A war reporter for the cyber age

I interview David Sanger in this episode on his new book, The Perfect Weapon – War, Sabotage, and Fear in the Cyber Age. It is a true first draft of history, chronicling how the last five years transformed the cyberwar landscape as dozens of countries followed a path first broken by Stuxnet—and then, to our horror, branched out to new and highly successful ways of waging cyberwar. Mostly against us. David depicts an Obama administration paralyzed by the Rule of Lawyers and a fear that our opponents would always have one more rung than we did on the escalation ladder. The Trump administration also takes its lumps, sometimes fairly and sometimes not.

At center stage in the book is Putin's uniquely brazen and impactful use of information warfare, but the North Koreans and the Chinese also play major roles. It is as close to frontline war reporting as cyber journalism is likely to get.

Cyberlaw news this week is dominated by a couple of Supreme Court decisions: In Carpenter the Court held 5-4 that warrants are required to collect a week of location data from cell phone companies. Michael Vatis lays out the ruling, and I complain that the Court has kicked off a generation of litigation over issues this decision opens up but fails to address. Tune in as Michael invokes James Madison and I counter with Ben Franklin. Who knew that the founding fathers had so much to say about the third-party doctrine?

Stewart Baker with David Sanger

Speaking of Court decisions that write checks for others to redeem, the 5-4 Wayfair decision is equally insouciant about triggering a generation of litigation about when internet companies must collect sales tax. After 50 years of waiting for Congress to decide a question that is clearly better resolved by legislation than judicial rule, the Court gave up and struck down the holding that a physical presence was required before sales tax had to be collected. Pat Derdenger explains just how much litigation he'll be involved in. To his plea that Congress step in, I repeat a line I first used 25 years ago: Why should a Republican Congress enable the collection of taxes it can't spend?

North Korea may be our President's best bud these days, but it's still hacking banks and conducting cyberespionage, Matthew Heiman points out. Jim Lewis advances a Darwinian justification for letting the North Koreans keep it up.

Matthew and Jim also agree that Chinese hackers are getting stealthier – probably in part because they're chiseling around the edges of their agreement not to steal commercial secrets from US firms. We also ask whether the Chinese have begun releasing data from their OPM hack to criminal actors. David Sanger thinks not.

America's lack of a coherent cyberwar strategy is becoming apparent not just to adversaries but also to Congress, which is in the process of mandating a new commission on cyberwar strategy. Whether calling it Project Solarium, a hallowed name in defense thinking, will make the commission more successful remains to be seen.

In payback news, I am pleased to report that there's more libel litigation in store for the Southern Poverty Law Center, which specializes in feeding Silicon Valley's worst prejudices about conservatives.

The Administration is struggling to come up with privacy principles that can compete with GDPR. Matthew and I predict that it won't succeed.

One last note: David Sanger is on a book tour– if you're in the Washington DC area, he will be hosting a talk and book signing at Politics & Prose on Thursday, June 28, at 7pm.

Download the 223rd Episode (mp3).

You can subscribe to The Cyberlaw Podcast using iTunes, Pocket Casts, Google Play, or our RSS feed!

As always, The Cyberlaw Podcast is open to feedback. Send your questions, comments, and suggestions for topics or interviewees to CyberlawPodcast@steptoe.com or leave a message at +1 202 862 5785. Remember: If your suggested interviewee appears on the show, we will send you a highly coveted Cyberlaw Podcast mug!