Washington's one-minute hate for Silicon Valley

Episode 208 of the Cyberlaw Podcast

|The Volokh Conspiracy |

All of Washington is mad at Silicon Valley these days, as our news roundup reveals. Dems and the media have moved on from blaming Hillary Clinton's loss on Vladimir Putin; now they're blaming Facebook and Cambridge Analytica. Gus Hurwitz and I have doubts about the claims of illegality, but I reprise my frequent critique of privacy laws: they are uniquely likely to be enforced against those who annoy governing elites (because they're so vague and disconnected from objectionable conduct that they can be enforced against almost anyone).

Alan Cohn describes the many regulatory agencies now feeling emboldened to take a whack at cryptocurrencies. He's hopeful that only bad actors will actually feel the blow.

I lay out the remarkably aggressive, and novel, enforcement philosophy behind CFIUS's rejection of the Broadcom-Qualcomm deal – and the steadily advancing Congressional effort to regulate Silicon Valley's Chinese connections more closely. That effort has featured some remarkably harsh political attacks on tech giants like IBM and GE.

Is all this hate for techies good or bad for the effort to reimpose net neutrality through the courts? The states? Stephanie Roy maps the terrain, which turns out to be every bit as muddled as you thought the last time you read about it.

Need another reason to hate technology? How about this: hackers are soon going to kill someone. I explain the latest scary reports from Saudi Arabia's industrial control system – and America's.

Pressed for time, we do quick hits on stories that deserved more but got crowded out:

  • Why you won't go wrong betting that privacy zealots hate cybersecurity.
  • Trouble in AMD's chipsets raises backdoor and supply chain worries.
  • Treasury sanctions the usual Russians for election meddling.
  • Hal Martin's dumb argument for making mass theft of classified documents harder ("Geez, who can keep track of a single document when you're stealing terabytes?") is rejected.
  • And for those who wonder why the right is starting to hate Big Tech as much as the left does, here's one week's worth of stories from Silicon Valley that got heavy attention from conservative sites:
    • Twitter suspends comedian Steven Crowder for a video in which an intern crashed an LGBTQ meeting in SXSW claiming to identify as a computer.
    • YouTube follows suit.
    • Yet somehow Louis Farrakhan keeps both his Twitter account and its coveted blue check while tweeting crap like this: "the FBI has been the worst enemy of Black advancement. The Jews have control over those agencies of government."
    • At the same time that it's broadcasting Farrakhan, Twitter seems to be blocking much of the Drudge Report.
    • And Western Journal (WJ)says Facebook's new algorithm for "giving a boost to quality news" reduced lefty site traffic by 2 percent and righty site traffic by 14 percent. As an example, comparing two NY tabloids with very different politics, WJ says the change boosted Facebook's traffic to the lefty Daily News by 24 percent and cut the righty NY Post's traffic by 11 percent. (Similar claims were made by another conservative site using a different methodology.

Finally, our interview is with Pete Chronis, Turner's Chief Information Security Officer, and author of the new book, The Cyber Conundrum. Pete lays out his vision for a cybersecurity moon shot, and the two of us explore particular cybersecurity remedies that make up the effort. We take detours to consider the vulnerabilities equities process, both here and in China. We also touch on the unwise purist stand being taken by IETF on TLS 1.3; the engineers seem determined to offer internet users what might be called "Privacy and Insecurity – By Design." (And to bring this post full circle, if you were wondering why ordinary people are getting sick of dancing to the tune of Silicon Valley engineers, the IETF's stiff-necked and counterproductive position on security for corporate network users would be a good place to start.)

As always The Cyberlaw Podcast is open to feedback. Send your questions, suggestions for interview candidates or topics to CyberlawPodcast@steptoe.com or leave a message at +1 202 862 5785.

The Cyberlaw Podcast is hiring a part-time intern for our Washington, DC offices. If you are interested, visit our website at Steptoe.com/careers.

Download the 208th Episode (mp3).

Subscribe to The Cyberlaw Podcast here. We are also on iTunes, Pocket Casts, and Google Play (available for Android and Google Chrome)!

NEXT: Trump Doubles Down on Death for Drug Offenses

Editor's Note: We invite comments and request that they be civil and on-topic. We do not moderate or assume any responsibility for comments, which are owned by the readers who post them. Comments do not represent the views of Reason.com or Reason Foundation. We reserve the right to delete any comment for any reason at any time. Report abuses.

  1. Trump utilizing Big Data == Evil unconscionable plan to cheat in the election.

    Obama utilizing Big Data == Genius tech savvy future of politics.

    http://www.cnn.com/2012/11/07/tech/we…..index.html

    http://www.technologyreview.com/s/509…..lly-voters

    1. Apples and oranges, really, unless you can point to allegations that Obama’s team stole the data they were using – or to an article complaining about the use of data mining in the Trump campaign that isn’t based on the allegation that the data was stolen.

      1. There’s a big assumption that most people would not have provided the information given the choice. I’m not so sure considering their usual willingness to give up all sorts of personal information on the cheap. And then there’s the notion that this was a significant factor in the election, which is dubious, and in any case overdetermination makes anything a plausible candidate for deciding such a close election.

        1. Yeah, the election was a coin-toss.

          My initial thoughts are that I don’t think it matters whether or not the data could have been obtained in some other way, either from a legal or ethical perspective. But I might decide otherwise given more time to think about it.

          (I haven’t looked into the credibility of the allegations, by the way, and I don’t intend to endorse the article in question. I’m just dubious about AmosArch’s comparison.)

        2. There’s a big assumption that most people would not have provided the information given the choice.

          Consent doesn’t work like that. Neither do laws.

          1. Consent has nothing to do with it since Facebook also gave the information of anyone on the user’s friends list, not just the one opting into the App. This is true of the Obama mechanation as well as Cambridge Analytica. It is why the user lists are so big. Average friend list is 130 people on estimate. So divide the 40 million by 130 and you have the number who opted in to the survey for CA or 70 million over 130 for the Obama for America page.

        3. It’s an irrelevant assumption.

          I might give you $5 if you asked me for it, but that doesn’t make it OK for you to steal $5 from me.

          This is not hard, Perseus, if you are willing to think for five seconds rather than reflexively defending Trump.

          1. Except Trump didn’t use the info in the first place.

          2. Again… consent doesn’t matter here since FB gave the information of everyone on a user’s friends list without their consent.

            1. That’s Facebook operating assets intended Jesse. The consent is implied by agreeing to a friend at request!

              1. You probably fall for the radio phone calls where they ask the spouse for their partner’s consents on the “War of the Roses” crap.

                1. I think Facebooks sucks, and Zuckerberg’s position on privacy is myopic and wrong, but that he’s proven very effective at moving the envelope towards privacy online barely being a thing.

                  But Facebook allowing friends to see info is not one of the many problematic aspects of Facebook. That is, in fact, the entire reason people join Facebook!

                  And even if it problematic somehow, Facebook’s setup does not create some sort of constructive permission for CA and their deceptive and impermissible personal information gathering and sale.

      2. For a laugh I looked up the first article that popped up…

        “Trump-linked analytics firm Cambridge Analytica used stolen data, ex-employee says”

        from ABC and while it has the word ‘stolen’ in it nowhere in the article does it explain why the data is considered ‘stolen’ and obama’s wasn’t or how Trump’s methods were significantly different or worse than obama’s team who practically invented the science of political exploitation of social media big data. The second article is the same thing. It has the word ‘stolen’ in it but nowhere in the article is it explained why.

        1. The allegation in the linked article is “Cambridge paid to acquire the personal information through an outside researcher who, Facebook says, claimed to be collecting it for academic purposes.”

          Again, I’m not endorsing the validity of the claim. There are obvious motivations for the allegation to be exaggerated or fabricated. But *if* you accept the allegation as true, it seems sufficient to justify objections.

          1. If I give you a hammer and instead of using it to fix your door like you said you would, (but whispering in a way I probably didn’t hear or care about at the time), you went and gave it to big bird who went and fixed mr. rogers door who I may or may not like does that mean Mr. Rogers stole the hammer from me like you’re implying? Should we sit back in reserved half understanding while I post up article after article on the internet thundering about evil Mr. Rogers and Big Bird ‘stole’ my hammer?

            1. Now you’re just being silly. Never mind; please yourself.

            2. Personal info != a hammer.

      3. Your wish is my command.

        Basically, FB allowed the Obama campaign to extract their entire social network graph. Not just data for Democrats, mind you, everybody. Data they still have, but which Republicans will never be permitted access to.

        Carol Davidsen, former director of integration and media analytics for Obama for America, said the Obama campaign was able to “ingest the entire social network” in the United States.

        “Where this gets complicated is, that freaked Facebook out, right? So they shut off the feature,” she added. “Well, the Republicans never built an app to do that. So the data is out there, you can’t take it back, right? So Democrats have this information.”

        But Republicans do not have that information and they will not be able to gain access to it, she said.

        “I’m a Democrat, so maybe I could argue that’s a great thing, but really it’s not in the overall process,” Davidsen said. “That wasn’t thought all the way through and now there’s a disadvantage of information that, to me, seems unfair. But I’m not Facebook.”

        This is about a hundred to a thousand times the scale of what Cambridge Analytica is merely accused of.

        1. Ok, a hundred to a thousand times is hyperbole. Several times, anyway.

        2. In 2012, it was still possible to do that. By 2015, it was not.

          1. Yes. That’s because they let the Obama campaign do it, and then instituted controls to make sure no Republican would ever be able to do the same thing.

            1. Or any campaign Brett. Don’t make this some sort of anti-Republican trap.

              A rule changed. That people did something when it was okay does not absolve people who did the thing when it became not okay.

              This is pretty basic stuff.

              1. Except Facebook shut off a feature they can easily, you know, turn back on.

                They know the media will not care. Bureaucrats will not care.

              2. Yes. We know. It’s basic that liberals get upset when Republicans resort to the same methods they use. See the outrage of 501 groups liberal had around the CU decision despite the fact they were the primary users of it in the 80s and 90s.

                1. It sure is basic for you to cry about those hypocrtitical liberals and not address my comment!

                2. Republicans stole the data, liberals did not. It’s instructive that the difference is meaningless to Republicans.

              3. @Sacastr0
                According to Ms. Davidsen, Facebook came to the campaign right after the election and said it would have stopped anyone else from doing what they did, but did not do so because it was rooting for the Obama campaign. So there is anti-Republican decision making that was going on by Facebook, at least at the time.

                I agree that is not the same thing as saying Hillary Clinton would have been or was allowed to do the same thing as Cambridge in 2016.

                1. You know, I really would like to see corporations remain neutral in political campaigns.

                  But as long as they don’t I’m not sure why people are criticizing Facebook for favoring Democrats.

                  1. My friend voted Trump. Can I not criticize him?

                    1. You can criticize his political views, but you can’t criticize him for behaving unfairly or unethically, which is the substance of the criticism of FB.

                  2. @bernard11
                    I don’t have a problem with corporations supporting political campaigns. I generally don’t think it’s wise as Republicans wear sneakers too, but they can certainly do so.

    2. Let’s see if we can draw a distinction between what the Obama campaign did and what Cambridge Analytica did.

      According to an article in Forbes, a well-known left-wing rag, the Obama campaign directly asked Facebook users for access to their friends lists. The users knew who they were giving access to.

      CA, on the other hand, told Facebook users they wanted access for “academic research,” not for the Trump campaign.

      Gee, that looks like a pretty big difference to me.

      As to Facebook’s attitude, well, it seems odd that a lot of people who vigorously support the right of corporations to inject millions into campaigns are suddenly upset that Facebook let Obama do something that, after all, did not violate Facebook’s terms and conditions.

      1. The obama campaign had access to the entire US social media network unlike the trump campaign. But its okay because the campaign which was directly in charge told the handful of app downloaders it was for the campaign before stealing all the data from the millions of just as unsuspecting other people rather than another company (allegedly) not mentioning it before passing it to the Trump campaign which might not have known about this at all. That completely changes everything!

        Give it up. We both know that if the situation was completely reversed you’d be here all the same defending the Dems just as vigorously. And you’d have a stronger case.

        1. No Amos,

          I won’t give it up. I’m damn tired of Trump and his supporters, like you, finding an excuse and a “what-about” for every scummy thing he and his gang do. They are doing enormous damage to this country, and you are helping.

          If you don’t see a difference in the two cases it’s because you don’t want to.

          1. I’m damn tired of Trump and his supporters, like you, finding an excuse and a “what-about” for every scummy thing he and his gang do.

            Maybe if your own tribe didn’t act like ethically-challenged scuzzbags, too, the “what-about”s wouldn’t exist to serve as an excuse in the first place.

            I, for one, am certainly quite tired of Democrats squalling “that’s old news” whenever their own sins are mentioned.

            1. You don’t understand, Red Rocks.

              It’s not just Trump’s sewer morality I object to, it’s his idiotic policies and appointments as well.

              Tariffs? Insane tax cuts? Whatever Pruitt is up to at EPA? DeVos? Buddying up to Putin? Police state tactics against immigrants, etc.

              The man and his administration are a national, maybe global, catastrophe. And it’s on the GOP”s head, even including alleged neverTrumpers.

              1. hysterical much? Life is pretty much mostly the same as it always was. The biggest change is everybody is losing their mind over trump peeling back a few obama regulations. I guess you could accuse republicans of the same thing under obama except you didn’t have quite as many news anchors and celebrities rolling around on the floor rending their garments unable to fathom a world without a 3 month old obama policy.

                1. Life is pretty much mostly the same as it always was

                  White middle and upper class folks doing okay so far is a pretty awful metric.

  2. Have you spoken to any actual cryptographers about TLS 1.3? From what I understand, there’s a lot of precedent supporting the proposition that any system with a built-in back door will, sooner or later, be abused by malicious actors. It simply isn’t possible for an algorithm to only work for the good guys – that’s just not something you can build into the mathematics.

    Nor is it at all likely that TLS 1.3 will actually prevent the banks from following the existing regulations. There are any number of other technological solutions – it sounds to me like the banks are just used to doing their surveillance in one particular way and don’t want to be bothered changing anything. (Quite apart from anything else, what’s stopping them from configuring their clients to keep using TLS 1.2?)

    1. If you can point to an article that presents the banks’ side of the story – with at least some level of technical detail – I’d be interested to see it.

      1. Harry,
        This is the draft proposal.

        1. Thanks, though that still only covers the technical details, not the underlying rationale. It does however make it clear that I’d misunderstood the proposal – I thought they were talking about monitoring traffic from their own clients to remote servers, and in fact it is the traffic from remote clients to their servers that is at issue.

          Still doesn’t sound like a good idea. Why not have the server hand over the ephemeral key to the surveillance equipment out-of-band?

          1. No, that can’t be right either, because (theoretically) the client has to explicitly opt-in. So, I can only assume they’re talking strictly about internal communications.

            … in which case they needn’t actually follow the specification to begin with, they can add whatever non-standard extensions they feel they need. Or just keep using TLS 1.2. (Or, you know, actually come up with a properly engineered solution; whatever floats their boat.)

          2. I can see how this will be a problem. It means that I can’t have my firewall other inspection device ‘front end’ the traffic anymore for inspection.

            This is what I do now – my firewall has the server certificates and essentially answers as the server, decrypts the content, inspects it, (re)encrypts and sends to the server.

            If the decryption-inspection process must be moved to each server, this can be a major change.

            Each server would have to have have a process to decrypt the content, forward it to another device for inspection, receive a verdict, then process it. If the application isn’t cooperative with this process, it means that virus/malware protection software is the only line of defense.
            If, instead of forwarding that traffic for inspection, each server must have the necessary intelligence to inspect it, this means that there is a need for another heavy application on each server and/or a new (or enhanced) module in the existing AV solution.

            It’s not going to be just banks that don’t want to lose visibility into traffic entering or traversing their network.

            1. As far as I can see the process you’re describing should work exactly the same as it did before. It would only be a problem if the front end was trying to inspect the data *without* decrypting and re-encrypting it.

  3. We also touch on the unwise purist stand being taken by IETF on TLS 1.3; the engineers seem determined to offer internet users what might be called “Privacy and Insecurity ? By Design.”

    This is a head scratcher of a word salad. The IETF’s stand on TLS 1.3 appears to be no back door. It’s the financial industry that appears to be stuck on stupid.

  4. Only one minute? Sad.

  5. A difficulty here is that there would seem to be some rational interest in subjecting something as vital to society as it’s means of communication to some sort of societal regulation or control. After all, post roads are mentioned in the constitution, and the postal service was a government monopoly for most of this country’s history.

    Members of the Conspiracy are of course entitled to offer libertarian viewpoints on issues of the day. But to characterize arguments for government scrutiny or a government role as “hate,” especially on issues like this where government roles have been more the norm than the exception, seems more to demean rational discourse than to engage in it.

  6. “Dems and the media have moved on from blaming Hillary Clinton’s loss on Vladimir Putin; now they’re blaming Facebook and Cambridge Analytica.”

    This statement is either monumentally stupid, or deliberately disingenuous. CA is one part of the overall investigation regarding Russian interference in our election.

    1. If Cambridge Analytica is part of the Russian investigation, it has no boundaries.

      1. Investigating a firm for which there is evidence of Russia connections particularly one that specifically allegedly broke the law in how it analyzed data in connection to the 2016 elections (including as related to Facebook) doesn’t quite seem to be a “no boundaries” situation.

        1. Well, for what it’s worth, reports are that Mueller is now asking about the turfing of Comey — which, pretty definitively, has nothing to do with “collusion”.

          1. I beleieve some guy said he fired him to make the Russia thing go away, which suggests otherwise.

        2. What law did it supposedly break? If you are referring to in kind contributions from foreigners…. how are political endorsements from European newspapers for Hillary not in kind?

          Know what law has more evidence of being broken? Hillary using her law firm to hide political spending on Trump research that utilized multiple foreign actors.

          1. Jesse – I think by breaking Facebooks rules they run afoul of that unauthorized access law, no?

            Hillary using her law firm to hide political spending on Trump research that utilized multiple foreign actors.
            Hillary hid that she was doing opposition research on Trump’s actions with Russia by paying Russians? Yeah, that adds up. Oy.

            1. Hillary hid that she was doing opposition research on Trump’s actions with Russia by paying Russians? Yeah, that adds up. Oy.

              Well, she paid a law firm to pay the guy to do it. So, yeah, basically. They invented nonsense, covered up that they were paying for it, then had Steele had the FBI use it to get a FISA court to allow them to spy on Trump based on news reports (ALSO leaked by Steele) saying his dossier was totes legit.

              Obama, mind you, did the same thing with FusionGPS. How do you think stories like “Romney bullied a kid from high school” came out?

              1. Yeah, Fusion GPS’s racket seems to be that they’ve got a lot of supposedly legitimate journalists on their payroll under the table, so that after they construct a smear for you, they can pretty much guarantee that the media will report it.

                That’s why they’re fighting like mad to keep their bank records secret. If their payroll data ever gets out, they’ll be totally toxic with the media, nobody will want to take their money anymore.

                The amazing thing about the Steele dossier is that it was so out there that the media wouldn’t bite even if you paid them to. It took the FBI to actually pretend to take it seriously, probably because they had agents with spouses working for them.

                1. That’s the ‘believe and repeat any lie or supposition or smear to defend Trump’ point of view, anyway.

        3. The charter or whatever says something like ‘anything that arises in the course of the investigation.’

          One can have a procedural boundary not a concretized one.

  7. Seems like Cambridge violated Facebook’s terms of service, Not sure why this requires a Congressional investigation.

    1. Actually, it sounds like the researcher violated Facebook’s terms of service. TOS are only binding on the user, not third parties.

      1. CA is located in the UK, so it may have violated the EU’s privacy laws as well. (That really is a “may”, I have no idea.)

      2. I’m old enough to remember when some e-mails on the wrong server were front page news for weeks, subject to several investigations, mobs screaming to lock the person up and grave judgements of probable treason from yourself.

  8. Stewart,
    in re the comment about somebody getting in trouble with twitter for disrupting a meeting. I think that a better comparison would be if someone disrupted a right wing meeting and then tweeted the video.

    Also, in regard to Farrakhan, I think it is proper to criticize his comments on Jews, but why bring up his FBI bashing? Surely this is gospel on the right these days, no?

  9. The “trouble with AMD chipsets” seemed like a hatchet job out of Intel from the beginning and has pretty much been proven as fake news.

    Would be nice if a correction would reflect this development

Please to post comments

Comments are closed.