Header graphic for print
Steptoe Cyberblog

Category Archives: International

Subscribe to International RSS Feed

The GitHub Attack and Internet Self-defense

Posted in China, Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

In an earlier post I talked about how the Chinese government has used its “Great Firewall” censorship machinery on an expanded list of targets – from its own citizens to ordinary Americans who happen to visit Internet sites in China.  By intercepting the ad and analytics scripts that Americans downloaded from Chinese sites, the Chinese… Continue Reading

The GitHub Attack, Part 1: Making International Cyber Law the Ugly Way

Posted in Cybersecurity and Cyberwar, International, Privacy Regulation, Security Programs & Policies

Over the past few years, the US government has invested heavily in trying to create international norms for cyberspace. We’ve endlessly cajoled other nations to agree on broad principles about internet freedom and how the law of war applies to cyberconflicts. Progress has been slow, especially with countries that might actually face us in a cyberwar…. Continue Reading

Steptoe Cyberlaw Podcast – Atlantic Council Panel

Posted in Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

Bonus Episode 78:  Dmitri Alperovitch, Harvey Rishikof, Stewart Baker, and Melanie Teplinsky debate whether the United States should start doing commercial espionage I know, I know, we promised that the Cyberlaw Podcast would go on hiatus for the month of August.  But we also hinted that there might be a bonus episode.  And here it… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Bruce Andrews

Posted in China, Cybersecurity and Cyberwar, Data Breach, International, Security Programs & Policies

Our guest for episode 77 is Bruce Andrews, the deputy secretary of the Commerce Department. Alan Cohn and I pepper Bruce with questions about export controls on cybersecurity technology, stopping commercial cyberespionage, the future of the NIST cybersecurity framework, and how we can get on future cybersecurity trade missions, among other things. In the news… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Annie Antón and Peter Swire

Posted in Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

Episode 76 of the podcast features the power couple of privacy and cybersecurity, Peter Swire and Annie Antón, both professors at Georgia Institute of Technology.  I question them on topics from the USA FREEDOM Act to the enduring gulf between writing law and writing code. In the news roundup, as our listeners have come to… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Michael Casey

Posted in Blockchain, Cybersecurity and Cyberwar, International, Privacy Regulation

Hip Hop Summit at Graceland: Michael Casey and Digital Money Bitcoin and the blockchain – how do they work and what do they mean for financial and government services and for consumers? And who holds massive stores of bitcoin that can’t be spent without solving one of the great financial mysteries of our time?  Our… Continue Reading

FinTech Bits: Bitcoin Is No Longer All Greek to the Greeks

Posted in Blockchain, International, Virtual Currency

In prior posts we’ve observed that the technology underlying Bitcoin – the “blockchain” – presents a world of possible applications unrelated to the use of Bitcoin as a currency. From securities settlement to remittances to asset transfer to the Internet of Things, the possibilities are endless, and some of the best and brightest minds in… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Catherine Lotrionte

Posted in China, Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies, Virtual Currency

Our guest commentator for episode 74 is Catherine Lotrionte, a recognized expert on international cyberlaw and the associate director of the Institute for Law, Science and Global Security at Georgetown University.  We dive deep on the United Nations Group of Government Experts, and the recent agreement of that group on a few basic norms for… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Robert Knake

Posted in China, Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

Our guest for Episode 73 is Rob Knake, currently the Council on Foreign Relations Senior Fellow for Cyber Policy and formerly with DHS, the White House, and the Richard Clarke finishing school for cybersecurity policymakers.  Rob and I are quickly embroiled in disagreement; as usual, I mock the cyberspace “norms” that Rob supports and disagree… Continue Reading

Steptoe Cyberlaw Podcast – Interview with James Baker

Posted in Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

James Baker, General Counsel of the FBI, is our guest on this week’s podcast. He fearlessly tackles the FBI’s aerial surveillance capabilities, stingrays, “Going Dark,” encryption, and the bureau’s sometimes controversial attribution of cyberattacks.  But he prudently punts on the Hack of the Century, refusing to reveal details of the FBI investigation into the Houston Astros… Continue Reading

New EU Data Protection Law: Are We There Yet?

Posted in International, Privacy Regulation, Security Programs & Policies

EU data protection (privacy) law is changing, albeit slowly.  After three years of intense discussions behind the scenes, the Council, the last of the EU institutions to reveal its hand, has finally managed to adopt a negotiating position on the General Data Protection Regulation or GDPR.  Three-way talks with the Commission and Parliament are confirmed… Continue Reading

Steptoe Cyberlaw Podcast – Interview with David Anderson

Posted in Blockchain, China, Cybersecurity and Cyberwar, Data Breach, PCLOB, Privacy Regulation, Security Programs & Policies, Virtual Currency

Privacy advocates are embracing a recent report recommending that the government require bulk data retention by carriers and perhaps web service providers, exercise extraterritorial jurisdiction over data stored abroad, and expand reliance on classified judicial warrants.  In what alternative universe is this true, you ask?  No need to look far.  That’s the state of the… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Dan Kaminsky

Posted in China, Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

Our guest for Episode 70 of the Cyberlaw Podcast is Dan Kaminsky, a famous cybersecurity researcher who found and helped fix a DNS security flaw.  Dan is now the Chief Scientist at WhiteOps, but I got to know him in an unlikely-bedfellows campaign against SOPA because of its impact on DNS security.  Dan and I… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Jason Brown

Posted in Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

Our guest for Episode 69 is Jason Brown, the Assistant to the Special Agent in Charge of the Cyber Intelligence Section at the US Secret Service.  We talk about the Secret Service’s Electronic Crimes Task Forces and their critical role in investigating data breaches affecting financial institutions, retailers and other companies.  We also discuss how… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Julian Sanchez

Posted in China, Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

Our guests for Episode 68 include Julian Sanchez, senior fellow at the CATO Institute where he studies issues at the busy intersection of technology, privacy, and civil liberties, with a particular focus on national security and intelligence surveillance. They also include the entire May meeting of ISSA- NOVA, which kindly invited the Cyberlaw Podcast to… Continue Reading

BIS Proposes Cybersecurity Export Control Rule: Significant Changes Possible

Posted in Cybersecurity and Cyberwar, International, Security Programs & Policies

On May 20, 2015, the Department of Commerce Bureau of Industry and Security (BIS) published a proposed rule affecting exports of intrusion software, surveillance systems, and related systems, equipment, software, and components.  The proposed rule provides for new and amended export control classification numbers (ECCNs) for these “cybersecurity items,” resulting in new licensing and reporting… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Dan Geer

Posted in Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

Our guest for Episode 67 is Dan Geer, a legendary computer security commentator and current CISO for In-Q-Tel.  We review Dan’s recommendations for improving computer security, including mandatory reporting of intrusions, liability for proprietary software, striking back at hackers, at least in some ways, and getting the government to purchase and fix vulnerabilities.  We agree… Continue Reading

Steptoe Cyberlaw Podcast – Triple Entente Beer Summit

Posted in China, Cybersecurity and Cyberwar, Data Breach, International, PCLOB, Security Programs & Policies

The Triple Entente Beer Summit was a great success, with an audience that filled the Washington Firehouse loft and a cast that mashed up Lawfare, Rational Security, and the Steptoe Cyberlaw Podcast.  We attribute the podcast’s freewheeling interchange to the engaged audience, our profound respect for each other, and, mostly, the beer. We begin by… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Bruce Schneier

Posted in China, Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

Episode 65 would be ugly if it weren’t so much fun.  Our guest is Bruce Schneier, cryptographer, computer science and privacy guru, and author of the best-selling Data and Goliath – a book I annotated every few pages of with the words, “Bruce, you can’t possibly really believe this.”  And that’s pretty much how the… Continue Reading

Triple Entente Beer Summit

Posted in Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

I hope you will join us on Thursday, May 7 from 6:00 pm – 9:00 pm for the “Triple Entente Beer Summit” at The Washington Firehouse (1626 North Capitol Street Northwest, Washington, DC).  This live recording of the three podcasts – Steptoe Cyberlaw Podcast, Lawfare Podcast, and Rational Security – will be your chance to meet… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Mary DeRosa

Posted in Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

Our guest for episode 64 of the Cyberlaw Podcast is Mary DeRosa, the chief lawyer for the National Security Council during the early years of the Obama Administration, and now a Distinguished Visitor at Georgetown University Law Center.  We ask Mary to walk us through a hypothetical set of NSC meetings on the Sony breach… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Alan Cohn

Posted in China, Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

Our guest for episode 63 of the Cyberlaw Podcast is Alan Cohn, former Assistant Secretary for Strategy, Planning, Analysis & Risk in the DHS Office of Policy and a recent addition at Steptoe.  Alan brings to bear nearly a decade of experience at DHS to measure the Department’s growth.  He explains how it has undertaken… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Dmitri Alperovitch

Posted in China, Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

Our guest for Episode 62 is is Dmitri Alperovitch, co-founder and CTO of CrowdStrike Inc. and former Vice President of Threat Research at McAfee.  Dmitri unveils a new Crowdstrike case study in which his company was able to impose high costs on an elite Chinese hacking team.  The hackers steadily escalated the sophistication of their… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Joseph Nye

Posted in China, Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

Our guest for episode 61 of the Cyberlaw podcast is Joseph Nye, former dean of the Kennedy School at Harvard and three-time national security official for State, Defense, and the National Intelligence Council.  We get a magisterial overview of the challenge posed by cyberweapons, how they resemble and differ from nuclear weapons, and (in passing)… Continue Reading