Published by The Lawfare Institute
in Cooperation With
The episode features a vigorous and friendly debate between me and Frank Cilluffo over his Center’s report on active defense, titled “Into the Gray Zone.” It’s a long and detailed analysis by the Center for Homeland and Cyber Security at George Washington University. My fear: the report creates gray zones for computer defense that should not be seen as lawful—and turns far too many genuine gray zones black.
Maury Shenk returns after missing last week due to the British determination not to follow U.S. daylight savings practice. He updates us on challenges to the Privacy Shield Agreement in EU courts by privacy true believers (two and counting) and EU court challenges to government data practices in China, Russia, Algeria, and Saudi Arabia (none in evidence). Speaking of which, China has actually adopted the cybersecurity law it’s been threatening Western tech companies with for months, if not years.
Congress is starting to notice the FDA’s hapless response to medical device security. I predict that the FDA will not take serious notice until heart implants start tweeting: “I’d give this guy a cardiac arrest shock, but I’m too busy DDOSing the DNC.”
Michael Vatis tells us what’s in the FTC’s Business Guide to Data Breach Response. It’s pretty good, but even if it weren’t, no one can ignore it, since it’s as close to rulemaking as the FTC gets in this field.
A remarkable official leak says that U.S. Cyber Command has pwned Russia’s IT infrastructure from its power grid to its military command system and is ready to strike if the Russians mess with the U.S. election. Is it true? Clint Eastwood has the best answer.
As always, the Cyberlaw Podcast welcomes feedback. Send an email to CyberlawPodcast@steptoe.com or leave a message at +1 202 862 5785.
The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.