Fight Like a Canadian

Interviewing Citizen Lab's Ron Deibert in Episode 334 of the Cyberlaw Podcast


This episode features an interview with Ronald Deibert, Professor of Political Science, and Director of the Citizen Lab at the Munk School of Global Affairs & Public Policy, University of Toronto. We talk about his new book, Reset: Reclaiming the Internet for Civil Society. We also talk about the unique Canadian talent for debating with bare-fisted politesse. Ron gets to use that talent often in our discussion of what's wrong with the technology ecosystem and whether it can be improved by imposing "restraint" on government and the private sector.

In the news roundup, I urge Twitter to bring back the Fail Whale to commemorate its whale of a fail in trying to suppress a New York Post story that is bad news for Joe Biden. It's a disaster on all fronts, with Twitter unable to offer a satisfactory explanation for its suppression of the news report, or to hold to any particular enforcement policy for more than a day, and it ended with an embarrassing insistence that the Post can't have its account back until it deletes tweets that Twitter would probably allow the Post to post today.  

And not surprisingly, the episode is encouraging everyone to think that they can do this better than Twitter.  The FCC is going to start work on an effort to add an administrative gloss to section 230. Mark MacCarthy thinks the Commission lacks authority to interpret the provision; I disagree. We do agree that Justice Thomas's thoughts on section 230 are surprisingly detailed – and make Supreme Court review of the provision a lot more likely. 

Megan Stifel tells us that the ransomware business is getting even more specialized.  Together we wonder if that specialization opens the door to new, even more creative, ways to take down organized cybercrime. 

David Kris notes the pearl-clutching over search warrants that identify a pattern of conduct rather than an individual.  He almost agrees with me that this is just what probable cause looks like in the twenty-first century. 

This week puts on display Europe's trademarked "Tough Privacy Talk and Slow Privacy Walk" policy approach: David teams with Charles Helleputte to make sense of two data protection rulings in Europe that bring a lot more thunder than lightning to the debate: First, an attack on the privacy standards, such as they are, for online advertiser  real time bidding. Second, the proclamations of France's top court and its DPA about sending health data to US cloud providers. 

Megan notes two stories that deepen trends we knew were coming: hackers chaining VPN and ZeroLogon bugs to attack US government networks, maybe including election agencies,   and Iranian state hacker group resorting  to ransomware attacks. 

We cover a few updates of past weeks' stories: The fallout continues from OFAC's ransomware advisory. (Rumors that the agency will be renamed WTF OFAC are unconfirmed.) And Tik/Chat seems to be settling in for a longer court battle before the government's arguments start to take hold. (As a bonus, our Cyberlaw grammarian makes a surprise appearance to announce the rule of English usage that prevents TikTok from ever being TokTik). 

In quick hits, we boldly predict that the government will launch an antitrust suit against Google, some day. We speculate on why Tesla's autopilot AI might be fooled by projected images. And we note New York's claim that Twitter is systemically important to the nation's financial system—which is just about the most 2020 thing I've heard in a while.

And more! 

 Download the 334th Episode (mp3)

You can subscribe to The Cyberlaw Podcast using iTunes, Google Play, Spotify, Pocket Casts, or our RSS feed. As always, The Cyberlaw Podcast is open to feedback. Be sure to engage with @stewartbaker on Twitter. Send your questions, comments, and suggestions for topics or interviewees to Remember: If your suggested guest appears on the show, we will send you a highly coveted Cyberlaw Podcast mug! And thanks for our new theme music to Ken Weissman of Weissman Sound Design.

The views expressed in this podcast are those of the speakers and do not reflect the opinions of their institutions, clients, friends, families, or pets.


NEXT: Today in Supreme Court History: October 20, 1973

Editor's Note: We invite comments and request that they be civil and on-topic. We do not moderate or assume any responsibility for comments, which are owned by the readers who post them. Comments do not represent the views of or Reason Foundation. We reserve the right to delete any comment for any reason at any time. Report abuses.

  1. “David Kris notes the pearl-clutching over search warrants that identify a pattern of conduct rather than an individual.”

    Questiuon for the fourth amendment experts–how does this work in an offline world? If a crime is committed at a hotel, can the police get the guest registry without having any specific evidence that someone staying there was the culprit? If an arsonist uses gasoline as an accelerant, can they demand the list of people who bought gas at the local gas station in the previous week? It seems like a lot of the warrants for online activity are incredibly broad and with no obvious connection to the crime except that there’s a reasonable probability that the perpetrator will be one of the people that show up in the list.

    1. If there’s a person lying murdered in the street, that’s probable cause to believe that there is a murderer. Somewhere. so the cops should search everywhere to find the murderer. Is that really the logic we’re pushing towards?

      1. Did you actually read what you responded to?

        1. Unlike you, yes I did.

    2. “If a crime is committed at a hotel, can the police get the guest registry without having any specific evidence that someone staying there was the culprit? “

      Don’t the police already have unquestioned access to it under state/local law?

      1. It seems like the Supreme Court has held that such laws are unconstitutional:

        1. Interesting — this was a criminal statute “giving police the ability to inspect (search) motel registration records without advance notice, and to arrest for noncompliance”.

          What about “implied consent” and it tied to the lodging license, with the penalty being loss of the license — just like with a driver’s license. That’s what Maine does, any DHHS employee can review the registry and hand it to the cop with him, if cops can’t get it on their own.

          1. I would assume that the Maine law would be unconstitutional as well, since the rationale given by the Court is that there needs to be some sort of ability to request review of the demand to see the register, and it doesn’t hinge on the exact mechanism that the state/city uses to enforce the requirement.

            It seems like this doesn’t implicate the general third party doctrine, so there’s nothing stopping the hotel from sharing the register if they choose to, but they can’t be required to do so.

            Of course, none of this helps me understand my original question, which is whether the police can just ask for an extremely broad warrant and get the information anyway.

  2. “Often libertarian”

Please to post comments