders a phone from Amazon, the government can’t ask Amazon to put a bug in it… Continue Reading

“Groundhog Day” for Data Breaches

Posted in Data Breach, Security Programs & Policies

Here we go again.  A prominent company suffers a data breach.  The company publicly alerts its customers.  The company almost immediately finds itself the subject of inquiries from Congress and the target of investigations by regulators.  Before long, class action lawyers will crank out complaints as if they’re Mad Libs, filling in the name of… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Alex Joel

Posted in China, Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

Our guest for Episode 16 of the Steptoe Cyberlaw Podcast is Alex Joel, and he gets plenty of tough questions: Is it a violation of the new Obama administration policy directive for the intelligence community to look for evidence that Vladimir Putin is gay?  How did DNI Clapper manage to make his fateful misrepresentation to… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Daniel Sutherland

Posted in Cybersecurity and Cyberwar, Data Breach, Security Programs & Policies

In this week’s episode, we explore the latest FOIA tussle between the FBI and ACLU over NSA and the dog-bites-man story of Larry Klayman losing another long-shot appeal. This Week in NSA focuses on the Bloomberg story claiming that the agency is exploiting the Heartbleed flaw. Kudos to NSA for managing to persuasively deny the… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Benjamin Wittes

Posted in Cybersecurity and Cyberwar, Data Breach, Privacy Regulation, Security Programs & Policies

This week’s podcast features a conversation with none other than Lawfare’s own Ben Wittes. But it begins as usual with This Week in NSA: A Reuters story claims that researchers showed something bad about the way NSA influenced the Dual EC encryption standard.  The story glided insouciantly over two of the more newsworthy aspects of… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Michael Allen

Posted in Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

Our special guest this week is Michael Allen, former Majority Staff Director of the House intelligence committee.  Mike is the founder of Beacon Global Strategies and the author of Blinking Red, the story of the creation of the Director of National Intelligence. We drag him into the program from the beginning, getting his take on… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Dan Novack

Posted in Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

This week’s podcast covers the latest on NSA.  We mock EFF overriding one of the privacy protections in NSA’s metadata program by killing the 5-year retention limit.  We puzzle over the New York Times story on “raw take.”  What exactly is the news there?  We also ask whether NSA and the telcos will end up… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Adam Sedgewick

Posted in Cybersecurity and Cyberwar, Data Breach, International, Security Programs & Policies

In our ninth episode of the Steptoe Cyberlaw Podcast, Stewart Baker, Michael Vatis, and Jason Weinstein discuss: This week in NSA/Snowden: NSA weighs options for 215 data and the Office of the Director of National Intelligence will not disclose the study of storage options; GCHQ’s webcam captures; Canadian extradition flap; ABA President sends letter to… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Ed Stroz

Posted in Cybersecurity and Cyberwar, Data Breach, International, Security Programs & Policies

In our eighth episode of the Steptoe Cyberlaw Podcast, Stewart Baker, Michael Vatis, Jason Weinstein and guest commentators Stephen Heifetz and Stephanie Roy discuss: This week in NSA/Snowden: Law Firm Surveillance Report Cited in Legal Challenge and Report: American law firm’s communications spied on; Merkel Backs Plan to Keep European Data in Europe and EU… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Steve Chabinsky

Posted in Cybersecurity and Cyberwar, Data Breach, Security Programs & Policies

In our seventh episode of the Steptoe Cyberlaw Podcast, Jason Weinstein discusses: This week in NSA: Clapper says Snowden exploited perfect storm of security lapses/Snowden swiped password from NSA coworker; FISA Court backs Pres. Obama’s changes to phone metadata program/government seeking info about private sector’s ability to hold the data; Rand Paul sues Pres. Obama… Continue Reading