Steptoe Cyberlaw Podcast: Thigh-High Boots and Defense Dominance

Stewart Baker
Tuesday, February 7, 2017, 5:17 PM

Our guest for episode 149 of the podcast is Jason Healey, whose Atlantic Council paper, “A Nonstate Strategy for Saving Cyberspace,” advocates for an explicit bias toward cyber defense and the private sector. He responds well to my skeptical questioning, and even my suggestion that his vision of “defense dominance” would be more marketable if paired with thigh-high leather boots and a bull whip. #50ShadesofCyber.

Published by The Lawfare Institute
in Cooperation With
Brookings

Our guest for episode 149 of the podcast is Jason Healey, whose Atlantic Council paper, “A Nonstate Strategy for Saving Cyberspace,” advocates for an explicit bias toward cyber defense and the private sector. He responds well to my skeptical questioning, and even my suggestion that his vision of “defense dominance” would be more marketable if paired with thigh-high leather boots and a bull whip. #50ShadesofCyber.

In the news roundup, we experiment with, uh, actual legal discussion. The Microsoft Ireland case has company; Google recently lost a similar argument before a magistrate judge – maybe because it couldn’t say where the data it wanted to protect from disclosure actually was. Michael Vatis explains.

Meredith Rathbone and I take a victory lap over CNN and its reporters, noting that if they’d listened to the podcast, they’d have known a month early that US sanctions had unexpectedly prevented US companies from filing license applications with Russian intelligence agencies – and that allowing companies to make such filings wasn’t an opportunity for hyperventilating about President Trump’s bromance with Putin.

Michael and I also deconstruct Supreme Court nominee Neil Gorsuch’s opinion in US v. Ackerman. The opinion calmly and clearly puts a hole below the waterline in a longstanding approach to collecting evidence in child porn cases. If this case gives a clue to his jurisprudence, it seems unlikely that a Justice Gorsuch will be a pushover for government arguments.

Can American companies sue governments that hack them in the US? I hope so, but that depends on whether the Foreign Sovereign Immunities Act provides protection for malware sent from abroad that does its damage here. In an unlikely-bedfellows moment, I’m depending on EFF to make that argument to the DC Circuit.

And, to follow up on two stories we covered earlier, Brexit authority slips quickly through the House of Commons, while Google’s penny-pinching settlement of a massive “wiretapping” class action is approved over objections to the cy pres payments to the usual NGOs.

As always, the Cyberlaw Podcast welcomes feedback. Send an email to CyberlawPodcast@steptoe.com or leave a message at +1 202 862 5785.

Download the 149th episode (mp3).

Subscribe to the Cyberlaw Podcast here. We are also on iTunes, Pocket Casts, and Google Play (available for Android and Google Chrome)!

The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm


Stewart A. Baker is a partner in the Washington office of Steptoe & Johnson LLP. He returned to the firm following 3½ years at the Department of Homeland Security as its first Assistant Secretary for Policy. He earlier served as general counsel of the National Security Agency.

Subscribe to Lawfare