Header graphic for print
Steptoe Cyberblog

Category Archives: International

Subscribe to International RSS Feed

Steptoe Cyberlaw Podcast – Debate with Greg Nojeim and Jamil Jaffer

Posted in Cybersecurity and Cyberwar, Data Breach, International, Security Programs & Policies

155: Debating Hackback Episode 155 of the podcast offers something new:  equal time for opposing views.  Well, sort of, anyway.  In place of our usual interview, we’re running a debate over hacking back that CSIS sponsored last week.  I argue that US companies should be allowed to hack back; I’m opposed by Greg Nojeim, Senior… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Matt Tait

Posted in China, Cybersecurity and Cyberwar, International, Privacy Regulation, Security Programs & Policies

Episode 153:  Fancy Bear, Cozy Bear, and … Sneaky Bear? In this episode, Matt Tait, aka @PwnAllTheThings, takes us on a tour of Russia’s cyberoperations.  Ever wonder why there are three big Russian intel agencies but only two that have nicknames in cybersecurity research?  Matt has the answer to this and all your other Russian… Continue Reading

Steptoe Cyberlaw Podcast – News Roundup with Paul Rosenzweig

Posted in Cybersecurity and Cyberwar, International, Security Programs & Policies

Episode 152: “Alexa, do you have first amendment rights?” Our guest for episode 152 is Paul Rosenzweig, and we tour the horizon with him. In the news roundup, Stephanie Roy outlines the deregulatory tangle around ISPs, privacy, security, and the FCC.  Maury Shenk briefs us on the European legislation authorizing the quashing of terrorist advocacy… Continue Reading

Steptoe Cyberlaw Podcast — Interview with John “Four” Flynn, Heather Adkins, and Troels Oerting

Posted in Cybersecurity and Cyberwar, International, Security Programs & Policies

In this episode, Stewart Baker goes to RSA and interviews the people that everyone at RSA is hoping to sell to – CISOs. In particular, John “Four” Flynn of Uber, Heather Adkins of Google, and Troels Oerting of Barclays Bank. We ask them what trends at RSA give them hope for the future, which make… Continue Reading

Cybersecurity and the Wassenaar Arrangement — What Needs to Be Done in 2017?

Posted in Cybersecurity and Cyberwar, International, Security Programs & Policies

Cyber threats move at Internet speed and so must cyber responders, to protect networks and data across the globe. Imagine the impact on cybersecurity if responders, innovators, and developers were told to pause and apply for an export license before responding to a threat. With a new round of international negotiations about to begin for… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Dominic Rochon and Patricia Kosseim

Posted in Cybersecurity and Cyberwar, Data Breach, International

Our interview features a classic “please don’t read this” headline: “Worthwhile Canadian Initiatives.”  We explore multiple worthwhile Canadian initiatives with Dominic Rochon, deputy chief of policy and communications for CSE, Canada’s version of the NSA and with Patricia Kosseim, general counsel and director general for policy at the Office of Canada’s Privacy Commissioner.  Among other… Continue Reading

2017 Global Cybersecurity Policy: Challenges & Highlights

Posted in Cybersecurity and Cyberwar, International

The growing dependence of states and societies on ICT systems means they face a higher risk of cyberattacks. Increasingly sophisticated hacking attacks target not only individual people and companies, but also highly developed countries. Although cyberattacks can have disastrous consequences, research shows that we still miss the mark in preparedness. Acknowledging the magnitude of the risk, global… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Jason Healey

Posted in Cybersecurity and Cyberwar, International, Privacy Regulation, Security Programs & Policies, Uncategorized

149:  Thigh-high boots and defense dominance Our guest for episode 149 of the podcast is Jason Healey, whose Atlantic Council paper, “A Nonstate Strategy for Saving Cyberspace,” advocates for an explicit bias toward cyber defense and the private sector.  He responds well to my skeptical questioning, and even my suggestion that his vision of “defense… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Corin Stone

Posted in Cybersecurity and Cyberwar, International, Privacy Regulation

Our guest for episode 148 of the podcast is Corin Stone, the Executive Director of the National Security Agency.  Corin handles some tough questions – should the new team dump PPD-28, how is morale at the agency after the Snowden and Shadowbroker leaks, and will fully separating Cyber Command from NSA mean new turf fights? … Continue Reading

Steptoe Cyberlaw Podcast – Interview with Jack Goldsmith

Posted in Cybersecurity and Cyberwar, International, Privacy Regulation

147: Introducing the Herman Kahn of Cyberspace Our guest interview is with Jack Goldsmith, Shattuck Professor of Law at Harvard and co-founder of Lawfare.  We explore his contrarian view of how to deal with Russian hacking, which leads to me praising (or defaming, take your pick) him as a Herman Kahn for cyberconflict.  Except what’s unthinkable… Continue Reading

Steptoe Cyberlaw Podcast – News Roundup

Posted in Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Uncategorized

Posse Comitatus: Latin for “Get off my turf”? Would it violate the Posse Comitatus Act to give DOD a bigger role in cybersecurity?  Michael Vatis and I call BS on the idea, which I ascribe to Trump Derangement Syndrome and Michael more charitably ascribes to a DOD-DHS turf fight. Should the FDA allow implants of… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Davis Hake and Nico Sell

Posted in Cybersecurity and Cyberwar, International, Security Programs & Policies

Episode 145:  What Donald Trump and “Occupy Wall Street” have in common We interview two contributors to CSIS’s Cybersecurity Agenda for the 45th President.  Considering the track record of the last three Presidents, it’s hard to be optimistic, but Davis Hake and Nico Sell offer a timely look at some of the most pressing policy… Continue Reading

Steptoe Cyberlaw Podcast – News Roundup

Posted in Cybersecurity and Cyberwar, International, Security Programs & Policies

We start 2017 the way we ended 2016, mocking the left/lib bias of stories about intercept law.  Remember the European Court of Justice decision that undermined the UK’s new Investigatory Powers Act and struck down bulk data retention laws around Europe?  Yeah, well, not so much.  Maury Shenk walks us through the decision and explains… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Matthew Green

Posted in Cybersecurity and Cyberwar, International, Security Programs & Policies

Vlad’s Botox Fresh off a redeye from Israel, I interview Matthew Green of the Johns Hopkins Information Security Institute.  Security news from the internet of things grows ever grimmer, we agree, but I get off the bus when Matt and the EFF try to solve the problem with free speech law. In the news roundup,… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Scott Charney

Posted in Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

We ask Rihanna to sum up the latest US-EU agreement: And that’s when you need me there With you I’ll always share … You can stand under my umbrella RiRi’s got the theory right:  The Umbrella Agreement was supposed to make sure the US and EU would always share law enforcement data.  But when the… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Paul Rosenzweig and Shane Harris

Posted in China, Cybersecurity and Cyberwar, Data Breach, Privacy Regulation

We couldn’t resist.  This week’s topic is of course President-elect Trump and what his election could mean for All Things Cyber.  It features noted cybercommentator Paul Rosenzweig and Daily Beast reporter Shane Harris.  In the news, we’re reminded of the old Wall Street saying that bulls and bears can both make money in the market… Continue Reading

EU to Update Export Control Regime and Controls on Cybertechnology

Posted in Cybersecurity and Cyberwar, International, Security Programs & Policies

On September 28, 2015 the European Commission (the Commission) released its proposal to “modernize and strengthen” the European Union’s (EU) dual-use export control regime as laid out by Regulation (EC) No. 428/2009 (the Regulation).  As Steptoe has previously advised, a version of the Commission’s proposal was leaked in July, prompting concern from industry and other… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Robert Silvers

Posted in Blockchain, Cybersecurity and Cyberwar, International, Security Programs & Policies

Our guest for the episode is Rob Silvers, the assistant secretary for cybersecurity policy at DHS.  He talks about what the government can and should do about newly potent DDOS attacks and the related problem of the Internet of Things.  The only good news: insecure debrillators and pacemakers may kill you, but they haven’t yet been… Continue Reading

Data Portability under EU GDPR: A Financial Services Perspective

Posted in International, Privacy Regulation

Philip Woolfson and I wrote an article for PL&B International about data portability, a new requirement of data protection law which will be introduced when the European Union General Data Protection Regulation (GDPR) applies on May 25, 2018.  Under this new regulation, data subjects have acquired a right to data portability (RDP). This article looks… Continue Reading

An EU General Data Protection Guide for the Insurance and Financial Services Sector

Posted in International, Privacy Regulation

To help prepare for the application of the European regulation on the protection of individuals with regard to the processing of personal data and on the free movement (the EU General Data Protection Regulation or GDPR), which will enter into force on May 25, 2018, Guy Soussan, Philip Woolfson, and I authored a commentary on the GDPR… Continue Reading

Steptoe Cyberlaw Podcast – Interview with John Carlin

Posted in China, Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

John Carlin leaves Justice:  We give him the good news and the bad news. Episode 134 features John Carlin’s swan song as assistant attorney general for national security.  We review the highs and lows of his tenure from a cybersecurity point of view and then look to the future, including how the US should respond… Continue Reading

Steptoe Cyberlaw Podcast – The Grugq

Posted in Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

(Groucho) Marxism and Red Lines in Cyberspace In episode 133, our guest is The Grugq, famous in hacker circles but less so among Washington policymakers.  We talk about the arrest of an NSA employee for taking malware and other classified materials home, the Shadow Broker leak of Equation Group tools, and the Grugq’s view that… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Ellen Nakashima

Posted in Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

In episode 132, our threepeat guest is Ellen Nakashima, star cyber reporter for the Washington Post.  Markham Erickson and I talk to her about Vladimir Putin’s endless appetite for identifying ‒ and crossing ‒ American red lines, the costs and benefits of separating NSA from Cyber Command, and the chances of a pardon for Edward… Continue Reading