Skip to content

Email Jack

Posts by Jack Goldsmith

Jack Goldsmith is the Henry L. Shattuck Professor at Harvard Law School, where he teaches and writes about national security law, presidential power, cybersecurity, international law, internet law, foreign relations law, and conflict of laws. Before coming to Harvard, Professor Goldsmith served as Assistant Attorney General, Office of Legal Counsel from 2003–2004, and Special Counsel to the Department of Defense from 2002–2003. Professor Goldsmith is a member of the Hoover Institution Task Force on National Security and Law. Full bio »

Thoughts on White House Statement on Cyber Vulnerabilities

By
Monday, April 28, 2014 at 9:58 PM

As Ritika noted, White House Cybersecurity Coordinator Michael Daniel today announced some aspects of the government’s policy on disclosing cyber vulnerabilities.  (David Sanger’s NYT story on Daniel’s statement has good background and analysis.)  I think Daniel’s statement is an admirable one that explains what is at stake here and gives the public guidance on how the . . .
Read more »

Supreme Court Grants Cert. in Zivotofsky

By
Monday, April 21, 2014 at 3:43 PM

The Supreme Court granted cert. today in Zivotofsky v. Clinton.  In that case the D.C. Circuit, on remand from the Supreme Court, held that Section 214(d) of the 2003 Foreign Relations Authorization Act, which requires the Secretary of State to record “Israel” as the place of birth on a U.S. citizen’s passport, is an unconstitutional intrusion on . . .
Read more »

Did President Obama Accept Recommendation 30?

By
Saturday, April 19, 2014 at 5:22 AM

Richard Clarke and Peter Swire, two of the five members of the President’s Intelligence Review Group, argue at The Daily Beast that the NSA should rarely keep (as opposed to disclose, and allow patching of) software vulnerabilities, and that those rare circumstances should be decided in the White House rather than NSA.  The argument basically repeats . . .
Read more »

Bellovin, Blaze, Clark, and Landau on Law Enforcement, CALEA, and Software Vulnerabilities

By
Friday, April 18, 2014 at 7:18 AM

Steve Bellovin, Matt Blaze, Sandy Clark, Susan Landau have two papers relevant to our recent discussion (here, here, and here) about the proper use of vulnerabilities in national security and law enforcement.  Last year they argued that instead of expanding CALEA to Internet-based communications, creating security risks for everyone, the FBI could use zero-day exploits to wiretap.  . . .
Read more »

More on USG Policy on Cyber Vulnerabilities

By
Saturday, April 12, 2014 at 9:04 PM

This morning I wondered why the USG could not say more about its policy (assuming it had one) on stockpiling v. revealing computer software vulnerabilities.  Today two senior administration officials told David Sanger of the NYT that President Obama decided in January that “when the National Security Agency discovers major flaws in Internet security, it . . .
Read more »

Cyber Paradox: Every Offensive Weapon is a (Potential) Chink in Our Defense — and Vice Versa

By
Saturday, April 12, 2014 at 7:37 AM

As Ben notes, the USG denied a Bloomberg News report that the “U.S. National Security Agency knew for at least two years about a flaw in the way that many websites send sensitive information, now dubbed the Heartbleed bug, and regularly used it to gather critical intelligence.”  The NYT story on this denial says: James A. Lewis, . . .
Read more »

Thoughts on USG Candor to China on Cyber

By
Tuesday, April 8, 2014 at 7:36 AM

Paul is skeptical about the USG’s unilateral briefing to Chinese officials on some of its cyber operations and doctrines that David Sanger discloses in the NYT.  He argues that China is unlikely to reciprocate, he doubts the usefulness of the unilateral disclosure, and he wonders why the USG does not share the information with the American public.  I . . .
Read more »

Three Speeches on Cybersecurity by Dan Geer

By
Thursday, April 3, 2014 at 3:00 PM

Cyber security maven Dan Geer has given three speeches in the last six months that are worth a read: (a) APT in a World of Rising Interdependence, given last month at the NSA; (b) We Are All Intelligence Officers Now, given at the RSA Conference in February; and (c) Trends in Cyber Security, given at NRO last November. . . .
Read more »

Mirski on Recent ATS Case

By
Thursday, April 3, 2014 at 11:44 AM

Sean Mirski, a Lawfare contributor, has a case note in the Harvard Law Review on the Second Circuit’s important post-Kiobel decision in Balintulo v. Daimler AG.  That decision, as we noted at the time, held that Kiobel  barred ATS suits based on conduct occurring abroad, even those against U.S. defendants.   Sean argues that the Second Circuit read Kiobel more broadly than the Supreme Court’s . . .
Read more »

James Risen Needs to Read the NYT

By
Wednesday, March 26, 2014 at 9:42 AM

Andrew Beaujon at Poynter reports that at last week’s Sources and Secrets conference, NYT reporter James Risen, who is fighting a subpoena for information in the Jeffrey Sterling trial, made these remarks: 1)     The Obama administration is “the greatest enemy of press freedom that we have encountered in at least a generation.” 2)     The administration . . .
Read more »

The NYT on NSA’s Huawei Penetration [UPDATED]

By
Saturday, March 22, 2014 at 8:41 PM

David Sanger and Nicole Perlroth report about how the NSA has successfully placed backdoors into the networks of the Chinese Telecommunications giant Huawei for purposes of (a) discerning Huawei’s links to the People’s Liberation Army and (b) preparing for offensive operations in third countries.   It also has some detail (apparently based on leaks other than . . .
Read more »

The Precedential Value of the Kosovo Non-Precedent Precedent for Crimea

By
Monday, March 17, 2014 at 10:00 AM

When the Obama administration invoked the 1999 Kosovo intervention as a precedent in the run-up to the planned Syria invasion, I wrote a post that argued that Kosovo was not a precedent for lawful international action.  The Kosovo intervention violated the U.N. Charter, but the West was less concerned with that fact than with limiting the intervention’s . . .
Read more »

The SSCI Fracas and the CIA’s Duty to Make Criminal Referrals to DOJ

By
Thursday, March 13, 2014 at 4:47 PM

Ken Dilanian has a story on Acting CIA General Counsel Robert Eatinger (whom Caroline Krass, just confirmed, will succeed.)  Eatinger is at the center of the fracas between CIA and SCCI because he sent a criminal referral to DOJ related to the SSCI’s staff’s acquisition of the so-called “Panetta Review,” and because Senator Feinstein essentially accused him of . . .
Read more »

Susan Landau on Making Sense of Snowden, Part II

By
Friday, March 7, 2014 at 7:47 AM

Susan Landau has a  follow-up to her earlier piece on the significance of Snowden’s revelations.   This piece focuses on “collection of stored meta-data, surveillance of communications content, and security hacks.”

What is the Point of the New Drone Targeting Rules?

By
Friday, February 28, 2014 at 8:33 AM

Another tidbit from the NYT story Ben just flagged: It is unclear what Mr. Obama’s position is on whether Mr. Shami should be targeted.  American officials said that as part of the new rules ordered by Mr. Obama, the Pentagon, rather than the C.I.A., is supposed to carry out any lethal strike against an American . . .
Read more »

Lederman on Secrecy, Nonacknowledgement, and Yemen

By
Wednesday, February 26, 2014 at 6:15 AM

Marty Lederman has a long post picking apart the errors in last week’s AP story on last December’s drone strike in Yemen.  Along the way he carefully parses the covert action statute, and has interesting things to say about the relationship between secrecy and non-acknowledgment, and how those concepts apply to CIA and DOD.  A . . .
Read more »

What is the Domestic Legal Basis for Planned Cyberattacks in Syria?

By
Tuesday, February 25, 2014 at 8:12 AM

David Sanger reports that the Pentagon and the NSA planned a sophisticated cyberattack aimed at “the Syrian military and President Bashar al-Assad’s command structure” that “would essentially turn the lights out for Assad.” He also reports that President Obama declined to go forward with the attacks then or since because of uncertainty about the proper role of offensive . . .
Read more »

Bruce Schneier on NSA v. Private Meta-Data Storage

By
Friday, February 14, 2014 at 4:18 PM

In December I said this about the Presidential Review Group’s recommendation to transfer meta-data from NSA to private control: “I understand the Report’s concerns about the storage of bulk meta-data by the government.  But I do not understand the Report’s implicit assumption that the storage of bulk meta-data by private entities is an improvement from the perspective . . .
Read more »

The ISIS Expulsion and the AUMF

By
Tuesday, February 11, 2014 at 7:39 AM

Karen DeYoung and Greg Miller report in the WP that Al-Qaeda’s recent expulsion of the Islamic State of Iraq and Syria (ISIS) has raised questions about whether the AUMF “still applies” to ISIS.  “According to some administration lawyers and intelligence officials,” they report, “the expulsion of ISIS removes the group from the short list of . . .
Read more »

Reactions to Stories on Possible New U.S. Citizen Strike

By
Tuesday, February 11, 2014 at 7:18 AM

Some thoughts on this morning’s drone strike news (NYT, WSJ). The NYT says that President Obama’s announcement last May of an intention “to gradually shift drone operations from the C.I.A. to the Pentagon” was designed in part “to make them more transparent.”  The theory, I think, was that CIA strikes are covert and cannot be . . .
Read more »