On February 7, 2020, California Attorney General (AG) Xavier Becerra released a second version of draft regulations implementing and interpreting the California Consumer Privacy Act (CCPA). The second iteration of the Attorney General’s draft regulations contain numerous important changes from the initial draft, some of which are summarized in this alert. One of the most
The next trade war will be over transatlantic data flows, and it will make the fight with China look like a picnic. That’s the subject of this episode’s interview. The European Court of Justice is poised to go nuclear – to cut off US companies’ access to European customer data unless the US lets European courts and data protection agencies refashion its intelligence capabilities according to standards no European government has ever been required to meet. It is Europe in full neocolonial mode, but it has sailed below the radar, disguised as an abstruse European legal fight. Maury Shenk and I interview Peter Swire on the Schrems cases that look nearly certain to provoke a transatlantic trade and intelligence crisis. Actually, Maury interviews Peter, and I throw bombs into the conversation. But if ever there were a cyberlaw topic that deserves more bomb-throwing, this is it.
Nick Weaver and I debate Sens. Graham and Blumenthal’s EARN IT Act, a proposal to require that social media firms follow best practices on preventing child abuse. If they don’t, they won’t get full Section 230 immunity from liability for recklessly allowing the abuse. Nick thinks the idea is ill-conceived and doomed to fail. I think there’s a core of sense to the proposal, which simply asks that Silicon Valley firms who are reckless about child abuse on their networks pay for the social costs they’re imposing on society. Since the bill gives the attorney general authority to modify the best practices submitted by a commission of industry, academic, and civic representatives, critics are sure that the final product will reduce corporate incentives to offer end-to-end encryption.
This week’s episode includes an interview with Bruce Schneier about his recent op-ed on privacy. Bruce and I are both dubious about the current media trope that facial recognition technology was spawned by the Antichrist. He notes that what we are really worried about is a lot bigger than facial recognition and offers ways in which the law could address our deeper worry. I’m less optimistic about our ability to write or enforce laws designed to restrict use of information that gets cheaper to collect, to correlate, and to store every year. It’s a good, civilized exchange.
The apparent terror attack at Naval Air Station Pensacola spurs a debate among our panelists about whether the FISA Section 215 metadata program deserves to be killed, as Congress has increasingly signaled it intends to do. If the Pensacola attack involved multiple parties acting across US borders, still a live possibility as we talked, then it would be just about the first such attacks since 9/11 – and exactly the kind of attack the metadata program was designed to identify in advance.
Algorithms are at the heart of the Big Data/machine learning/AI changes that are propelling computerized decision-making. In their book, The Ethical Algorithm, Michael Kearns and Aaron Roth, two Computer Science professors at Penn, flag some of the social and ethical choices these changes are forcing upon us. My interview with them touches on many of the hot-button issues surrounding algorithmic decision-making. I disclose my views early: I suspect that much of the fuss over bias in machine learning is a way of smuggling racial and gender quotas and other academic social values into the algorithmic outputs. Michael and Aaron may not agree with that formulation, but the conversation provides a framework for testing it – and leaves me more skeptical about “bias hacking” of algorithmic outputs.
Brad Smith is President of Microsoft and author (with Carol Ann Browne) of Tools and Weapons: The Promise and Peril of the Digital Age. The book is a collection of vignettes of the tech policy battles in the last decade or so. Smith had a ringside seat for most of them, and he recounts what he learned in a compelling and good-natured way in the book – and in this episode’s interview. Starting with the Snowden disclosures and the emotional reaction of Silicon Valley, through the CLOUD Act, Brad Smith and Microsoft displayed a relatively even keel while trying to reflect the interests of its many stakeholders. In that effort, Smith makes the case for more international cooperation in regulating digital technology. Along the way, he discloses how the Cyberlaw Podcast’s own Nate Jones and Amy Hogan-Burney became “Namy,” achieving a fame and moniker inside Microsoft that only Brangelina has achieved in the wider world. Finally, he sums up Microsoft’s own journey in the last quarter century as a recognition that humility is a better long-term strategy than hubris.
Our interview is with Alex Joel, former Chief of the Office of Civil Liberties, Privacy, and Transparency at the Office of the Director of National Intelligence. Alex is now at the American University law school’s Tech, Law, and Security Program. We share stories about the difficulties of government startups and how the ODNI carved out a role for itself in the Intelligence Community (hint: It involved good lawyering). We dive pretty deep on recent FISA court opinions and the changes they forced in FBI procedures. In the course of that discussion, I realize that every “reform” of intelligence dreamed up by Congress in the last decade has turned out to be a self-licking compliance trap, and I take back some of my praise for the DNI’s lawyering.
Last week, California Attorney General Xavier Becerra released much anticipated regulations implementing and interpreting the California Consumer Privacy Act (CCPA). Given the Attorney General’s responsibility for enforcement and the many open questions surrounding the CCPA, even after another round of amendments were passed last month, businesses have been eagerly waiting for the draft regulations to…
Today’s episode opens with a truly disturbing bit of neocolonial judicial lawmaking from the Court of Justice of the European Union. The CJEU ruled that an Austrian court can order Facebook to take down statements about an Austrian politician. Called an “oaf” and a “fascist,” the politician more or less proved the truth of the accusations by suing to keep that and similar statements off Facebook worldwide. Trying to find allies for my proposal to adopt blocking legislation to protect the First Amendment from foreign government interference, I argue that President Trump should support such a law. After all, if he were ever to insult a European politician on Twitter, this ruling could lead to litigation that takes his Twitter account off the air. True, he could criticize the judges responsible for the judgment as “French” or “German” without upsetting CNN, but that would be cold comfort. At last, a legislative and international agenda for the Age of Trump!