In our 204th episode of The Cyberlaw Podcast, the team bumbles forward without Stewart Baker, who is spending the week racing his offspring down mountain slopes somewhere in Utah. Brian Egan and Jamil Jaffer begin by covering a few implications of Special Counsel Robert Mueller’s indictment from Friday—the legal theories of the case and what the indictment does and doesn’t cover—as well as the follow-on false statement indictment against a former associate of a major law firm. In an amazing convergence of viewpoints, everyone, from Presidents Obama and Trump to Brian and Jamil—agrees that Russia appears to be winning, and the U.S. is losing, on the topic of interference with U.S. elections.
At the same time, the state secretaries of state gathered in Washington last week to discuss cybersecurity and U.S. elections—coming in the face of a fairly damning report published by the Center forAmerican Progress on shortcomings in U.S. election-related cyber defenses. In light of these threats, we ponder whether a return to the old paper ballots, or even the “mail-only” approach that is operative in a few states, is better than an electronic ballot.
In other Russia-related news, Kaspersky turned to (literally) one of the oldest pages in the book—the Bill of Attainder clause in the U.S. Constitution—in suing to block the application of a provision in the NDAA that prohibits federal agencies from using Kaspersky products. Jamil posits that the case seems less frivolous than may appear at first blush, while Brian muses about the history of Bill of Attainder litigation in the United States.
Finally, Jamil and Brian discuss the U.S. and U.K. decision to attribute the NotPetya attack to Russia and the continued trend in the Obama and Trump Administrations to publicly identify perpetrators of state-sponsored cyber attacks (along with the risks inherent in this approach). Notwithstanding the NotPetya attribution, as well as a recent White House report on the increased economic costs of cyberattacks and Congressional hearings on data breaches, we explain why we believe it to be unlikely that Congress will pass federal data breach/data notification legislation any time soon.
As always The Cyberlaw Podcast is open to feedback. Send your questions, suggestions for interview candidates or topics to CyberlawPodcast@steptoe.com or leave a message at +1 202 862 5785.
The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.