Latest in Cybersecurity

Bits and Bytes

Bits and Bytes: LabMD and Google AI

The FTC Takes a Loss. The Federal Trade Commission has been setting itself up as the regulator of private-sector cybersecurity. That effort took a hit this week when the 11th Circuit ruled that its standards were too indefinite. "In sum . . . the Commission’s cease and desist order is nonetheless unenforceable. It does not enjoin a specific act or practice. Instead, it mandates a complete overhaul of LabMD’s data-security program and says precious little about how this is to be accomplished.

Privacy Paradox

Amicus Brief: Microsoft Warrant Case

The Microsoft warrant case in the Supreme Court involves a demand by the U.S. government that Microsoft repatriate content data stored in a data center in Ireland and provide it to DOJ. The case raises a number of deeply interesting and complex issues about law enforcement cooperation; extraterritoriality of Ameican law; commercial matters; data privacy concerns; and implications for reciprocal sovereignity in a digitized world. Along with many far more notable former officials, I joined an amicus brief filed the other day in support of neither party. Here's a copy:


The NDAA FY'18's Cyber Provisions: What Emerged from Conference?

The next National Defense Authorization Act (the NDAA FY’18) is nearing the finish line.  A Conference Report is now available, and so the time has come for a closer look at some of the key provisions of interest to Lawfare readers.  My colleague Scott Anderson is going to post a broad overview shortly. For my part, I’d like to walk you through the “Cyberspace-Related Matters” section (sections 1631-1649C).


Wassenaar, Cybersecurity, and Why European Officials Get Better Lunches than Americans

Alan Cohn and I did a one-hour explanation of the fuss over the Wassenaar Arrangement, intrusion software, and cybersecurity on Friday. Because we did it for the Federalist Society’s Regulatory Transparency Project, we tried to link this international regulatory initiative to broader lessons about regulating technology in today’s world. One of the lesser lessons: European officials will always be invited to better lunches than their American counterparts. 

If you’d like to listen, here’s the link:

Subscribe to Lawfare