The next trade war will be over transatlantic data flows, and it will make the fight with China look like a picnic. That’s the subject of this episode’s interview. The European Court of Justice is poised to go nuclear – to cut off US companies’ access to European customer data unless the US lets European courts and data protection agencies refashion its intelligence capabilities according to standards no European government has ever been required to meet. Maury Shenk and I interview Peter Swire on the Schrems cases that look nearly certain to provoke a transatlantic trade and intelligence crisis. Actually, Maury interviews Peter, and I throw bombs into the conversation. But if ever there were a cyberlaw topic that deserves more bomb-throwing, this is it.
If you’re wondering whether more cybersecurity regulation is what the country needs, you should be paying attention to the Pentagon, which has embraced cybersecurity regulation for its contractors. Matthew Heiman reports that DOD isn’t finding the path easy. DOD has released its final cybersecurity plan for contractors, but the audit process needed to enforce it remains a mystery.
That’s SNAKE spelled backwards: David tells us about a new strain of ransomware; ominously, it is targeting industrial control systems. I manage to find a very modest silver lining.
Nate also reports on the FCC’s latest half-step toward suing one or more telcos for selling phone-location data.
Matthew covers the Maze ransomware that has ravaged law firms in recent weeks. He argues that it’s only a matter of time before such attacks become dog-bites-man stories.
Matthew also notes that Google and Facebook have apparently dropped plans to terminate their transpacific cable in Hong Kong. US national security concerns seem to have driven the decision. Looks like the Great Decoupling could be spurring a very real physical decoupling.
Nate makes the best of the 2020 version of a Worthwhile Canadian Initiative: The Senate Intel Committee’s third volume of its Russian electoral interference report. It’s sober and responsible and bipartisan – and disappeared from the news cycle overnight.
And to bring you up to speed on past stories:
A Brazilian judge has declined to accept charges against Glenn Greenwald, “for now.”
The poster child for the facial recognition moral panic can’t catch a break: Clearview AI has been hit with cease-and-desist from Google and Facebook.
Tag-teaming with Bill Barr, child-welfare activists are attacking Facebook over its encryption plans and what that means for exploited kids.
One of the first CCPA lawsuits has been filed, against Salesforce.
And This Week in Silicon Valley content moderation:
Letterboxd banned a black libertarian film critic’s reviews.
James O’Keefe’s Twitter account was suspended after he named a Bernie Sanders staffer who spoke fondly of gulags and electoral violence.
And Twitter banned the widely popular Zero Hedge account after it named a Chinese researcher who it thought might have a role in coronavirus.
As always, The Cyberlaw Podcast is open to feedback. Be sure to engage with @stewartbaker on Twitter. Send your questions, comments, and suggestions for topics or interviewees to CyberlawPodcast@steptoe.com. Remember: If your suggested guest appears on the show, we will send you a highly coveted Cyberlaw Podcast mug!
The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.