If Paris Calls, should we hang up?
Episode 240 of the Cyberlaw Podcast
Mieke Eoyang joins us for aninterview about Third Way's "To Catch a Hacker" report. We agree on the importance of what I call "attribution and retribution" as a way to improve cybersecurity. But we disagree on some of the details. Mieke reveals that this report is the first in a series that will hopefully address my concerns about a lack of detail and innovation in the report's policy prescriptions.
Russia's lawyers are almost as good as its hackers, to judge by a "letter" from the Russian government in the DNC's hacking case against it. Matthew Heiman and I conclude that the DNC is going to face an uphill fight trying to overcome Russia's sovereign immunity arguments.
It's not cybersecurity, but it is cyberhygiene: Never do a global "find and replace" on a sensitive court filing without making sure the "replace" part actually worked. That seems to be the failure that disclosed to the world that the US has filed criminal charges against Julian Assange under seal. Maury Shenk comments.
"As an additional service to Alexa users, we promise to protect the privacy of anyone who murders you." Okay, maybe that's an unfair summary of Amazon's position on whether to release Echo recordings in a double murder case. It's not surprising that Amazon wants a court order before handing over the recordings, or that it got one, or that it seems to have complied promptly. The real news, I argue, would be if the company had handled the matter any other way.
Dr. Megan Reiss explains the significance, if any, of the Paris Call for Trust and Security in Cyberspace, where more than 50 states and companies – the United States not among them – have signed onto a mostly Mom-and-apple-pie agreement on cyber principles.
Soft power update: Chinese-style social credit scoring is coming to a Venezuela near you. Megan comments.
Sweet justice: California SWATter has pleaded guilty and now faces 20+ years in prison.
Looks like DHS finally made it, so I can stop talking about Congress approving the renaming of NPPD to be the Cybersecurity and Infrastructure Security Agency.
And for the lightning round, Matthew confirms that remotely wiping your iPhone constitutes destruction of evidence; I note that Phineas Finn has officially gotten away with the doxing of Hacking Team; and Megan comments on yet another diversion of Western traffic through Russia and China. This time, though, we may have to blame the Nigerians.
Download the 240th Episode (mp3).
You can subscribe to The Cyberlaw Podcast using iTunes, Pocket Casts, Google Play, or our RSS feed!
As always, The Cyberlaw Podcast is open to feedback. Be sure to engage with Stewart on social media: @stewartbaker on Twitter and on LinkedIn. Send your questions, comments, and suggestions for topics or interviewees to CyberlawPodcast@steptoe.com. Remember: If your suggested interviewee appears on the show, we will send you a highly coveted Cyberlaw Podcast mug!