Will international trade law block IOT cybersecurity regulation?

Joel Trachtman thinks it's a near certainty that the WTO agreements will complicate US efforts to head off an Internet of Things cybersecurity meltdown, and there's a real possibility that a US cybersecurity regime could be held to violate our international trade obligations. Claire Schachter and I dig into the details of the looming disaster and how to avoid it.

In the news, Paul Rosenzweig analyzes the Ninth Circuit holding that scraping publicly available information doesn't violate the CFAA.

The California legislature has adjourned, leaving behind a smoking ruin where Silicon Valley's business models used to be. Mark MacCarthy elaborates: One new law would force companies like Uber and Lyft (and a boatload of others) to treat gig economy workers as employees, not contractors. Another set of votes in the legislature has left the demanding California Consumer Privacy Act more or less unscathed as its 2020 effective date looms. Really, it's beginning to look as though even California hates Silicon Valley.

Klon Kitchen and I discuss the latest round of Treasury sanctions on North Korean hacking groups. The sanctions won't affect anyone in North Korea, but they might affect a few of their enablers on the Internet. What I wonder, though, is this: Since sanctions violations are punishable even when they aren't intentional, will US companies whose money is stolen by the Lazarus Group be penalized for having engaged in a prohibited transaction with a sanctioned party? Maybe the Lazarus Group should steal a Treasury license too, just to be sure.

Klon also lays out in chilling detail what the Russians were really trying to do to Ukraine's grid – and the growing risk that someone is going to launch a destructive cyberattack that leads to a cycle of serious real-world violence. The drone attack on Saudi oil facilities shows how big that risk can be.

Paul examines reports that Israel planted spy devices near the White House. He thinks it says more about the White House than about Israel.

Paul also reports on one of the unlikelier escapades of students from his alma mater: Trading 15 minutes at the keyboard for months in jail and a lifetime of trouble on their permanent records.

I walk back the deepfake voice scam story we discussed recently, but Klon points out that it reflects a future that is coming for us soon, if not today.

Proving the old adage about a fool for a lawyer, the Mar-a-Lago trespasser has been found guilty after an ineffective pro se defense. We may never know what she was up to.

Klon digs into a long and thoughtful op-ed by NSA's Glenn Gerstell about the effects of the "digital revolution" on national security. And I note the recent Carnegie report trying to move the encryption debate forward. I also plug my upcoming speech in Israel on the same topic.

Download the 278th Episode (mp3).

You can subscribe to The Cyberlaw Podcast using iTunes, Google Play, Spotify, Pocket Casts, or our RSS feed!

As always, The Cyberlaw Podcast is open to feedback. Be sure to engage with @stewartbaker on Twitter. Send your questions, comments, and suggestions for topics or interviewees to CyberlawPodcast@steptoe.com. Remember: If your suggested guest appears on the show, we will send you a highly coveted Cyberlaw Podcast mug!

The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.