Published by The Lawfare Institute
in Cooperation With
A special reminder that we will be doing episode 400 live on video and with audience participation on March 28, 2022 at noon Eastern daylight time. So mark your calendar and when the time comes, use this link to join the audience:
See you there!
For the third week in a row, we lead with cyber and Russia’s invasion of Ukraine. Paul Rosenzweig comments on the most surprising thing about social media’s decoupling from Russia—how enthusiastically the industry is pursuing the separation. Facebook is allowing Ukrainians to threaten violence against Russian leadership and removing or fact checking Russian government and media posts. Not satisfied with this, the EU wants Google to remove Russia Today and Sputnik from search results. I ask why the U.S. can’t take over Facebook and Twitter infrastructure to deliver the Voice of America to Facebook and Twitter users who’ve been cut off by their departure. Nobody likes that idea but me. Meanwhile, Paul notes that The Great Cyberwar that Wasn’t could still make an appearance, citing Ciaran Martin’s sober Lawfare piece.
David Kris tells us that Congress has, after a few false starts, finally passed a cyber incident reporting bill, notwithstanding the Justice Department’s over-the-top histrionics in opposition. I wonder if the bill, passed in haste due to the Ukraine conflict, should have had another round of edits, since it seems to lock in a leisurely reg-writing process that the Cybersecurity and Infrastructure Security Agency (CISA) can’t cut short.
Jane Bambauer and David unpack the first district court opinion considering the legal status of “geofence” warrants—where Google gradually releases more data about people whose phones were found near a crime scene when the crime was committed. It’s a long opinion by Judge M. Hannah Lauck, but none of us finds it satisfying. As is often true, Orin Kerr’s take is more persuasive than the court’s.
Next, Paul Rosenzweig digs into Biden’s cryptocurrency executive order. It’s not a nothingburger, he opines, but it is a process-burger, meaning that nothing will happen in the field for many months, but the interagency mill will begin to grind, and sooner or later will likely grind exceeding fine.
Jane and I draw lessons from WIRED’s “expose” on three wrongful arrests based on face recognition software, but not the “face recognition is Evil” lesson WIRED wanted us to draw. The arrests do reflect less than perfect policing, and are a wrenching view of what it’s like for an innocent man to face charges that aren’t true. But it’s unpersuasive to blame face recognition for mistakes that could have been avoided with a little more care by the cops.
David and I highly recommend Brian Krebs’s great series on what we can learn from leaked chat logs belonging to the Conti ransomware gang. What we learned from the Conti leaks. My favorite insight was the Conti member who said, when a company resisted paying to keep its files from being published, that “There is a journalist who will help intimidate them for 5 percent of the payout.” I suggest that our listeners crowdsource an effort to find journalists who might fit this description. It might not be hard; after all, how many journalists these days are breaking stories that dive deep into doxxed databases?
Paul and I spend a little more time than it deserves on an ICANN paper about ways to block Russia from the network. But I am inspired to suggest that the country code .su—presumably all that’s left of the Soviet Union—be permanently retired. I mean, really, does anyone respectable want it back?
Jane gives a lick and a promise to the Open App Markets bill coming out of the Senate Judiciary Committee. I alert the American Civil Liberties Union to a shocking porcine privacy invasion.
I discover that none of the other panelists is surprised that 15 percent of people have already had sex with a robot but all of them find the idea of falling in love with a robot preposterous.
You can subscribe to The Cyberlaw Podcast using iTunes, Google Play, Spotify, Pocket Casts, or our RSS feed. As always, The Cyberlaw Podcast is open to feedback. Be sure to engage with @stewartbaker on Twitter. Send your questions, comments, and suggestions for topics or interviewees to CyberlawPodcast@steptoe.com. Remember: If your suggested guest appears on the show, we will send you a highly coveted Cyberlaw Podcast mug!
The views expressed in this podcast are those of the speakers and do not reflect the opinions of their institutions, clients, friends, families, or pets.