Latest in OPM

The Cyberlaw Podcast

Steptoe Cyberlaw Podcast, Episode #74: An Interview with Catherine Lotrionte

Our guest commentator for episode 74 is Catherine Lotrionte, a recognized expert on international cyberlaw and the associate director of the Institute for Law, Science and Global Security at Georgetown University.  We dive deep on the United Nations Group of Government Experts, and the recent agreement of that group on a few basic norms for cyberspace.  Predictably, I break out in hives at the third mention of “norms” and default to jokes about “Cheers.”


A Correction and a Reiteration

Last week, I wrote a piece on the OPM hack, quoting a GAO report that seemed to me to suggest that the intelligence community had concerns about OPM's computer security back in 2010. In response, I received the following missive from a senior intelligence official suggesting I had misread the GAO report in question:


Whose Fault is the OPM Hack, Really? Part II

Last week, I posed the question of whether we should really be blaming OPM—which is not an intelligence, counter-intelligence, or cybersecurity agency—for the theft of government personnel records, presumably by professional intelligence operatives, when we have plenty of intelligence, counter-intelligence, and cybersecurity expertise in the federal government. 

The Cyberlaw Podcast

Steptoe Cyberlaw Podcast, Episode #71: An Interview with David Anderson

Privacy advocates are embracing a recent report recommending that the government require bulk data retention by carriers and perhaps web service providers, exercise extraterritorial jurisdiction over data stored abroad, and expand reliance on classified judicial warrants. In what alternative universe is this true, you ask? No need to look far. That’s the state of the debate in our closest ally. The recommendations were given to the United Kingdom by an independent reviewer, David Anderson.

Subscribe to Lawfare