Header graphic for print
Steptoe Cyberblog

Episode 278: Will international trade law prevent the US from regulating the security of the Internet of Things?

Posted in International, Security Programs & Policies

 

Joel Trachtman thinks it’s a near certainty that the WTO agreements will complicate US efforts to head off an IoT cybersecurity meltdown, and there’s a real possibility that a US cybersecurity regime could be held to violate our international trade obligations. Claire Schachter and I dig into the details of the looming disaster and how to avoid it.

In the news, Paul Rosenzweig analyzes the Ninth Circuit holding that scraping publicly available information doesn’t violate the CFAA.

The California legislature has adjourned, leaving behind a smoking ruin where Silicon Valley’s business models used to be. Mark MacCarthy elaborates: One new law would force companies like Uber and Lyft (and a boatload more) to treat workers as employees, not contractors. Another set of votes has left the California Consumer Privacy Act more or less unscathed as its 2020 effective date looms. Really, it’s beginning to look as though even California hates Silicon Valley.

Klon Kitchen and I discuss the latest round of Treasury sanctions on North Korean hacking groups. The sanctions won’t hit anyone in North Korea, but they might affect a few of their enablers on the Internet. The real question, though, is this: Since sanctions violations are punishable even when they aren’t intentional, will US companies whose money is stolen by the Lazarus Group be penalized for having engaged in a prohibited transaction with a sanctioned party? Maybe the Lazarus Group should steal a license too, just to be sure.

Klon also lays out in chilling detail what the Russians were really trying to do to Ukraine’s grid – and the growing risk that someone is going to launch a destructive cyberattack that leads to a cycle of serious real-world violence. The drone attack on Saudi oil facilities shows how big that risk can be.

Paul examines reports that Israel planted spy devices near the White House. He thinks it says more about the White House than about Israel.

Paul also reports on one of the unlikelier escapades of students from his alma mater: Trading 15 minutes at the keyboard for a lifetime of trouble on their permanent records. The lesson? If you try to access the president’s tax data online, you’re going to jail, prank or not.

I walk back the deepfake voice scam story, but Klon points out that it reflects a future that is coming for us soon, if not today.

Proving the old adage about a fool for a lawyer, the Mar-a-Lago trespasser has been found guilty after an ineffective pro se defense.

Klon digs into the long and thoughtful op-ed by NSA’s Glenn Gerstell about the effects of the “digital revolution” on national security.

I note the recent Carnegie report trying to move the encryption debate forward. I also plug my upcoming speech in Israel on the topic.


 

Download the 278th Episode (mp3).

You can subscribe to The Cyberlaw Podcast using iTunes, Google Play, Spotify, Pocket Casts, or our RSS feed!

As always, The Cyberlaw Podcast is open to feedback. Be sure to engage with @stewartbaker on Twitter. Send your questions, comments, and suggestions for topics or interviewees to CyberlawPodcast@steptoe.com. Remember: If your suggested guest appears on the show, we will send you a highly coveted Cyberlaw Podcast mug!

 

The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.