Russians and more Russians—but no Baker
Episode 204 of the Cyberlaw Podcast
Looking for a Baker-free episode of The Cyberlaw Podcast? This is your week; I miss the podcast to teach grandchildren how to ski cross country. Brian Egan and Jamil Jaffer hold the fort, covering a few implications of Special Counsel Mueller's indictment from Friday – the legal theories of the case and what the indictment does and doesn't cover – as well as the follow-on false statement indictment against a former associate of a major law firm. In an amazing convergence of viewpoints, everyone, from Presidents Obama and Trump to Brian and Jamil – agrees that Russia appears to be winning, and the US is losing, when it comes to interference with US elections.
At the same time, the state secretaries of state gathered in Washington last week to discuss cybersecurity and US elections – coming in the face of a fairly damning report published by the Council on American Progress on shortcomings in US election-related cyber defenses. In light of these threats, we ponder whether a return to the old – paper ballots, or even the "mail only" approach that is operative in a few states, is better than an electronic ballot.
In other Russia-related news, Kaspersky turned to (literally) one of the oldest pages in the book – the Bill of Attainder clause in the US Constitution – in suing to block the application of a provision in the NDAA that prohibits federal agencies from using Kaspersky products. Jamil posits that the case is less frivolous than may appear at first blush, while Brian muses about the history of Bill of Attainder litigation in the United States.
Finally, Jamil and Brian discuss the US and UK decision to attribute the NotPetya attack to Russia and the continued trend in the Obama and Trump Administrations to publicly identify perpetrators of state-sponsored cyber attacks (along with the risks inherent in this approach). Notwithstanding the NotPetya attribution, as well as a recent White House report on the increased economic costs of cyberattacks and Congressional hearings on data breaches, we explain why we believe it to be unlikely that Congress will pass federal data breach/data notification legislation any time soon.
As always The Cyberlaw Podcast is open to feedback. Send your questions, suggestions for interview candidates or topics to CyberlawPodcast@steptoe.com or leave a message at +1 202 862 5785.