Header graphic for print

Steptoe Cyberblog

Blockchain Takes Over The Cyberlaw Podcast

Posted in Blockchain, Virtual Currency

Episode 217: Blockchain Takes Over The Cyberlaw Podcast

In our 217th episode of The Cyberlaw Podcast, the blockchain and cryptocurrency team takes over the podcast again.

Alan Cohn hosts another of the podcast’s periodic deep dives into all things blockchain and cryptocurrency to discuss recent regulatory developments and the current state of play of the industry.

Our episode begins by looking at the Department of Treasury’s letter regarding initial coin offerings (“ICOs”). Jack Hayes tells us the key takeaways from the letter, including that persons engaged in ICOs could be considered a Money Transmitter under FinCEN’s regulations. Not only does the letter address companies based in the US that are issuing tokens, but also those based outside of the US that may have a substantial part of their business in the US or be issuing tokens to US persons. The idea that FinCEN can reach outside of the US border is not a new one. Last summer we saw a civil enforcement action against BTC-e, a foreign cryptocurrency exchange.

Jack and Alan also discuss the New York Attorney General’s recent voluntary transparency questionnaire sent to both US and non-US cryptocurrency exchanges. New York has seen its fair share of controversy with respect to cryptocurrency with the implementation of the BitLicense and the resulting exodus of a number of cryptocurrency companies.

Lisa Zarlenga provides an expert overview of the Internal Revenue Service’s (“IRS”) activity in the space starting with IRS Notice 2014-21. For tax purposes, convertible virtual currency (“CVC”) is treated as property, which means that every time you buy or sell CVC you are engaging in a taxable event and need to report capital gains or losses. The Notice did not provide much guidance on accounting for and determining basis of cryptocurrency. Lisa also discusses whether exchanging one cryptocurrency for another cryptocurrency is a like-kind exchange and how the 2018 Tax Reform Bill changes things. With the increasing popularity of airdrops, Lisa and Alan tell us about the tax treatment of tokens received during an airdrop.

Chelsea Parker discusses trends coming out of New York Blockchain Week 2018. Consensus 2018 was three times bigger than Consensus 2017 and there were almost three dozen other official conferences and events that were part of NY Blockchain Week. Needless to say, interest in blockchain appears to be at an all-time high, and there was a particularly high international presence. Government officials from countries such as Gibraltar and Bermuda highlighted their proactive steps to implement regulation while still encouraging innovation and protecting consumers. This idea of balancing regulation while still encouraging innovation was a common theme across panels.

Alan highlights Steptoe’s panel “Blockchain in Supply Chain, Navigating the Legal Waters” and the key questions discussed during Alan Cohn and Lisa Zarlenga’s presentations on the tax treatment of digital currencies and tokens at the Accounting Blockchain Coalition’s conference. Finally, the panelists highlight where they see the industry going next in terms of adoption and regulation. Lisa discusses the possibility of additional guidance from the IRS while Jack discusses the future of sovereign cryptocurrencies and the resulting regulatory challenges.

Chelsea Parker, Lisa Zarlenga, Alan Cohn, and Jack Hayes (left to right)

As always The Cyberlaw Podcast is open to feedback. Send your questions, suggestions for interview candidates or topics to CyberlawPodcast@steptoe.com or leave a message at +1 202 862 5785.

Download the 217th Episode (mp3).

Subscribe to The Cyberlaw Podcast here. We are also on iTunesPocket Casts, and Google Play (available for Android and Google Chrome)!

The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.

The Final Countdown – The EU General Data Protection Regulation

Posted in Data Breach, European Union, Privacy Regulation

The EU General Data Protection Regulation (GDPR) comes into force on May 25, 2018.

The GDPR makes many important changes to European Union (EU) data protection law, but it is not a complete departure from existing principles. Many of the concepts with which organizations are familiar will continue to apply under the GDPR. Thus, the GDPR will apply to the processing of personal data (information relating to an identified or identifiable natural person); processing includes the collection, recording, storage and structuring of that data or other operations performed with respect to it. However, one of the principal differences under the new regime relates to its extra territorial application.

In a recent Steptoe update, we therefore seek to address the questions of whether the GDPR will apply to your organization and, if so, what immediate steps need to be taken to ensure compliance.

The Cyberlaw Podcast – News Roundup

Posted in China, Cybersecurity and Cyberwar, Data Breach, Russia

Episode 216: Every President gets the White House he deserves

The Cyberlaw Podcast has now succumbed to an irresistible media trend: We begin the episode with a tweet from President Trump. In this one, he promises to get ZTE “back in business, fast.” Paul Rosenzweig and Nick Weaver provide the backstory, and a large helping of dismay, at the President’s approach to the issue.

I question the assumption that this will make the life of Chinese telecom equipment makers easier in the US. If anything it could be worse. The 2019 NDAA being drafted in the House will make it very difficult for telecom companies that do business with the Pentagon to rely on Chinese (or Russian) equipment (see page 259 et seq.). If anything, the President probably ensured a unanimous Democratic vote for the measure.

The cyber coordinator position in the White House is on the endangered list. Paul explains why it should survive. His take is not completely snark-free. Summing up the first two stories, I suggest that every President gets the White House he deserves.

Nick explains how badly American democracy could be harmed by a relatively trivial Russian (or Iranian, or North Korean) cyberattack on voter registration databases later in 2018. Indeed, they had a chance to launch such an attack in 2016, according to the Senate Intelligence Committee. This is an avoidable disaster if election officials take action now, I point out, but Paul doubts they will.

Paul and I lament the insouciance and ahistoricity of the Fourth Circuit’s new ruling adding half a dozen new judicial constraints to border searches of cell phones.

Speaking of cyberattacks, you’d better buckle up, because Iranian retribution for US withdrawal from the Joint Comprehensive Plan of Action is probably being prepared as you read this. And according to a highly educational Recorded Future/Insikt report, Iran’s semi-privatized hacking ecosystem is likely to err on the side of escalation.

The Iranians aren’t the only ones upping their game. Nick reports on an excellent Crowdstrike report on the new sophistication of Nigerian scammers.

We close with Nick’s dissection of the troubling code decisions underlying a pedestrian death caused by Uber’s autonomous vehicle.

The Cyberlaw Podcast is hiring a part-time intern for our Washington, DC offices.

As always The Cyberlaw Podcast is open to feedback. Send your questions, suggestions for interview candidates or topics to CyberlawPodcast@steptoe.com or leave a message at +1 202 862 5785.

Download the 216th Episode (mp3).

Subscribe to The Cyberlaw Podcast here. We are also on iTunesPocket Casts, and Google Play (available for Android and Google Chrome)!

The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.

The Cyberlaw Podcast – Interview with Nicholas Schmidle

Posted in Cybersecurity and Cyberwar, Privacy Regulation, Security Programs & Policies

Episode 215:  The Zelig of Hacking Back

Our interview is with Nick Schmidle, staff writer for the New Yorker. His report on cybersecurity work that goes to the edge of the law and beyond turns up some previously unreported material, including the tale of Shawn Carpenter, a cybersecurity researcher with a talent for showing up in all the best hackback stories.

In the news, Jamil Jaffer reports on domain fronting, a weird form of protection for people hiding the site they’re connecting to behind some bland Google or AWS site. Some of those people are dissidents in authoritarian lands; many are authoritarian governments hacking secrets out of corporate networks.  In any event, domain fronting is disappearing before it had even made an impression on the public’s mind. I say good riddance, bolstered in my opinion by the wailing of professional privacy groups that, do I have to remind you?, don’t care about your security at all.

The Supreme Court takes a case of great interest to social media and other tech firms who attract class actions. Jennifer Quinn-Barabanov explains the law and the likely outcome. I mostly quibble about how to pronounce “cy pres.”

Move fast and break things probably isn’t the best motto if the thing you’re likely to break is, um, you. Megan Reiss talks about the death of Aaron Traywick, and the risks of bringing the hacking ethic to genetic engineering.

Europol and a host of allies were bragging last week about taking down ISIS’s online recruiting and propaganda infrastructure. But this week they’ve had to admit that ISIS is back on line. Jamil and I talk about what lessons can be drawn from cyber-whac-a-molery.

For Chinese phone makers, it never rains but it pours. Fresh off a ban on Chinese phones from US military retail stores, there may be even more pain in the works for ZTE and other Chinese mobile infrastructure providers.

Finally, Megan Reiss and I dig deep into Rep. Ruppersberger’s thoughtful take on cybersecurity, information sharing and DHS.

The Cyberlaw Podcast is hiring a part-time intern for our Washington, DC offices.

Jennifer Quinn-Barabanov with Dr. Megan Reiss

As always The Cyberlaw Podcast is open to feedback. Send your questions, suggestions for interview candidates or topics to CyberlawPodcast@steptoe.com or leave a message at +1 202 862 5785.

Download the 215th Episode (mp3).

Subscribe to The Cyberlaw Podcast here. We are also on iTunesPocket Casts, and Google Play (available for Android and Google Chrome)!

The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.

 

The Cyberlaw Podcast — News Roundup

Posted in China, Cybersecurity and Cyberwar, Privacy Regulation, Russia

214: Dumbest privacy issue of the decade?

This episode features a new technology-and-privacy flap. The police finally catch a sadistic serial killer, and the press can’t stop whining about DNA privacy. I argue that DNA privacy is in the running for Dumbest Privacy Issue of the Decade. Because privacy is all about making sure the police can’t use your data to catch killers. Paul Rosenzweig refuses to take the other side of that debate.

Ray Ozzie has released a technical riposte to the condescending Silicon Valley claim that math proves the impossibility of securely accommodating law enforcement access. Paul and I muse on the aftermath, in which Silicon Valley will actually have to win the debate rather than claiming that there is none.

Jim Lewis and I note the likelihood that ZTE is contemplating litigation against the US ban on technology sales to the company.  What really bothers Jim, though, is the likelihood that the US sanction will accelerate China’s move to complete self-sufficiency in the technology sphere. That’s something that neither the US government nor US industry is really ready for.

The House intel committee’s report on Russia and the election is out. It finds no scandal, other than Russia’s shocking attack on our institutions, though it does criticize “ill-advised” action by Trump campaign officials. The minority report says that the investigation should have gone on even longer. Paul and I have different takes on the value of the exercise.

Gen. Paul Nakasone is about to take over at NSA, after a remarkably easy ride to confirmation. Jim Lewis finds comfort and diversion in the effort of privacy campaigners to add some bumps to  the general’s road.

Finally, Paul and I debate whether Donald J. Trump Jr. committed a Computer Fraud and Abuse Act felony by logging on to an opposition website with “guessed” credentials supplied by Wikileaks.  Actually, there isn’t much debate about whether that’s a crime, but I question whether criminalizing such a trivial violation of network mores raises more questions about the CFAA than about DJT Jr.

And a bit of special pleading: How can there possibly not be any reviews of The Cyberlaw Podcast on Stitcher Radio?  Yet it appears to be true. Please get out there and comment, loyal Stitcher listeners to the podcast!

The Cyberlaw Podcast is hiring a part-time intern for our Washington, DC offices.

As always The Cyberlaw Podcast is open to feedback. Send your questions, suggestions for interview candidates or topics to CyberlawPodcast@steptoe.com or leave a message at +1 202 862 5785.

Download the 214th Episode (mp3).

Subscribe to The Cyberlaw Podcast here. We are also on iTunesPocket Casts, and Google Play (available for Android and Google Chrome)!

The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.

The Cyberlaw Podcast — News Roundup

Posted in Cybersecurity and Cyberwar, European Union, Privacy Regulation

Episode 213: RSA in 5 minutes

In a news-only episode, we get a cook’s tour of the RSA conference from attendees Paul Rosenzweig, Jim Lewis, and Stewart Baker. Short version: Top trends we saw at RSA: more nations attacking cybersecurity firms over attribution, more companies defending themselves outside their own networks (aka hackback), and growing (if still modest) respect for DHS’s role in cybersecurity. Oh, and Microsoft’s Digital Geneva Convention is still a mashup of profound naïveté and deep cynicism, but Microsoft’s Cyber Tech Accord may do better – at least until the FTC gets hold of it.

In other news, ZTE is going to be hammered for showing contempt for US export control enforcement. But the back-splatter on US suppliers will be severe as well. The United States is picking a big, big fight with China on the future of technology, and it’s going to need a strategy. Xi reads the writing on the wall.

Speaking of big fights, Telegram is in a doozy with Russia over its refusal to supply crypto keys to the government. It looks as though Telegram’s use of Google and other domains as proxies (“domain fronting”) is making it hard for Russia to work its will without harming other internet companies. So far, it looks as though Russia is willing to bring the pain, but the ban isn’t completely effective.

In what may be related news, Google is engineering domain fronting out of its products. The press whining about the civil liberties implications of Google’s moves triggers a classic Baker rant about how privacy zealots don’t really care about security – since domain fronting is a principal method by which network security is defeated and crime facilitated.

And while my rant is rolling, why not include the EU’s shameful drive-by execution of the WHOIS database. I call on the Obama NTIA officials who killed off our last leverage over ICANN to apologize to Ted Cruz for the debacle.

Maury lays out the remarkable parallelism between the US CLOUD Act and a new EU regulation on cross-border data sharing for law enforcement.

Finally, or nearly so, Paul unpacks the way in which liability for the SWIFT hacks may drive cybersecurity standards for banks.

And in closing, I note that China is now the clear leader in face recognition, having found a single suspect in a crowd of 60,000 concertgoers. It’s the leader not because of China’s technical strength, though that’s impressive, but because of Silicon Valley political correctness. Remember that when law enforcement agencies end up buying Chinese tech and paying the cybersecurity price.

Steptoe partner Stewart Baker with Jim Lewis

The Cyberlaw Podcast is hiring a part-time intern for our Washington, DC offices. If you are interested, click here.

As always The Cyberlaw Podcast is open to feedback. Send your questions, suggestions for interview candidates or topics to CyberlawPodcast@steptoe.com or leave a message at +1 202 862 5785.

Download the 213th Episode (mp3).

Subscribe to The Cyberlaw Podcast here. We are also on iTunesPocket Casts, and Google Play (available for Android and Google Chrome)!

The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.

The Cyberlaw Podcast — News Roundup

Posted in China, European Union, International, Privacy Regulation

In episode 212 of The Cyberlaw Podcast, Stewart Baker is at RSA, and Brian Egan, Maury Shenk, and Pete Jeydel of Steptoe are joined by David Kris and Nate Jones of Culper Partners LLC to cover the good, the bad and the ugly of the week that was.

UK cyber issues: Brian, Maury, David and Nate discuss the US-UK-France weekend airstrikes against Syria’s chemical weapons program, and reported threats of Russian “cyber retaliation” against the UK. We also note the continued trends of intelligence disclosures (aiding the development of international norms?) reflected in last week’s speech by the GCHQ director condemning Russia over the Skripal attack and disclosing UK offensive cyber operations against ISIS.

David provides insights into the government’s proposed use of a US government “taint team” to conduct a privilege review of the materials seized during the FBI’s raid of Michael Cohen’s offices. Bottom line: (1) warrants to seize evidence from attorneys are relatively rare but not unprecedented, (2) President Trump’s and Mr. Cohen’s requests to conduct their own screening of the materials probably won’t fly, and (3) a scenario in which an independent special master oversees the review is quite possible (but has been delayed for the moment).

Maury discusses the latest in the Schrems data protection litigation against Facebook: last week’s unsurprising decision by the Irish high court to refer questions related to the EU Standard Contractual Clauses to the European Court of Justice. Maury explains why he remains skeptical that the EU court will invalidate the use of these clauses.

Pete explains why Treasury is probably considering its (very broad) options under the International Emergency Economic Powers Act in answering President Trump’s call for more restrictions on Chinese Investments.

And David and Nate discuss the latest in the encryption debates, including an FBI Inspector General’s report criticizing the FBI’s mishandled attempts to break the encryption of the San Bernadino shooter’s iPhone, and the latest in encryption/decryption litigation before the lower courts.

Steptoe Partner Brian Egan (right) with Nate Jones

The Cyberlaw Podcast is hiring a part-time intern for our Washington, DC offices. If you are interested, click here.

As always The Cyberlaw Podcast is open to feedback. Send your questions, suggestions for interview candidates or topics to CyberlawPodcast@steptoe.com or leave a message at +1 202 862 5785.

Download the 212th Episode (mp3).

Subscribe to The Cyberlaw Podcast here. We are also on iTunesPocket Casts, and Google Play (available for Android and Google Chrome)!

The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.

The Cyberlaw Podcast – Interview with Chris Bing and Patrick Howell O’Neill

Posted in China, CIFIUS, Cybersecurity and Cyberwar

The Cyberlaw Podcast – Interview with Chris Bing and Patrick Howell O’Neill

Episode 211: Senators Markey and Blumenthal bury the lede

Our interview is with Chris Bing and Patrick Howell O’Neill of Cyberscoop. They’ve broken two cyberscoops in the last week or so. First, an in-depth look at Kaspersky’s outing of a US cyberespionage program aimed at foreign terrorists. Hint to Kaspersky: Bringing out a brass band to warn terrorists that they’re being tracked by the US government is not likely to help you win your PR and legal battles in the United States. Chris Bing also covers his other scoop – the surprisingly advanced talks among the leaders of the Senate Judiciary Committee on a bill to address the FBI’s “going dark” problem.

In the news, Jennifer Quinn-Barabanov and I debate the impact of two recent incidents on the future of self-driving cars. She thinks they’ll weather these events, and that the lives such cars save will outweigh the deaths. I’m less sure, mainly because the mistakes that lead to autonomous vehicle deaths are so different from the usual human-driver error and therefore inherently compelling and disquieting.

Nick Weaver and I cover the Grindr security flap and the company’s transmission of HIV status without complete encryption protection. I think there’s less to the story than meets the eye, and that Grindr is getting more heat than it deserves.

Senators Markey and Blumenthal, on the other hand, deserve a lot more heat than they’ve gotten so far. How clueless can they be to send thirteen “when did you stop beating your husband” questions to Grindr’s CEO and not notice that he’s based in Hong Kong? In fact, Grindr was bought last year by a Chinese company. Neither senator, though, bothers to ask where the database of gay Americans is stored and what access the Chinese government has to it? Or how that deal got through CFIUS. Sad! To coin a phrase.

Nick covers the big new IOT botnet’s tryout and asks why it was the banks that got attacked. I’ve got some theories, as does Nick. Along the way, he dispenses advice for people who have just realized that their router is probably the weakest link in their home network’s security.

When does the first amendment allow researchers to violate websites’ terms of service? Judge Bates has some preliminary answers in the Sandvik case, says Brian Egan, who thinks the case may turn into an important and perhaps unhappy ruling for websites in the future.

In other topics, Softbank is getting a CFIUS workout.

YouTube’s demonetization policy leads to a mass shooting and suicide at company headquarters. Stingrays blanket DC. And Keeper can’t even get through a news cycle about its lame lawsuit without another story about its lame security.

The Cyberlaw Podcast is hiring a part-time intern for our Washington, DC offices.

As always The Cyberlaw Podcast is open to feedback. Send your questions, suggestions for interview candidates or topics to CyberlawPodcast@steptoe.com or leave a message at +1 202 862 5785.

Download the 211th Episode (mp3).

Subscribe to The Cyberlaw Podcast here. We are also on iTunesPocket Casts, and Google Play (available for Android and Google Chrome)!

The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.

Steptoe partner Stewart Baker with Chris Bing

The Cyberlaw Podcast – Interview with David Sanger

Posted in Cybersecurity and Cyberwar, International, Privacy Regulation

Episode 210: Keeper: Loser, Weeper

In the news roundup, Nick Weaver, Ben Wittes, and I talk about the mild reheating of the encryption debate, sparked not just by renewed FBI pleading but by the collapse of the left-lib claim that building in access is impossible because math. The National Academy report on encryption access has demonstrated that access is practicable, with support from a group of prominent tech experts, such as Ray Ozzie, all of whom know math.

Speaking of law enforcement, it was a good week for cybercrime enforcement. Nick and I touch on two victories for the good guys, with the Carbanak mastermind busted in Spain and Yevgeny Nikulin extradited to the US over Russian objections.

Meanwhile, DHS is moving forward on one of the more significant efforts to prevent terrorist travel across borders by using social media data effectively. The agency will be requiring social media names (but not passwords) from visa applicants, according to a proposed rule now gathering comments. Maury Shenk, Ben, Nick, and I talk about the privacy and first amendment issues implicated by the policy. We don’t agree on most of those issues.

But we find surprising unanimity in mocking Julian Assange for deservedly losing his internet access at the Ecuador embassy. The panel even endorses Matt Green’s wicked suggestion for trolling Assange from the sidewalk outside Assange’s Ecuadoran squat.

We close with a quick sack dance over the prone form of Keeper Security, which has dropped its libel suit against Dan Goodin and Ars Technica, probably because it was going to lose; the defendants’ coverage of Keeper’s serious security problems was straight and fair. Bottom line: there are plenty of good password managers; why use one whose management sues to suppress news of its product’s security holes? When that sinks in, Keeper won’t just be a loser; here’s hoping it will be a weeper too.

Our interview with David Sanger covers the vulnerability of the US grid, the psychic income and electoral popularity that Vladimir Putin gets from crossing the West’s red lines, and whether we’d be better off sparking an escalating set of cyberattacks now or later.

If the last question reminds you that John Bolton will soon be the National Security Adviser, you’re not alone. We take a few minutes off from plumbing cyberlaw to exploring just what kind of national security adviser Bolton will be. My bottom line: better than his reputation, and maybe much better.

Maury Shenk, Ben Wittes and Stewart Baker (left to right)

Steptoe partner Stewart Baker with David Sanger

As always The Cyberlaw Podcast is open to feedback. Send your questions, suggestions for interview candidates or topics to CyberlawPodcast@steptoe.com or leave a message at +1 202 862 5785.

The Cyberlaw Podcast is hiring a part-time intern for our Washington, DC offices. If you are interested, visit our website at Steptoe.com/careers.

Download the 210th Episode (mp3).

Subscribe to The Cyberlaw Podcast here. We are also on iTunes, Pocket Casts, and Google Play (available for Android and Google Chrome)!

The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.

The Cyberlaw Podcast – Interview with Michael Page

Posted in AI, China, CIFIUS, Security Programs & Policies

Episode 209

It was a cyberlaw-packed week in Washington. Congress jammed the CLOUD Act into the omnibus appropriations bill, and boom, just like that, it’s law. Say good-bye to the Microsoft Ireland case just argued in the Supreme Court. Maury Shenk offers a view of the Act from the United Kingdom, the most likely and maybe the only beneficiary of the Act. Biggest losers? For sure the ACLU and EFF and their ilk, who were more or less rendered irrelevant when they lost the funding and implicit backing of Silicon Valley business interests.

But wait, there’s more Congressional action, and it’s bad news for Silicon Valley business interests. For the first time, the immunity conferred on social media platforms by Section 230 of the Communications Decency Act has been breached. Jamil Jaffer and I discuss FOSTA/SESTA, adopted this week. In theory the act only criminalizes media platforms that intentionally promote or facilitate prostitution, but any platforms that actually read their own content are likely at risk. Which is what Craigslist concluded, killing its personals section in response to the act. Worse for Silicon Valley, this may just be the beginning, as its unpopularity with left and right alike starts coming home to roost.

Not to be upstaged by Congress, President Trump announces a plan to impose $60 billion in tariffs on Chinese goods and new investment limits on Chinese money. Sue Esserman explains the plan and just how serious an issue it’s addressing.

Jim Lewis tells us about the FCC’s rumored plan to pile on Chinese telecom manufacturers, adopting a rule to bar the use of Universal Service funds to purchase Chinese telecom infrastructure gear. If we want to keep China out of our telecom infrastructure, he says, we should be prepared to pay a hefty price.

In any other week, Jim and Jamil would get to spend quality time chewing over the indictment and sanctioning of Iranian hackers charged with massive thefts of IP. Not this week. They give their bottom line up front: indictments and sanctions are a good first step but can’t be our only response.

Speaking of hating Silicon Valley, there’s a wave of criticism – and a lawsuit – building against Uber in what may be a self-driving car accident that better tech could have prevented. Jamil urges caution in reaching conclusions.

We barely have time for the massive flap over Facebook and Cambridge Analytica. Still I can’t help noting that in 2012, when the Obama campaign bragged about stripping the social graph of its Facebook followers, there was no privacy scandal. Today, after Cambridge Analytica made dubious claims to have done something similar, the EU’s ineffable Vera Jourova sees a “threat to democracy.” If you’re a conservative who supports new privacy attacks on Facebook, don’t blame me when it turns out that the new privacy law is weaponized against the right, just as the old one has been.

And, as a token bit of international news, China’s social credit system is being implemented in a totalitarian fashion that reminds me of Lyft’s embrace of the McCarthyite Southern Poverty Law Center, in that both systems deny transportation to those suffering from wrongthink. Maury Shenk says it also tells us something about the efficiency and clarity of authoritarian uses of new technology.

Speaking of wrongthink, Google’s YouTube is banning firearms demo videos. Some of the banned videos may soon be hosted on pornhub, which at least allows all those guys who used to read Playboy “for the articles” to visit pornhub “for the gun instructional videos.”

Finally, for our interview, Cyberlaw Podcast joins forces with the hosts of National Security Law Today, a podcast of the ABA Standing Committee on Law and National Security.

We interview Michael Page of OpenAI, a nonprofit devoted to a nonprofit devoted to developing safe and beneficial artificial intelligence. It’s a deep conversation, but lawyers will want to spend time with the latest study suggesting that AI reads contracts faster and better than most lawyers. Brrr!

Stewart Baker (right) with Elisa and Michael

As always The Cyberlaw Podcast is open to feedback. Send your questions, suggestions for interview candidates or topics to CyberlawPodcast@steptoe.com or leave a message at +1 202 862 5785.

The Cyberlaw Podcast is hiring a part-time intern for our Washington, DC offices. If you are interested, visit our website at Steptoe.com/careers.

Download the 209th Episode (mp3).

Subscribe to The Cyberlaw Podcast here.  We are also on iTunes, Pocket Casts, and Google Play (available for Android and Google Chrome)!

The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.