Header graphic for print
Steptoe Cyberblog

Tag Archives: EU

Steptoe Cyberlaw Podcast — News Roundup

Posted in Cybersecurity and Cyberwar, International, Security Programs & Policies

Episode 161: News Roundup In this episode, Alan Cohn and Maury Shenk look at questions in Europe and elsewhere in Stewart’s absence.  Maury delves into why Google was ordered to turn over foreign data accessible from US, a decision that seems at odds with the Microsoft Ireland case.  Alan considers claims made by David Sanger… Continue Reading

Steptoe Cyberlaw Podcast – Debate with Greg Nojeim and Jamil Jaffer

Posted in Cybersecurity and Cyberwar, Data Breach, International, Security Programs & Policies

155: Debating Hackback Episode 155 of the podcast offers something new:  equal time for opposing views.  Well, sort of, anyway.  In place of our usual interview, we’re running a debate over hacking back that CSIS sponsored last week.  I argue that US companies should be allowed to hack back; I’m opposed by Greg Nojeim, Senior… Continue Reading

Steptoe Cyberlaw Podcast – News Roundup with Paul Rosenzweig

Posted in Cybersecurity and Cyberwar, International, Security Programs & Policies

Episode 152: “Alexa, do you have first amendment rights?” Our guest for episode 152 is Paul Rosenzweig, and we tour the horizon with him. In the news roundup, Stephanie Roy outlines the deregulatory tangle around ISPs, privacy, security, and the FCC.  Maury Shenk briefs us on the European legislation authorizing the quashing of terrorist advocacy… Continue Reading

2017 Global Cybersecurity Policy: Challenges & Highlights

Posted in Cybersecurity and Cyberwar, International

The growing dependence of states and societies on ICT systems means they face a higher risk of cyberattacks. Increasingly sophisticated hacking attacks target not only individual people and companies, but also highly developed countries. Although cyberattacks can have disastrous consequences, research shows that we still miss the mark in preparedness. Acknowledging the magnitude of the risk, global… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Jack Goldsmith

Posted in Cybersecurity and Cyberwar, International, Privacy Regulation

147: Introducing the Herman Kahn of Cyberspace Our guest interview is with Jack Goldsmith, Shattuck Professor of Law at Harvard and co-founder of Lawfare.  We explore his contrarian view of how to deal with Russian hacking, which leads to me praising (or defaming, take your pick) him as a Herman Kahn for cyberconflict.  Except what’s unthinkable… Continue Reading

Steptoe Cyberlaw Podcast – News Roundup

Posted in Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Uncategorized

Posse Comitatus: Latin for “Get off my turf”? Would it violate the Posse Comitatus Act to give DOD a bigger role in cybersecurity?  Michael Vatis and I call BS on the idea, which I ascribe to Trump Derangement Syndrome and Michael more charitably ascribes to a DOD-DHS turf fight. Should the FDA allow implants of… Continue Reading

Steptoe Cyberlaw Podcast – News Roundup

Posted in Cybersecurity and Cyberwar, International, Security Programs & Policies

We start 2017 the way we ended 2016, mocking the left/lib bias of stories about intercept law.  Remember the European Court of Justice decision that undermined the UK’s new Investigatory Powers Act and struck down bulk data retention laws around Europe?  Yeah, well, not so much.  Maury Shenk walks us through the decision and explains… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Matthew Green

Posted in Cybersecurity and Cyberwar, International, Security Programs & Policies

Vlad’s Botox Fresh off a redeye from Israel, I interview Matthew Green of the Johns Hopkins Information Security Institute.  Security news from the internet of things grows ever grimmer, we agree, but I get off the bus when Matt and the EFF try to solve the problem with free speech law. In the news roundup,… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Scott Charney

Posted in Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

We ask Rihanna to sum up the latest US-EU agreement: And that’s when you need me there With you I’ll always share … You can stand under my umbrella RiRi’s got the theory right:  The Umbrella Agreement was supposed to make sure the US and EU would always share law enforcement data.  But when the… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Jonathan Zittrain

Posted in Cybersecurity and Cyberwar, Security Programs & Policies

Jonathan Zittrain, who holds a surfeit of titles at Harvard, is our guest for episode 136.  Among other topics, we explore the implications of routine doxing of political adversaries.  Along the way I extract kind words from Jonathan for Sarah Palin and welcome him to the club of those who think mass doxxers are evil punks. … Continue Reading

EU to Update Export Control Regime and Controls on Cybertechnology

Posted in Cybersecurity and Cyberwar, International, Security Programs & Policies

On September 28, 2015 the European Commission (the Commission) released its proposal to “modernize and strengthen” the European Union’s (EU) dual-use export control regime as laid out by Regulation (EC) No. 428/2009 (the Regulation).  As Steptoe has previously advised, a version of the Commission’s proposal was leaked in July, prompting concern from industry and other… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Robert Silvers

Posted in Blockchain, Cybersecurity and Cyberwar, International, Security Programs & Policies

Our guest for the episode is Rob Silvers, the assistant secretary for cybersecurity policy at DHS.  He talks about what the government can and should do about newly potent DDOS attacks and the related problem of the Internet of Things.  The only good news: insecure debrillators and pacemakers may kill you, but they haven’t yet been… Continue Reading

Data Portability under EU GDPR: A Financial Services Perspective

Posted in International, Privacy Regulation

Philip Woolfson and I wrote an article for PL&B International about data portability, a new requirement of data protection law which will be introduced when the European Union General Data Protection Regulation (GDPR) applies on May 25, 2018.  Under this new regulation, data subjects have acquired a right to data portability (RDP). This article looks… Continue Reading

An EU General Data Protection Guide for the Insurance and Financial Services Sector

Posted in International, Privacy Regulation

To help prepare for the application of the European regulation on the protection of individuals with regard to the processing of personal data and on the free movement (the EU General Data Protection Regulation or GDPR), which will enter into force on May 25, 2018, Guy Soussan, Philip Woolfson, and I authored a commentary on the GDPR… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Ellen Nakashima

Posted in Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

In episode 132, our threepeat guest is Ellen Nakashima, star cyber reporter for the Washington Post.  Markham Erickson and I talk to her about Vladimir Putin’s endless appetite for identifying ‒ and crossing ‒ American red lines, the costs and benefits of separating NSA from Cyber Command, and the chances of a pardon for Edward… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Matt Cutts and Lisa Wiswell

Posted in Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

A record-setting insecurity week. Our interview in episode 131 is with Matt Cutts and Lisa Wiswell from the Pentagon’s Defense Digital Service.  Matt joined the Digital Service from Google where he authored their SafeSearch content filter.  Lisa is a bureaucracy hacker with the Defense Digital Service and previously spent years working on cyber-warfare in DOD’s… Continue Reading

Steptoe Cyberlaw Podcast – News Round-Up

Posted in Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies, Uncategorized

In a law-heavy news roundup, Katie Cassel and I talk about New York’s dangerously prescriptive cybersecurity regs for banks and insurers. Maury Shenk and I uncover the seamy industrial politics behind the EU’s latest copyright and telecom proposals.  The Sixth Circuit deepens a circuit split over standing and how much injury it takes to support… Continue Reading

Steptoe Cyberlaw Podcast – News Round-up with Phil West

Posted in China, Cybersecurity and Cyberwar, Data Breach, International, Security Programs & Policies

Ironman meets the Antideficiency Act In episode 129, Alan Cohn and I dive deep on the Government Oversight committee’s predictably depressing and unpredictably entertaining report on the OPM hack. Cheeky Chinese hackers register their control sites to superhero alter egos.  And poor, patriotic Cytech finds an intruder during a sales demo, rushes to provide support… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Scott DePasquale

Posted in Cybersecurity and Cyberwar, Data Breach, International, Security Programs & Policies

The podcast is back with a bang from hiatus. Our guest, Scott DePasquale, is the CEO of Utilidata, an electric utility IoT and cybersecurity company. Scott talks about his contribution to the Internet Security Alliance’s upcoming book, The Cyber Security Social Contract. Episode 128 also brings you a news roundup from the most momentous August… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Ed Hammersla and Brian White

Posted in Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

Episode 126 – The podcast goes to the conventions If Vladimir Putin can do it, so can we. This week the podcast dives deep into the US presidential campaign. I of course talk with Maury Shenk about evidence that the Russians are behind “Guccifer 2.0” and the DNC data leak – aided by a Wikileaks… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Jeremy and Ariel Rabkin

Posted in Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

In the news roundup, Michael Vatis covers Microsoft’s surprising Second Circuit victory over the Justice Department in litigation over a warrant for data stored in Ireland.  The hidden issue in that case was data localization – the same issue driving the Justice Department’s new legislative proposal to allow foreign nations to obtain information from US… Continue Reading

Steptoe Cyberlaw Podcast – News Round-Up

Posted in Cybersecurity and Cyberwar, International, Privacy Regulation, Security Programs & Policies

This week’s news roundup is dominated by the Ninth Circuit and the European Union. The EU parliament has approved the Privacy Shield that replaces the Safe Harbor. Michael Vatis, Alan Cohn and I ask whether companies should seek protection under what may prove to be a pretty leaky Shield. And the EU has approved cybersecurity… Continue Reading

Steptoe Cyberlaw Podcast – News Round-Up

Posted in China, Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

Edward Snowden criticizes Russia’s mass surveillance law, and a Russian official retaliates by outing him ‒ as a Russian intelligence source.  Silent Circle, the phone company that built its marketing on fear and loathing of the NSA, is nearing bankruptcy. And members of the dominant European Parliament faction are asking the Commission, “Hey! How come… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Fred Kaplan

Posted in Cybersecurity and Cyberwar, International, Privacy Regulation, Security Programs & Policies

Was Iran’s cyberattack that bricked vast numbers of Saudi Aramco computers justified by a similar attack on the National Iranian Oil Company a few months’ earlier?  Does NSA have the ability to “replay” and attribute North Korean attacks on companies like Sony? And how do the last six NSA directors stack up against each other? … Continue Reading