Brad Smith is President of Microsoft and author (with Carol Ann Browne) of Tools and Weapons: The Promise and Peril of the Digital Age. The book is a collection of vignettes of the tech policy battles in the last decade or so. Smith had a ringside seat for most of them, and he recounts what he learned in a compelling and good-natured way in the book – and in this episode’s interview. Starting with the Snowden disclosures and the emotional reaction of Silicon Valley, through the CLOUD Act, Brad Smith and Microsoft displayed a relatively even keel while trying to reflect the interests of its many stakeholders. In that effort, Smith makes the case for more international cooperation in regulating digital technology. Along the way, he discloses how the Cyberlaw Podcast’s own Nate Jones and Amy Hogan-Burney became “Namy,” achieving a fame and moniker inside Microsoft that only Brangelina has achieved in the wider world. Finally, he sums up Microsoft’s own journey in the last quarter century as a recognition that humility is a better long-term strategy than hubris.


Continue Reading Episode 289: Brad Smith on Microsoft’s Journey from Hubris to Humility

This Week in Mistrusting Google: Klon Kitchen points to a Wall Street Journal story about all the ways Google tweaks its search engine to yield results that look machine-made but aren’t. He and I agree that most of these tweaks have understandable justifications – but you have to trust Google not to misuse them. And increasingly no one does. The same goes for Google’s foray into amassing and organizing health data on millions of Americans. It’s a nothing-burger with mayo, unless you mistrust Google. Since mistrusting Google is a growth industry, it’s getting a lot of attention, including from HHS investigators. Matthew Heiman explains, and when he’s done, my money is on Google surviving that investigation comfortably. The capital of mistrusting Google is Brussels, and not surprisingly, Maury Shenk tells us that the EU has forced Google to modify its advertising protocols to exclude data on health-related sites visited by its customers.


Continue Reading Episode 288: Mistrusting Google

Our interview is with Alex Joel, former Chief of the Office of Civil Liberties, Privacy, and Transparency at the Office of the Director of National Intelligence. Alex is now at the American University law school’s Tech, Law, and Security Program. We share stories about the difficulties of government startups and how the ODNI carved out a role for itself in the Intelligence Community (hint: It involved good lawyering). We dive pretty deep on recent FISA court opinions and the changes they forced in FBI procedures. In the course of that discussion, I realize that every “reform” of intelligence dreamed up by Congress in the last decade has turned out to be a self-licking compliance trap, and I take back some of my praise for the DNI’s lawyering.


Continue Reading Episode 283: Is intelligence “reform” a self-licking ice cream cone and compliance trap?

Last week, California Attorney General Xavier Becerra released much anticipated regulations implementing and interpreting the California Consumer Privacy Act (CCPA). Given the Attorney General’s responsibility for enforcement and the many open questions surrounding the CCPA, even after another round of amendments were passed last month, businesses have been eagerly waiting for the draft regulations to

Our interview is with Sultan Meghji, CEO of Neocova. We cover the large Chinese investment in quantum technology and what it means for the United States. It’s possible that Chinese physicists are even better than American physicists at extracting funding from their government. Indeed, it looks as though some quantum tech, such as the use of entangled particles to identify eavesdropping, may turn out to have dubious military value. But not all. Sultan thinks the threat of special purpose quantum computing to break encryption poses a real, near-term threat to US financial institutions’ security.


Continue Reading Episode 282: Has China opened a quantum hype lead over the US?

Joel Trachtman thinks it’s a near certainty that the WTO agreements will complicate US efforts to head off an IoT cybersecurity meltdown, and there’s a real possibility that a US cybersecurity regime could be held to violate our international trade obligations. Claire Schachter and I dig into the details of the looming

We recently published a client alert on the California Consumer Privacy Act. From the alert:

When California lawmakers hastily enacted the California Consumer Privacy Act (CCPA) in June 2018, few expected the law — voted on after only a few days’ deliberation — to remain unamended. And, indeed, the law was first amended just a

Have the Chinese hired American lawyers to vet their cyberespionage tactics – or just someone who cares about opsec? Probably the latter, and if you’re wondering why China would suddenly care about opsec, look no further than Supermicro’s announcement that it will be leaving China after a Bloomberg story claiming that the company’s