Our interview this week is with Hon. Michael Chertoff, my former boss at Homeland Security and newly minted author of Exploding Data: Reclaiming Our Cyber Security in the Digital Age. The conversation – and the book – is wide ranging and shows how much his views on privacy, data, and government have evolved in… Continue Reading
Tag Archives: data privacy
Episode 224 with Duncan Hollis: Do we need an international “potluck” cyber coalition?
Posted in China, Data Breach, International, Privacy RegulationI interview Duncan Hollis, another Steptoe alumnus patrolling the intersection of international law and cybersecurity. With Matt Waxman, Duncan has written an essay on why the US should make the Proliferation Security Initiative a model for international rulemaking for cybersecurity. Since “coalition of the willing” was already taken, we settle on “potluck policy” as shorthand… Continue Reading
Belgium Publishes Draft Law Implementing GDPR
Posted in International, Privacy RegulationOn June 12, Belgium’s Parliament published a draft law on the “protection of natural persons with regard to processing of personal data.” The draft – comprising 280 Articles – has three objectives: Legislate so-called “open clauses” of the General Data Protection Regulation, i. e. those clauses in the Regulation where EU Member States are free to… Continue Reading
The Cyberlaw Podcast — News Roundup
Posted in China, Cybersecurity and Cyberwar, Privacy Regulation, Russia214: Dumbest privacy issue of the decade? This episode features a new technology-and-privacy flap. The police finally catch a sadistic serial killer, and the press can’t stop whining about DNA privacy. I argue that DNA privacy is in the running for Dumbest Privacy Issue of the Decade. Because privacy is all about making sure the police can’t… Continue Reading
The Cyberlaw Podcast – Interview with Pete Chronis
Posted in China, Privacy Regulation, Virtual CurrencyEpisode 208: Washington’s one-minute hate for Silicon Valley All of Washington is mad at Silicon Valley these days, as our news roundup reveals. Dems and the media have moved on from blaming Hillary Clinton’s loss on Vladimir Putin; now they’re blaming Facebook and Cambridge Analytica. Gus Hurwitz and I have doubts about the claims of… Continue Reading
The Cyberlaw Podcast – Interview with Glenn Gerstell
Posted in Privacy Regulation, Security Programs & PoliciesEpisode 203: Interview with Glenn Gerstell This episode consists of Jamil Jaffer and I interviewing Glenn Gerstell, the General Counsel of the National Security Agency. Glenn explains what it was like on the inside of the effort to reauthorize section 702 of FISA. Jamil and I ask him whether the FISA court has the authority to deal… Continue Reading
The Cyberlaw Podcast – News Roundup
Posted in Privacy Regulation, Security Programs & PoliciesEpisode 199: Untold stories of the 702 reauthorization In this guestless episode, Michael Vatis, Markham Erickson, and Nick Weaver join me to roundup the news. I explore the final results of the intense jockeying that led to passage of S. 139, which gave section 702 of FISA a new lease on life. The administration did well, weathering… Continue Reading
The Cyberlaw Podcast — Interview with Susan Hennessey and Andrew McCarthy
Posted in China, Cybersecurity and Cyberwar, Security Programs & PoliciesInterview with Susan Hennessey and Andrew McCarthy Episode 195 features an interview with Susan Hennessey of Lawfare and Andrew McCarthy of the National Review. They walk us through the “unmasking” of US identities in intelligence reports — one of the most divisive partisan issues likely to come up in the re-enactment of section 702 of… Continue Reading
Steptoe Cyberlaw Podcast — News Roundup with Julian Sanchez and Gus Hurwitz
Posted in Cybersecurity and Cyberwar, International, Privacy RegulationEpisode 160: News Roundup with Julian Sanchez and Gus Hurwitz This week the podcast features an extended news roundup with two guest commentators – Julian Sanchez of the Cato Institute and Gus Hurwitz of Nebraska Law School. We talk about the latest, mostly overhyped, Shadowbrokers dump, and whether Google Translate can be taught to render… Continue Reading
Steptoe Cyberlaw Podcast – Interview with Nicholas Weaver
Posted in Data Breach, International, Privacy RegulationEpisode 159: Interview with Nicholas Weaver Our guest interview is with Nick Weaver, of Berkeley’s International Computer Science Institute. It covers the latest dumps of hacker tools, the vulnerability equities process, the so-bad-you-want-to-cover-your-eyes story of Juniper and the Dual_EC hacks, and ends with a tour of recent computer security disasters, from the capture of a… Continue Reading
Steptoe Cyberlaw Podcast – News Roundup with Paul Rosenzweig
Posted in Cybersecurity and Cyberwar, International, Security Programs & PoliciesEpisode 152: “Alexa, do you have first amendment rights?” Our guest for episode 152 is Paul Rosenzweig, and we tour the horizon with him. In the news roundup, Stephanie Roy outlines the deregulatory tangle around ISPs, privacy, security, and the FCC. Maury Shenk briefs us on the European legislation authorizing the quashing of terrorist advocacy… Continue Reading
An EU General Data Protection Guide for the Insurance and Financial Services Sector
Posted in International, Privacy RegulationTo help prepare for the application of the European regulation on the protection of individuals with regard to the processing of personal data and on the free movement (the EU General Data Protection Regulation or GDPR), which will enter into force on May 25, 2018, Guy Soussan, Philip Woolfson, and I authored a commentary on the GDPR… Continue Reading
Steptoe Cyberlaw Podcast – News Round-Up
Posted in Cybersecurity and Cyberwar, International, Privacy Regulation, Security Programs & PoliciesThis week’s news roundup is dominated by the Ninth Circuit and the European Union. The EU parliament has approved the Privacy Shield that replaces the Safe Harbor. Michael Vatis, Alan Cohn and I ask whether companies should seek protection under what may prove to be a pretty leaky Shield. And the EU has approved cybersecurity… Continue Reading
Steptoe Cyberlaw Podcast – Interview with Orin Kerr
Posted in Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & PoliciesDoes the FISA court perform a recognizably judicial function when it reviews 702 minimization procedures for compliance with the fourth amendment? Our guest for episode 115 is Orin Kerr, GWU professor and all-round computer crime guru, and Orin and I spend a good part of the interview puzzling over Congress’s mandate that the FISA court… Continue Reading
Steptoe Cyberlaw Podcast – Interview with General Hayden
Posted in China, Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies, Virtual CurrencyOur guest for episode 114 is General Michael Hayden, former director of the NSA and CIA; he also confirms that he personally wrote every word of his fine book, Playing to the Edge: American Intelligence in the Age of Terror. In a sweeping interview, we cover everything from Jim Comey’s performance at the AG’s hospital… Continue Reading
Steptoe Cyberlaw Podcast – Interview with Patrick Henry, Dan Kaminsky, Kiran Raj, and Dr. Zulfikar Ramzan
Posted in China, Cybersecurity and Cyberwar, International, Privacy Regulation, Security Programs & PoliciesNo holds are barred as a freewheeling panel of cryptographers and security pros duke it out with me and the Justice Department over going dark, exceptional access, and the Apple-FBI conflict. Among the combatants: Patrick Henry, a notable cryptographer with experience at GCHQ, NSA, and the private sector; Dan Kaminsky, the Chief Scientist at White Ops;… Continue Reading
Second Annual Triple Entente Beer Summit
Posted in Cybersecurity and Cyberwar, Data Breach, Privacy Regulation, Security Programs & PoliciesNext Thursday, February 18, from 6:00 pm – 9:00 pm, Alan Cohn and I will be speaking at the “2016 Triple Entente Beer Summit” at the Old Engine 12 Firehouse Restaurant (1626 North Capitol Street Northwest, Washington, DC). This will be the second annual live recording of the three podcasts – Steptoe Cyberlaw Podcast, Lawfare Podcast, and Rational… Continue Reading
Steptoe Cyberlaw Podcast – Interview with Jason Healey
Posted in China, Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & PoliciesIs the internet really worth it? Our guest for episode 91, Jason Healey of the Atlantic Council and Columbia University, recaps a study finding that, even with a worst-case Clockwork Orange Internet, the economic benefits of networking still outweigh the losses from security failures – though the closer we get to the worst case, the… Continue Reading
Steptoe Cyberlaw Podcast – Interview with Ari Schwartz
Posted in Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & PoliciesWhat good is CISA, anyway? Now that both the House and Senate have passed information sharing bills that are strikingly similar but not identical, the prospects for a change in the law are good. But what changes, and how much difference will they make to network defenders? That’s the topic we explore in episode 87… Continue Reading
Steptoe Cyberlaw Podcast – Interview with Mikko Hypponen
Posted in China, Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & PoliciesAre Russian hacker-spies a bunch of lethargic government drones more interested in smash-and-grabs than stealth? That’s one of the questions we pose to Mikko Hypponen in episode 86 (right after we ask about how to pronounce his name; turns out, that’s harder than you think). Mikko is the Chief Research Officer at F-Secure and a… Continue Reading
Steptoe Cyberlaw Podcast – Interview with Jason Brown
Posted in Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & PoliciesOur guest for Episode 69 is Jason Brown, the Assistant to the Special Agent in Charge of the Cyber Intelligence Section at the US Secret Service. We talk about the Secret Service’s Electronic Crimes Task Forces and their critical role in investigating data breaches affecting financial institutions, retailers and other companies. We also discuss how… Continue Reading
Triple Entente Beer Summit
Posted in Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & PoliciesI hope you will join us on Thursday, May 7 from 6:00 pm – 9:00 pm for the “Triple Entente Beer Summit” at The Washington Firehouse (1626 North Capitol Street Northwest, Washington, DC). This live recording of the three podcasts – Steptoe Cyberlaw Podcast, Lawfare Podcast, and Rational Security – will be your chance to meet… Continue Reading
Steptoe Cyberlaw Podcast – Interview with Mike Rogers
Posted in China, Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & PoliciesThis episode of the podcast features Rep. Mike Rogers, former chairman of the House intelligence committee, Doug Kantor, our expert on all things cyber in Congress, and Maury Shenk, calling in from London. Mike Rogers is now a nationally syndicated radio host on Westwood One, a CNN national security commentator, and an adviser to Trident… Continue Reading
Steptoe Cyberlaw Podcast – Interview with Nuala O’Connor
Posted in Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & PoliciesIn Episode 55 of the Cyberlaw Podcast, we revive This Week in NSA to explore the claim that GCHQ stole mass quantities of cell phone encryption keys. Meanwhile, Jason explains the complex political battles over Rule 41, Michael explains why so many companies have rallied to Twitter’s first amendment claim against the Justice Department, and… Continue Reading