Episode 178: The Evil Dolphin Episode

The Cyberlaw Podcast kicks off a series exploring section 702 – the half-US/half-foreign collection program that has proven effective against terrorists while also proving controversial with civil liberties groups.  With the program due to expire on December 31, we’ll examine the surveillance controversies spawned by the program. Today, we look at the “upstream” collection program under section 702.  We talk to Becky Richards, NSA’s Civil Liberties and Privacy and (whew!) Transparency Officer as well as Liza Goitein of the Brennan Center for Justice.

In the news, Equifax is taking a beating both for a massive and serious data breach and for a series of missteps in its mitigation effort.  Michael Vatis lays out the gory details.

Speaking of ugly, the climate for the online ad business is getting a lot worse, or so I predict, as Russia’s use of social media ads and trolls gets attention in Washington.

Had enough?  Nope.  Now the European Court of Human Rights is piling on, limiting employers’ right to monitor employees.  Maury Shenk explains the law; and I marvel at the court’s ability to take an obligation imposed on governments and turn it into a code of conduct for private employers.

But wait, it gets worse.  Symantec says that a hacker who looks a lot like the Russian government has installed sophisticated hacking tools on the networks that directly control US electric grid systems.  I predict that the Trump administration will do, well, nothing, following an Obama administration tradition in grid hacking cases.

OK, it’s not the power grid, but would you really want hackers to be able to tell your Echo, “Alexa, send me two metric tons of garbanzo beans overnight?”  Now, thanks to what I call the Evil Dolphin attack, they can do exactly that – with you in the room.  Quick, get all the Echos out of Marine World!

OK, here’s a bit of good news, or at least man-bites-dog news.  Maury reports that the European Court of Justice has sent Intel’s $1.26 billion monopolization fine back to the European General Court.  Any time a European court doesn’t reach out to arbitrarily smack a US tech company, it’s cause for wonder.

In other news, Michael reports that Lenovo has settled (and pretty cheaply) with the FTC and a batch of states for installing spyware on its laptops.

To follow up on last week’s podcast, Best Buy has dumped Kaspersky software, so the mistrust virus is spreading from government to the private sector.

Finally, Uber, not content with God mode, also invented Hell, a program that fooled Lyft drivers into chasing fake customers.  Now Hell seems to have come for Uber, as it turns out the now-abandoned escapade might have violated the Computer Fraud and Abuse Act and is the subject of an SDNY/FBI probe.

Download the 178th Episode (mp3).

Subscribe to The Cyberlaw Podcast here.  We are also on iTunesPocket Casts, and Google Play (available for Android and Google Chrome)!

The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.


Steptoe partner Stewart Baker with Liza Goitein (left) and Becky Richards (right)