Steptoe Cyberlaw Podcast, Episode #27: An Interview with David Heyman

Our guest this week is David Heyman, who recently completed a tour as DHS’s Assistant Secretary for Policy (my old job).  David has had a long and productive career in homeland security, in government, and in the private sector.  We take a tour of DHS’s horizon, covering DHS’s impressive progress in cybersecurity implementation, the Quadrennial Homeland Security Review, the reasons Europe now seems less hostile to DHS’s mass data collection, even as it takes aim at NSA’s, and the challenges and successes of John Pistole’s TSA.

It was a surprisingly newsy week for NSA.  In part that’s because of news that didn’t break, as Glenn Greenwald, panting to disclose the individual Americans who have been targeted for surveillance, discovers that there really are some government secrets worth keeping – and pays the price in abuse from lib/left haters.  The Washington Post seems to have mined a similar dataset to tell us that there’s a lot of information in NSA’s stores about Americans with ties to foreign intelligence targets, but the paper’s claim that “9 out of 10” accounts in the database sure looks like a statistic chosen to scare more than educate. NSA Director Mike Rogers says that Snowden’s thefts can be managed.  The 7^th Circuit ruled that FISA intercepts can’t be routinely shown to defense counsel, even defense counsel with clearances.

And the early favorite for Dumbest NSA Story of the Month goes to Ellen Nakashima and Bart Gellman for revealing that NSA thinks it may have to gather foreign intelligence from (gasp!) pretty much every country in the world. In other breaking news, the Pope is still Catholic.

Finally, government reports triggered by Snowden continue to proliferate.  The PCLOB report largely supports the 702 program – and the PCLOB pays the price in abuse from lib/left haters. (We’ll invite David Medine to defend the report on next week’s program.) ODNI has its own transparency report on NSA intercepts, revealing a strikingly small number of targets, a report that generates abuse from, well, you know.

Microsoft’s fight with the US government over warrants for overseas data gets more support, this time in the form of European Commission press pronouncements.

Google reveals a bit more about how it’s applying the right to be forgotten, and the British press isn’t too happy. No word yet on Stewart’s “Does this search engine make me look fat?” request for the deletion of outdated and overweight photos.

This week in vindication for the Steptoe Cyberlaw podcast: NY’s cyberbullying law is struck down, fast enough to leave heads spinning.

The SEC has finally gotten off its duff and begun investigating network intrusions, but the only known investigation is of Target – probably the most predictable and also the lamest investigative target the SEC could have chosen.  Really, does anyone think that the problem with Target was a failure to disclose the intrusion?  Rather than piling on the already flattened retailer, one wonders why the SEC is not pushing for disclosure of intrusions that are likely to have a big competitive impact, such as ongoing foreign nation-state hacks on behalf of state-owned competitors?