Would it violate the Posse Comitatus Act to give DOD a bigger role in cybersecurity? Michael Vatis and I call BS on the idea, which I ascribe to Trump Derangement Syndrome and Michael more charitably ascribes to a DOD-DHS turf fight.
Should the FDA allow implants of defibrillators with known security flaws—without telling the patients who are undergoing the surgery? That’s the question raised by the latest security flaw announcement from the FDA, DHS, and St. Jude Medical (now Abbot Labs).
Repealing the FCC’s internet privacy regulations is well within Congress’s power if it acts soon, says Stephanie Roy, who stresses how rare it is for a Republican president to control both houses of Congress. (And who says President Obama didn’t leave a legacy?)
The European Commission isn’t done complaining about U.S. security programs, Maury Shenk tells us. Vera Jourova wants to know more about the U.S. request that Yahoo! screen for certain identifiers and hand over what it finds. That’s apparently too useful for finding terrorists to satisfy delicate European sensibilities Speaking of which, Angela Merkel is in the bulls-eye for Russian doxing. And to hear Maury tell it, Russia has probably been collecting raw material for years.
Should we start treating Best Buy computer support as though its geeks work for the FBI? And would that be a defense if they find bad stuff on our computers without a warrant? Michael thinks it’s more complicated than that.
Speaking of overhyped stories, Michael and I unpack the claim that President Obama’s team is handing out access to raw NSA product with unseemly haste and enthusiasm. In fact, this proposal has been kicking around the interagency for years, and the access is heavily circumscribed. As for the haste, it could be the outgoing team is afraid its proposal will be unduly delayed—or that all its circumscribing will be second-guessed. You make the call!
And for something truly new, we offer “call-in corrections,” as Nebraska law professor Gus Hurwitz tells us about the one time the FTC discussed the NIST Cyber Security Framework. It’s safe to say that this correction won’t leave the FTC any happier than my original charge that the agency can’t get past “Hey! I was here first!”
As always, the Cyberlaw Podcast welcomes feedback. Send an email to CyberlawPodcast@steptoe.com or leave a message at +1 202 862 5785.
The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.