Cheapfakes and the end of blackmail

Episode 265 of the Cyberlaw Podcast

|The Volokh Conspiracy |

Paul Rosenzweig leads off with This Week in China Tech Fear – an enduring and fecund feature in Washington these days. We cover the Trump Administration's plan to blacklist up to five Chinese surveillance companies, including Hikvision, for contributing to Uighur human rights violations in the West of China, DHS's rather bland warning that commercial Chinese drones pose a data risk for US users, and the difficulty US chipmakers are facing in getting "deemed export" licenses for Chinese nationals.

We delve deeper into a remarkably shallow and agenda-driven New York Times article by Nicole Perlroth and Scott Shane that blames NSA for Baltimore's ransomware problem without ever asking why the city failed for two years to patch its systems. David Kris uses the story to take us into the Vulnerabilities Equities Process – and its flaws.

There may be a lot – or nothing – to the Navy email "spyware" story, but David points out just how many of today's cyber issues it touches. With the added fillip of a "Go Air Force, Beat Navy" theme not usually sounded in cybersecurity stories.

Paul expands on what I have called Cheapfakes (as opposed to Deep Fakes) – the Pelosi video manipulated to make her sound impaired. And he manages to find something approaching good news in the advance of faked video – it may mean the end of (video) blackmail.

But not the end of "revenge porn" and revenge porn laws. I ask Gus Hurwitz whether those laws are actually protected by the Constitution, and the answer turns out to be highly qualified. But, surprisingly, media lawyers aren't objecting that revenge porn laws criminalizing the dissemination of true facts are on a slippery slope to criminalizing news media. Only a bit more persuasively, though, that is the argument they're making about the expanded charges of espionage against Wikileaks founder Julian Assange. David offers his view of the pros and cons of the indictment.

And Gus closes us out with some almost unalloyed good news. Despite my suspicion of any bipartisan bill in the current climate, he insists that the Senate-passed anti-robocalling bill is a straight victory for the Forces of Good. But, he warns, the House could still screw things up by adding a private right of action along the lines of the Telephone Consumer Protection Act, which has provided the plaintiffs bar with an endless supply of class actions without actually benefiting consumers.

Download the 265th Episode (mp3).

You can subscribe to The Cyberlaw Podcast using iTunes, Google Play, Spotify, Pocket Casts, or our RSS feed!

As always, The Cyberlaw Podcast is open to feedback. Be sure to engage with @stewartbaker on Twitter. Send your questions, comments, and suggestions for topics or interviewees to CyberlawPodcast@steptoe.com. Remember: If your suggested guest appears on the show, we will send you a highly coveted Cyberlaw Podcast mug!

The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.

NEXT: Police Raid on San Francisco Journalist Descends Into Blame Game

Editor's Note: We invite comments and request that they be civil and on-topic. We do not moderate or assume any responsibility for comments, which are owned by the readers who post them. Comments do not represent the views of Reason.com or Reason Foundation. We reserve the right to delete any comment for any reason at any time. Report abuses.

  1. Baker : “We delve deeper into a remarkably shallow and agenda-driven New York Times article by Nicole Perlroth and Scott Shane that blames NSA for Baltimore’s ransomware problem without ever asking why the city failed for two years to patch its systems.”

    Perlroth and Shane : “Hackers seem to have found a sweet spot in Baltimore, Allentown, Pa., San Antonio and other local, American governments, where public employees oversee tangled networks that often use out-of-date software. Last July, the Department of Homeland Security issued a dire warning that state and local governments were getting hit by particularly destructive malware that now, security researchers say, has started relying on EternalBlue to spread.”

    Perlroth and Shane : “Serper, head of security research at Cybereason, said his firm had responded to EternalBlue attacks at three different American universities, and found vulnerable servers in major cities like Dallas, Los Angeles and New York.”

    Why do I suspect that Baker is the one here who is “shallow and agenda-driven” ??

    1. I do not see how Baker’s quip is contradicted by the segment of the article you have displayed here.

      1. (1) Baker’s criticism wasn’t a “quip”. Calling reportage “remarkably shallow and agenda-driven” goes well beyond that term.

        (2) Baker’s criticism was pretty much the definition of meaningless. The two reporters wrote an article about a stolen NSA cyber-tool being used by criminals to attack cities and institutions worldwide. I hadn’t heard that was the case, and found it a fascinating read. Their subject matter – stolen tool misused – was well developed and in full detail. But Baker seems to have wanted an article about Baltimore’s computer system being antiquated and vulnerable to attack. That the reporters focused on another topic isn’t grounds for criticism. That Baker throws a snit about it is.

        (3) And Baker can’t even make his own case honestly. Although Baltimore’s lack of preparation wasn’t the subject of the article, it was mentioned several times throughout. Above, Baker claims it wasn’t mentioned at all…..

  2. In the case of Robocallers–who we all agree are the most evil–the benefit to consumers is that the calls stop. What difference does it make if the plaintiffs bar gets rich?

Please to post comments

Comments are closed.