Today we interview Doug, the chief legal officer of GCHQ, the British equivalent of NSA. It’s the first time we’ve interviewed someone whose full identify is classified. Out of millions of possible pseudonyms, he’s sticking with “Doug.” Listen in as he explains why. More seriously, Doug covers the now-considerable oversight regime that governs GCHQ’s intercepts and other intelligence collection, Britain’s view of how the law of war applies in cyberspace, the prospects for UN talks on that topic, the value of attribution, and whether a national security agency should be responsible for civilian cybersecurity (the UK says yes, the US says no).

In the news, Nick Weaver and Matthew Heiman comment on the undying dumpster fire that is Bloomberg’s Chinese supply-chain-attack story. We may not know for sure whether the story is bogus, at least not for a while. But it’s not too late, I argue, to fund a journalist version of the Ig-Nobel Prize. Call it the Bull-itzer, for the story with the most potent mix of consequences and BS. Right now, Bloomberg’s definitely in the running.

Matthew tells us that Treasury has announced its CFIUS pilot program, which will require the filing of notices for Chinese acquisitions in 27 critical industries. I argue that a predisposed bureaucracy has made President Trump a transformational president in terms of relations with China.

Speaking of bureaucratic predispositions, DOJ is showing enthusiasm in carrying out its predisposition to haul Chinese spies into court. What’s remarkable is that it was able to do that from across the Atlantic. While not a cyberspy, the recent arrest and extradition of an accused Chinese economic spy is easy to read as DOJ’s answer to those who say indictments of government spies are a sign of weakness.

Everybody’s going to have to choose sides as Trump and Xi continue on their collision course. Except Google. At least according to Google, which bailed out of a Pentagon program because it didn’t meet Google’s values. Oh, and because Google had no chance of winning the contract. Talk about virtue signaling on the cheap!

The EU’s virtue signaling isn’t nearly as cheap, at least for Google, which is now appealing a massive EU competition fine. I can’t help wondering who the hell uses Google Shopping searches; the EU fine must be $1 billion for every biased search.

Nick reports on two troubling government reports. He believes one — the cybersecurity of DOD weapons systems really is a problem. He’s less impressed by White House concerns about the health of the defense industrial base, having recently done some “Buy America” electronics procurement himself.

Finally, in the latest dog-bites-man story, Vietnam will force local data storage over Silicon Valley’s protests. Nick, Matthew, and I explore the continuing delusion of US foreign policymakers in insisting that the Internet must be borderless and open and free.


Download the 235th Episode (mp3).

Download the transcript of the 235th episode (PDF).

You can subscribe to The Cyberlaw Podcast using iTunes, Pocket Casts, Google Play, or our RSS feed!

As always, The Cyberlaw Podcast is open to feedback. Be sure to engage with Stewart on social media: @stewartbaker on Twitter and on LinkedIn. Send your questions, comments, and suggestions for topics or interviewees to Remember: If your suggested interviewee appears on the show, we will send you a highly coveted Cyberlaw Podcast mug!


The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.