Cybersecurity and Cyberwar

Jordan Schneider rejoins us after too long an absence to summarize the tech policy coming out of Beijing today: Any Chinese government agency with a beef against a tech company has carte blanche to at least try it out. From Didi and others being told to stop taking on subscribers to an end to

The district court has ruled in the lawsuit between Epic and Apple over access to the Apple app store. Apple is claiming victory and Epic is appealing. But Apple’s victory is not complete, and may have a worm at its core. Jamil Jaffer explains.

Surprised that ransomware gangs REvil and Groove are back –

The Biden administration’s effort to counter ransomware may not be especially creative, but it is comprehensive. The administration is pushing all the standard buttons on the interagency dashboard, including the usual high-level task force and a $10 million reward program (but not including hackback authority for victims, despite headlines suggesting otherwise. And all the

We begin the episode with the Biden administration’s options for responding to continued Russian ransomware outrages. Dmitri Alperovitch reprises his advice in the Washington Post that Putin will only respond to strength and U.S. pressure. I agree but raise the question whether the U.S. has the tools to enforce another set of alleged red

Ransomware attacks have been soaring in frequency and severity, affecting companies, government agencies, and nonprofits and leading to larger and larger ransom demands as a condition for unlocking the victim’s information systems. On June 30, 2021, the New York State Department of Financial Services (NYDFS) issued guidance on how potential victims can minimize the risk

On July 7, 2021, Gov. Jared Polis signed into law the Colorado Privacy Act (CPA), which will go into effect on July 1, 2023. Like California’s and Virginia’s data privacy laws, the CPA aims to provide consumers with greater control over their data and enhanced transparency with respect to how their data is used. However,

We begin the episode with a review of the massive Kaseya ransomware attack.

Dave Aitel digs into the technical aspects while Paul Rosenzweig and Matthew Heiman explore the policy and political But either way, the news is bad.

Then we come to the Florida ‘deplatforming’ law, which a Clinton appointee dispatched in a cursory

We couldn’t avoid President Biden’s trip to Europe this week. He made news (but only a little progress) on cybersecurity at every stop. Nick Weaver and I dig into the President’s consultations with Vladimir Putin, which featured veiled threats and a modest agreement on some sort of continuing consultations on protecting critical infrastructure.

Jordan

Just as retail stores, bars, restaurants, and entertainment venues in New York City have been authorized to relax COVID restrictions, they will soon have to confront a new set of requirements—this time focused on their collection of customers’ biometric information. On July 9, 2021, New York City’s new law addressing the collection and use of

Paul Rosenzweig lays out the much more careful, well-written, and a policy catastrophe in the making. The main problem? It tries to turn one of the most divisive issues in American life into a problem to be solved by technology. Apparently because that has worked so well in areas like content suppression. In fact,