Skip to content

Menu

Steptoe & Johnson LLP logo
HomeAboutServicesContactMedia MentionsSteptoe BlogsSub-Menu6G: A Step Beyond Telecom BlogAntitrust & Competition BlogBlockchain BlogGlobal Trade Policy BlogInternational Compliance BlogInvestigations & Enforcement BlogPURPA & Distributed Energy Resources BlogSDNY Blog
Search
Close

Cyberblog

Home > International > Episode 292: Debating FISA 215 after Pensacola

Episode 292: Debating FISA 215 after Pensacola

By Stewart Baker on December 9, 2019
Posted in China, European Union, International, Privacy Regulation, Russia, Security Programs & Policies
https://www.steptoe.com/podcasts/TheCyberlawPodcast-292.mp3

 

The apparent terror attack at Naval Air Station Pensacola spurs a debate among our panelists about whether the FISA Section 215 metadata program deserves to be killed, as Congress has increasingly signaled it intends to do. If the Pensacola attack involved multiple parties acting across US borders, still a live possibility as we talked, then it would be just about the first such attacks since 9/11 – and exactly the kind of attack the metadata program was designed to identify in advance.

Nick Weaver tells us that China has resurrected the Great Cannon to attack a popular Hong Kong forum for protesters. I ask why Google hasn’t started issuing warnings to Web browsers who cross the Great Firewall into China without enabling HTTPS to foil the Great Cannon. Meanwhile, Microsoft is working hard to make GitHub, an early Great Cannon victim, an essential part of China’s IT infrastructure. GitHub was attacked because it hosted some content that China hated, including the New York Times, and we verify in real time that, despite the lure of the Chinese market, Microsoft has not told GitHub to dump the offending content.

In more China news, the trial lawyers are circling TikTok like a wounded wildebeest on the veldt. A California class action alleges that TikTok harvested and sent data to China, and an Illinois class action charges the company with violating COPPA by marketing to children without sufficient privacy safeguards.

Paul Rosenzweig and I dig deep into the 20-year history behind the now-abandoned proposal to conduct airport facial scans on US citizens leaving the country. We reach broad agreement that this is one of the rare privacy versus national security debates in which there’s precious little privacy or national security at stake.

Matthew Heiman provides an overview of the remarkable international food fight over taxes on digital business. USTR is threatening big tariffs on French wine to counter France’s digital tax. Spain is apparently eager to join France in the fight. And the effort to work everything out at the OECD, where the EU has a 20-1 voting advantage over the US, has predictably not worked out well from the US point of view.

Cue the white cat: The United States has actually imposed sanctions on “Evil Corp.” Nick explains that this is part of criminal charges against two highly effective Russian bank hackers – and arguably a confession of weakness on the US government’s part.

Meanwhile, Amazon’s efforts to avoid tort liability for third-party sales on its site look to be suffering a long strategic defeat in the courts. The latest example is a Sixth Circuit ruling allowing plaintiffs to pursue product tort claims against the Internet giant.

I offer a quick update and some kind words for Nancy Pelosi, who is calling for modification of the North American free trade deal to drop the provision turning Section 230 of the Communications Decency Act into international law. This is a genuinely bipartisan complaint, so perhaps she’ll prevail.

Paul gets stuck explaining two dog-bites-man stories. The FBI says any Russian app could be a counterintelligence threat. What else could they say? And the European Commission, when asked what US regulation of encryption would mean for Europe, says more or less that it may have to move from eyebrow-lifting to throat-clearing.

And Nick closes the program with advice about the new Android exploit that works (in the right circumstances) to compromise apps running on a fully patched and up-to-date Android phone.


 

Download the 292nd Episode (mp3).

You can subscribe to The Cyberlaw Podcast using iTunes, Google Play, Spotify, Pocket Casts, or our RSS feed!

As always, The Cyberlaw Podcast is open to feedback. Be sure to engage with @stewartbaker on Twitter. Send your questions, comments, and suggestions for topics or interviewees to CyberlawPodcast@steptoe.com. Remember: If your suggested guest appears on the show, we will send you a highly coveted Cyberlaw Podcast mug!

 

The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.

Tags: Amazon, Android, California, CBP, China, Class Action, COPPA, DHS, digital tax, Evil Corp, facial recognition, FBI, FISA, France, Github, Great Cannon, Illinois, liability, Metadata, Microsoft, OECD, Pensacola, Sanctions, Section 215, Section 230, Sixth Circuit, Spain, TikTok, tort, USTR
Print:
Email this postTweet this postLike this postShare this post on LinkedIn
Related Posts
Episode 411: We Go To RSA So You Don’t Have To
June 13, 2022
Episode 405: Google’s Spamgate
May 2, 2022
Episode 404: Why Does Google Hate Mothers?
April 25, 2022
Photo of Stewart BakerStewart BakerPartner

Stewart Baker’s career has spanned national security and law. He served as General Counsel of the National Security Agency, Assistant Secretary for Policy at the…

Stewart Baker’s career has spanned national security and law. He served as General Counsel of the National Security Agency, Assistant Secretary for Policy at the Department of Homeland Security, and drafter of a report reforming the intelligence community after the Iraq War. His legal practice focuses on cyber security, CFIUS, export controls, government procurement, and immigration and regulation of international travel.

Show more Show less
Photo of Michael VatisMichael VatisPartner

Michael Vatis has spent most of his career addressing cutting edge issues at the intersection of law, policy, and technology. Michael’s practice focuses on Internet…

Michael Vatis has spent most of his career addressing cutting edge issues at the intersection of law, policy, and technology. Michael’s practice focuses on Internet, e-commerce, and technology matters, providing legal advice and strategic counsel on matters involving privacy, security, encryption, intelligence, law enforcement, Internet gambling, and international regulation of Internet content.

Show more Show less

About this Blog

Steptoe Cyberblog, with its sometimes contrasting insights, serves up opinionated and provocative thoughts on the issues — especially cybersecurity and privacy — that arise at the intersection of law, information technology, and security.

Read More....

Stay Connected

Twitter RSS LinkedIn

Topics

Archives

Recent Posts

  • Episode 419: Cyber Persistence
  • Episode 418: Dusty Old Industrial Policy Gets Dusted Off*
  • Episode 417: Cybersecurity’s First Crash Report
  • Episode 416: “The First Thing We Do, Let’s Hack All the Lawyers”
  • Episode 415: “And the Prize for Most Lawyer-Whipped Cyberforce on the Planet Goes to …”

Links

  • Deeplinks Blog
  • Hillicon Valley
  • Homeland Security Watch
  • Instapundit
  • PolicyBets
  • Privacy Lives
  • Tech Daily Dose
  • Tech Dirt
  • Technology Academic Policy (TAP) Blog
  • Technorati Media
  • The Volokh Conspiracy

Cyberblog

Steptoe & Johnson LLP

1330 Connecticut Avenue, NW
Washington DC 20036
Twitter RSS LinkedIn Technology Academic Policy (TAP) Blog Threat Level: Privacy, Crime and Security Online Deeplinks Blog Tech Daily Dose PolicyBets Hillicon Valley Homeland Security Watch The Volokh Conspiracy Technorati Media Tech Dirt Privacy Lives Instapundit
Privacy PolicyTerms of Use

About Steptoe

In more than 100 years of practice, Steptoe has earned an international reputation for vigorous representation of clients before governmental agencies, successful advocacy in litigation and arbitration, and creative and practical advice in structuring business transactions. Steptoe has more than 500 lawyers and other professional staff across offices in Beijing, Brussels, Chicago, Hong Kong, London, Los Angeles, New York, San Francisco, and Washington. For more information, visit www.steptoe.com.

Copyright © 2022, Steptoe & Johnson LLP. All Rights Reserved.
Law blog design & platform by LexBlog LexBlog Logo