The NSA metadata program that is set to expire in two weeks was designed to provide early warning of a terror attack planned in a foreign safe haven and carried out inside the United States.  Those are some of the most deadly terror attacks we’ve seen, from 9/11 to Mumbai.  And now Paris.

So should the United States be terminating the 215 program just as the Paris attacks show why it was created?  That’s the question I ask in Episode 89 of the podcast as we watch the DC circuit cut short Judge Leon’s undignified race to give the program one last kick before it’s terminated. 
Continue Reading Steptoe Cyberlaw Podcast – Interview with Mark Shuttleworth

What good is CISA, anyway?

Now that both the House and Senate have passed information sharing bills that are strikingly similar but not identical, the prospects for a change in the law are good.  But what changes, and how much difference will they make to network defenders?  That’s the topic we explore in episode 87 with our guest, Ari Schwartz.  Ari has just finished a tour as senior director for cybersecurity on the United States National Security Council Staff at the White House.  He and I and Alan Cohn go deep into the weeds so you won’t have to.  Our conclusion?  The main value of the bill is that it frees some companies from aging privacy rules that prevented information sharing with groups that include the government.  It also enables companies to monitor their networks without fear of liability under even older privacy laws preventing interception of communications without all parties’ consent.  The other lesson to be drawn from the bill is that privacy groups are still something of a paper tiger without business support.  More than seventy senators voted for CISA over the bleeding bodies of every privacy group in the country. 
Continue Reading Steptoe Cyberlaw Podcast – Interview with Ari Schwartz

Want to see cyber attribution and deterrence in action? In August, a hacker pulled the names of US military personnel and others out of a corporate network and passed them to ISIL. British jihadist Junaid Hussain exulted when ISIL released the names. “They have us on their ‘hit list,’ and we have them on ours too…,” he tweeted. On the whole, I’d rather be on theirs. Two weeks after his tweet, Hussain was killed in a US airstrike, and two months after that, the hacker was arrested in Malaysia (subscription required) on a US warrant.

We explore that story and more with Gen. Michael Hayden, the only person to serve as both Director of the National Security Agency and of the Central Intelligence Agency. Gen. Hayden explains why he differs with FBI director Comey on encryption and with the European Court of Justice on whether the US sufficiently respects privacy rights, along with other topics.


Continue Reading Steptoe Cyberlaw Podcast – Interview with Gen. Michael Hayden

In episode 84 our guest is Jack Goldsmith, Professor at Harvard Law School, a Senior Fellow at the Hoover Institution at Stanford University, and co-founder of the Lawfare blog.  Before coming to Harvard, he served as Assistant Attorney General, Office of Legal Counsel and Special Counsel to the Department of Defense.  From cyberespionage to the right to be forgotten and the end of the Safe Harbor, we explore the many ways in which a globalized economy has tied the US government’s hands in cybersecurity matters – and subjected the United States to extensive extraterritorial “soft power” at the hands of Europeans.

In the news roundup, the headline news is the continuing fallout from the ECJ’s attack on the Safe Harbor.  Michael Vatis and Maury Shenk bring us up to date.  Jason Weinstein explains why the latest convicted hacker thinks he should be a civil liberties hero/victim – and how weev has found yet another outlet for his bitterness at DOJ.
Continue Reading Steptoe Cyberlaw Podcast – Interview with Jack Goldsmith

Episode 81 features China in the Bull Shop, as the White House prepares for President Xi’s visit and what could be ugly talks on cyber issues.  Our guest commentator, Margie Gilbert, is a network security professional with service at NSA, CIA, ODNI, Congress, and the NSC.  Now at Team Cymru, she’s able to offer a career’s worth of perspective on how three Presidents have tried to remedy the country’s unpreparedness for network intrusions.

In the news roundup, there’s a high likelihood that President Obama will be accusing and Xi will be denying China’s role in cyberespionage.  You might say it’s a “he said, Xi said” issue.  Alan Cohn and I debate whether the US should settle for a “no first use” assurance to protect critical infrastructure in peacetime.  
Continue Reading Steptoe Cyberlaw Podcast – Interview with Margie Gilbert

The cyberlaw podcast is back from hiatus with a bang.  Our guest is Peter Singer, author of Ghost Fleet, a Tom Clancy-esque thriller designed to illustrate the author’s policy and military chops.  The book features a military conflict with China that uses all the weapons the United States and China are likely to

Episode 76 of the podcast features the power couple of privacy and cybersecurity, Peter Swire and Annie Antón, both professors at Georgia Institute of Technology.  I question them on topics from the USA FREEDOM Act to the enduring gulf between writing law and writing code.

In the news roundup, as our listeners have come

Podcast 69
Jason Brown and Jason Weinstein

Our guest for Episode 69 is Jason Brown, the Assistant to the Special Agent in Charge of the Cyber Intelligence Section at the US Secret Service.  We talk about the Secret Service’s Electronic Crimes Task Forces and their critical role in investigating data breaches affecting financial

Our guests for Episode 68 include Julian Sanchez, senior fellow at the CATO Institute where he studies issues at the busy intersection of technology, privacy, and civil liberties, with a particular focus on national security and intelligence surveillance. They also include the entire May meeting of ISSA- NOVA, which kindly invited the Cyberlaw