Header graphic for print
Steptoe Cyberblog

Category Archives: Privacy Regulation

Subscribe to Privacy Regulation RSS Feed

Steptoe Cyberlaw Podcast – Interview with Alex Joel

Posted in China, Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

Our guest for Episode 16 of the Steptoe Cyberlaw Podcast is Alex Joel, and he gets plenty of tough questions: Is it a violation of the new Obama administration policy directive for the intelligence community to look for evidence that Vladimir Putin is gay?  How did DNI Clapper manage to make his fateful misrepresentation to… Continue Reading

Retain Locally, Comply Globally

Posted in International, Privacy Regulation, Security Programs & Policies

We used to talk about the “borderless” environment of the Internet.  These days, that view is looking increasingly outmoded and utopian, in large part because of the intersection of law enforcement and privacy concerns.  Steady increases in regulation (and enforcement of existing regulation) in these areas is increasingly prompting two types of responses by global… Continue Reading

European Court Invalidates Data Retention Directive, Time to Rethink

Posted in International, Privacy Regulation

Depending on the new Commission’s level of ambition when it takes office in the Autumn, this week’s European Court of Justice preliminary ruling (Cases C-293/12 and C-594/12), which found a 2006 Directive invalid, could prove an opportunity to re-think the EU approach to privacy and protecting personal data. When we think about the EU and… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Benjamin Wittes

Posted in Cybersecurity and Cyberwar, Data Breach, Privacy Regulation, Security Programs & Policies

This week’s podcast features a conversation with none other than Lawfare’s own Ben Wittes. But it begins as usual with This Week in NSA: A Reuters story claims that researchers showed something bad about the way NSA influenced the Dual EC encryption standard.  The story glided insouciantly over two of the more newsworthy aspects of… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Michael Allen

Posted in Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

Our special guest this week is Michael Allen, former Majority Staff Director of the House intelligence committee.  Mike is the founder of Beacon Global Strategies and the author of Blinking Red, the story of the creation of the Director of National Intelligence. We drag him into the program from the beginning, getting his take on… Continue Reading

Debating Snowden

Posted in Cybersecurity and Cyberwar, International, Privacy Regulation, Security Programs & Policies

For some reason, debates about Snowden are thick on the ground these days, and I’ve joined a couple of them. The most fun was the Oxford Union, which has been preparing future Parliamentarians (and Prime Ministers) all around the British Commonwealth since 1823. The Oxford Union debate was “This House would call Edward Snowden a… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Jim Lewis

Posted in Cybersecurity and Cyberwar, International, Privacy Regulation, Security Programs & Policies

This week’s cyberlaw podcast begins as always with the week in NSA. We suspect that a second tech exec meeting with the President (for two hours!) bodes ill for the intelligence community, or at least the 215 metadata program, as does the shifting position of usually stalwart NSA supporters like Dianne Feinstein and Dutch Ruppersberger…. Continue Reading

Steptoe Cyberlaw Podcast – Interview with Dan Novack

Posted in Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

This week’s podcast covers the latest on NSA.  We mock EFF overriding one of the privacy protections in NSA’s metadata program by killing the 5-year retention limit.  We puzzle over the New York Times story on “raw take.”  What exactly is the news there?  We also ask whether NSA and the telcos will end up… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Mark Weatherford

Posted in Cybersecurity and Cyberwar, Privacy Regulation, Security Programs & Policies

In the latest episode of the Steptoe Cyberlaw Podcast, Jason Weinstein and I cover a host of topics. In the continuing NSA saga, we note the Director’s hints about a possible end to the broad collection of metadata – and the FISA court’s refusal to extend the 5-year retention deadline for NSA’s store of metadata…. Continue Reading

Steptoe Cyberlaw Podcast – Interview with John Rizzo

Posted in Cybersecurity and Cyberwar, Data Breach, Privacy Regulation, Security Programs & Policies

In our sixth episode of the Steptoe Cyberlaw Podcast, Stewart Baker, Michael Vatis, and Jason Weinstein discuss: This Week in NSA: Transparency reports disclose Foreign Intelligence Surveillance orders and telephony metadata program is not tracking as much as previously thought Target breach update: hackers got in through HVAC contractor and Senate Judiciary Committee hearing and… Continue Reading

Cyberlaw Podcast – Interview with Ellen Nakashima

Posted in Cybersecurity and Cyberwar, Data Breach, Privacy Regulation, Security Programs & Policies

In our fifth episode of the Steptoe Cyberlaw Podcast, Michael Vatis and Jason Weinstein discuss: Potential talks between the US and Snowden if he pleads guilty Senator Leahy’s view of Privacy and Civil Liberties Oversight Board; calls for end to 215 program during Senate hearing with AG; cyber researchers also call for end to program… Continue Reading

Cyberlaw Podcast – Interview with David Medine

Posted in Cybersecurity and Cyberwar, Privacy Regulation, Security Programs & Policies

In our fourth episode of the Steptoe Cyberlaw Podcast, Stewart Baker, Jason Weinstein, and guest commentator Steptoe partner Chris Conte, discuss: Privacy and Civil Liberties Oversight Board issues report Supreme Court grants cert on cell phone searches incident to arrest SEC’s National Examination Program identifies cybersecurity risk as exam priority Verizon transparency report FTC gets… Continue Reading

Republican National Committee draws fire for resolution condemning NSA

Posted in Cybersecurity and Cyberwar, Privacy Regulation, Security Programs & Policies

Almost immediately after the Republican National Committee adopted an error-filled resolution attacking the NSA and its telephone metadata program, current and former GOP officials took a strong stand against the RNC resolution: [T]he RNC resolution threatens to do great damage to the security of the nation. It would be foolhardy to end the program without… Continue Reading

Steptoe Cyberlaw Podcast – Episode Two

Posted in Privacy Regulation, Security Programs & Policies

Welcome to the next installment of the new Steptoe Cyberlaw Podcast. In our second episode, Stewart Baker, Michael Vatis, Jason Weinstein, and guest panelist Stephanie Roy predict what the President may say regarding the NSA; discuss the latest update in the Target and Nieman Marcus breaches; and explain the recent net neutrality decision. Download the… Continue Reading

Steptoe Cyberlaw Podcast

Posted in Privacy Regulation

We are pleased to offer a new component of the Steptoe Cyberblog, the Steptoe Cyberlaw Podcast.  The podcasts will be a weekly feature of the Cyberblog offering up the commentary and opinions of our authors on the latest events in technology, security, privacy, and government.  We hope you enjoy it! Download the first episode (mp3).

The Shorter Matt Blaze: NSA Hacking Is OK, As Long As We Take Away Its Best Hacking Tools

Posted in Privacy Regulation, Security Programs & Policies

Matt Blaze, a well-known public cryptographer and NSA critic, offered what seemed like a modest concession in the relentless campaign against NSA intelligence gathering: The NSA’s tools are very sharp indeed, even in the presence of communications networks that are well hardened against eavesdropping. How can this be good news? It isn’t if you’re a… Continue Reading

European Webmail Privacy: Even Worse Than I Thought

Posted in International, Privacy Regulation, Security Programs & Policies

I’ve been critical of the claim that European privacy law offers more protection against government surveillance than American law. Apparently not critical enough. An Ars Technica reporter with a pro-privacy inclination decided to seriously investigate using a German email system to get the benefits of European privacy law. His tale of disillusionment revealed three privacy… Continue Reading