Header graphic for print
Steptoe Cyberblog

Tag Archives: Privacy Regulation

Steptoe Cyberlaw Podcast – Interview with Kevin Kelly

Posted in Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

Our guest for episode 119 is Kevin Kelly, founding executive editor of Wired Magazine and author of The Inevitable: Understanding the 12 Technological Forces that will Shape our Future.  Kevin and I share many views – from skepticism about the recording industry’s effort to control their digital files to a similar skepticism about EFF’s effort… Continue Reading

FAR Council Issues Rule on Basic Safeguarding of Covered Contractor Information Systems

Posted in Cybersecurity and Cyberwar, Privacy Regulation, Security Programs & Policies

On May 16, four years after issuing a proposed rule, the FAR Council issued a final cybersecurity-related rule that reaches deep into the supply chain and is applicable to virtually all government contractors and subcontractors.  The rule establishes a new FAR subpart 4.19 and a clause 52.204-21, both of which are entitled “Basic Safeguarding of Covered… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Patrick Gray

Posted in Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

Our guest, Patrick Gray, is the host of the excellent Risky Business security podcast.  He introduces us to the cybersecurity equivalent of decapitation by paper cut and offers a technologist’s take on multiple policy and legal issues.  In the news roundup, Michael explains the many plaintiff-friendly rulings obtained by the banks suing Home Depot over… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Dmitri Alperovitch

Posted in Blockchain, Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies, Virtual Currency

Ransomware is the new black.  In fact, it’s the new China.  So says our guest for episode 116, Dmitri Alperovitch, the CTO and co-founder of CrowdStrike.  Dmitri explains why ransomware is so attractive financially – and therefore likely to get much worse very fast.  He and I also explore the implications and attribution of the… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Orin Kerr

Posted in Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

Does the FISA court perform a recognizably judicial function when it reviews 702 minimization procedures for compliance with the fourth amendment?  Our guest for episode 115 is Orin Kerr, GWU professor and all-round computer crime guru, and Orin and I spend a good part of the interview puzzling over Congress’s mandate that the FISA court… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Patrick Henry, Dan Kaminsky, Kiran Raj, and Dr. Zulfikar Ramzan

Posted in China, Cybersecurity and Cyberwar, International, Privacy Regulation, Security Programs & Policies

No holds are barred as a freewheeling panel of cryptographers and security pros duke it out with me and the Justice Department over going dark, exceptional access, and the Apple-FBI conflict.  Among the combatants:  Patrick Henry, a notable cryptographer with experience at GCHQ, NSA, and the private sector; Dan Kaminsky, the Chief Scientist at White Ops;… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Eric Jensen

Posted in Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

European news and sensibilities dominate episode 112.  I indulge in some unseemly gloating about Europe’s newfound enthusiasm for the PNR data it wasted years of my life trying to negotiate out of the US counterterrorism toolbox.  I pester our guest, Eric Jensen, about his work on the Talinn 2.0 manual covering the law of cyberwar;… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Susan Munro and Ying Huang

Posted in China, Cybersecurity and Cyberwar, International, Privacy Regulation, Security Programs & Policies

Steptoe recently held a client briefing in its Palo Alto office to update developments in the Chinese legal and regulatory that are impacting US technology companies operating in China.  I took advantage of the event to sneak in a quick discussion with Susan Munro and Ying Huang of Steptoe’s China practice, on how China is… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Perianne Boring

Posted in Blockchain, Cybersecurity and Cyberwar, Data Breach, Privacy Regulation, Security Programs & Policies, Virtual Currency

In episode 109, we interview Perianne Boring of the Chamber of Digital Commerce on the regulatory challenges of bitcoin and the blockchain.  In the news roundup, we bring back Apple v. FBI for what we hope will be one last round, as the San Bernardino magistrate voids her All Writs Act motion for mootness and… Continue Reading

Steptoe Cyberlaw Podcast – Triple Entente Beer Summit II

Posted in Cybersecurity and Cyberwar, Privacy Regulation, Security Programs & Policies

The Second Annual Triple Entente Beer Summit again filled the Washington Firehouse loft with an audience at least as knowledgeable as the panel, which consisted of Ben Wittes, Shane Harris, Stewart Baker, Tamara Cofman Wittes, and Alan Cohn.  The Triple Entente Beer Summit brings together members of the Lawfare, Rational Security, and the Steptoe Cyberlaw podcasts.

Steptoe Cyberlaw Podcast – Interview with Mike Daugherty

Posted in Cybersecurity and Cyberwar, Data Breach, Privacy Regulation

With Wyndham’s surrender to the FTC after a brutal court of appeals opinion, the last outpost of resistance to the FTC’s cybersecurity agenda is Mike Daugherty, CEO of LabMD.  Daugherty refused to take the easy road and enter into a consent decree with the FTC to settle its claim that the company’s security was insufficient… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Mikko Hypponen

Posted in China, Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

Are Russian hacker-spies a bunch of lethargic government drones more interested in smash-and-grabs than stealth?  That’s one of the questions we pose to Mikko Hypponen in episode 86 (right after we ask about how to pronounce his name; turns out, that’s harder than you think).  Mikko is the Chief Research Officer at F-Secure and a… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Margie Gilbert

Posted in China, Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

Episode 81 features China in the Bull Shop, as the White House prepares for President Xi’s visit and what could be ugly talks on cyber issues.  Our guest commentator, Margie Gilbert, is a network security professional with service at NSA, CIA, ODNI, Congress, and the NSC.  Now at Team Cymru, she’s able to offer a… Continue Reading

Steptoe Cyberlaw Podcast – Hostfull

Posted in China, Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

Still trying to dig out from under our hiatus backlog, we devote episode 80 to our regulars.  We’ll bring back a guest next week.  This week it’s a double dose of Jason Weinstein, Michael Vatis, Stewart Baker, and Congress-watcher Doug Kantor. Michael offers an analysis of the Second Circuit’s oral argument in the Microsoft lawsuit… Continue Reading