Header graphic for print
Steptoe Cyberblog

Steptoe Cyberlaw Podcast – Interview with Michael Allen

Posted in Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

Our special guest this week is Michael Allen, former Majority Staff Director of the House intelligence committee.  Mike is the founder of Beacon Global Strategies and the author of Blinking Red, the story of the creation of the Director of National Intelligence.

We drag him into the program from the beginning, getting his take on his old committee’s proposal to replace NSA’s 215 metadata program with one where the data remains with the telephone companies. I puzzle over the Obama administration’s booted opportunity to work with a bipartisan coalition on reforming 215 and its determination to instead pursue the affections of privacy lobbyists who want the FISA court to review every search of the telcos’ data.

Mike Allen reflects on the most significant contributions of Chairman Mike Rogers to the intelligence committee from which he is unexpectedly retiring. He evidently plans to become a radio show host concentrating on national security affairs. I speculate that he was forced into Old Media because the niche for podcasts on national security law has now been so definitively filled by the Steptoe Cyberlaw Podcast.

In other news, the FISA court is getting a new chief judge. And China has promised to bolster its cybersecurity while protesting news that Huawei was hacked by NSA; it would only be fair if the administration declared, as China has so often when accused of hacking a US defense contractor, “Hey, we’re victims of hacking too. Tell us what you know about this alleged hacking and maybe we can help.”

This Week in Target produces a surprise — banks suing not just Target but also its security assessor. Is this a sign of strength or an admission that Target itself may have a pretty good defense to claims that it violated the PCI standards? Jason Weinstein thinks it’s an augur of things to come, and that other security auditors may face such litigation, especially if they provide some of the services they’re supposed to be auditing.

Microsoft is in the privacy cement mixer this week. After admitting that it opened a subscriber’s Hotmail account to track an employee who was leaking its business secrets, it first said it had every right to do so, then said it would only do so with the approval of a retired federal judge, and finally said it would leave that sort of thing to law enforcement. Michael Arrington, who rarely misses an opportunity to make headlines, accused Google of doing the same with Gmail. But the incident was years ago, and Google has denied it — while acknowledging that, like Microsoft, its terms of service very likely permit it to access Gmail for that purpose. Michael Vatis and I speculate about what this means for actions to protect Microsoft customers, since many webmail security measures require that the operator aggressively investigate malware distributors using its network; if those security measures must now wait for law enforcement investigations, we’ll all be pwned by the end of the year, and we’ll have privacy to thank for it.

Jason reports that Bitcoin is getting a modest amount of establishment recognition, but bitcoin owners will get new paperwork headaches and the traceability of their holdings will increase dramatically, as the IRS starts treating bitcoins as assets subject to capital gains calculations.

The sordid, pigs-at-the-trough spectacle of nonprofits squabbling over who will get the windfall from cy pres settlements of privacy suits reaches new heights as a new $8.5 million payout is finally approved. And the European Court of Justice rules that ISPs must block copyright infringing sites. (How? Don’t bother us with details, we’re European jurists.) And the actress who’s gotten more publicity, public sympathy, and judicial somersaults from a ten-second YouTube performance than anyone in history is back to complain that Google isn’t doing enough to keep her performance from the public.

Returning to Mike Allen, we talk about his book, and how Henry Hyde killed one version of the 9/11 intelligence reform bill with a well-timed bon mot on the intelligence of House and Senate members. The difference in style between Bush and Obama legislative relations is explored, gingerly. And Mike reflects on what produced the astonishing breakdown in relations between the CIA and the Senate Intelligence Committee.

Download the thirteenth episode (mp3).

Subscribe to the Cyberlaw Podcast here. We are also now on iTunes and Pocket Casts!