The Volokh Conspiracy

Mostly law professors | Sometimes contrarian | Often libertarian | Always independent

Another week, another warhead

Episode 338 of the Cyberlaw Podcast

|

This week sees yet another Trump administration initiative to hasten America's decoupling from China. As with MIRV warheads, the theory seems to be that if you launch enough of them, the next administration can't shoot them all down.  Brian Egan lays out this week's initiative, which lifts from obscurity a DoD list of Chinese military companies and excludes the companies from U.S. capital markets

Our interview is with Frank Cilluffo and Mark Montgomery. Mark is Senior Fellow at the Foundation for Defense of Democracies and Senior Advisor to the congressionally mandated Cyberspace Solarium Commission. Previously, he served as Policy Director for the Senate Armed Services Committee under Senator John S. McCain—and before that served for 32 years in the U.S. Navy as a nuclear trained surface warfare officer, retiring as a Rear Admiral in 2017. Frank is director of Auburn University's Director of Auburn University's McCrary Institute for Cyber and Critical Infrastructure Security. He served on the Cyberspace Solarium Commission and chaired the Homeland Security Advisory Council's subcommittee on economic security.

We talk about the unexpected rise of the industrial supply chain as a national security issue. Both Frank and Mark were moving forces in two separate reports highlighting the issue, as was I. (See also my op-ed on the same topic.) So, if we seem suspiciously in agreement on supply chain issues, it's because we are suspiciously in agreement on supply chain issues. Still, as an introduction to one of the surprise hot issues of the year, it's not to be missed.

After our interview in episode 336 of a Justice Department official on how to read Schrems II narrowly, you knew it was only a matter of time before we heard from Europe. Charles Helleputte reviews the European Data Protection Board's effort to give more authoritative and less comfortable advice to U.S. companies that want to keep relying on the standard contractual clauses. The Justice Department take on the topic manages to squeak through without a direct hit from the privacy bureaucrats.  Still, the EDPB (and the EDPS even more so) makes clear that anyone following the DOJ's lead is in for an uphill fight. (For those who want more of Charles's thinking on the topic, see this short piece.)

Zoom has been allowed to settle an FTC proceeding for deceptive conduct (claiming that its crypto was end to end when it wasn't, and more). Mark MacCarthy gives us details.  I throw shade on the FTC's failure to ask any serious national security questions about a company that deserves some. 

Brian brings us up to speed on TikTok.  Only one of the Trump administration penalties remains unenjoined. My $50 bet with Nick Weaver—that CFIUS will overcome the judicial skepticism that IEEPA could not—is hanging by a thread. Casey Stengel makes a brief appearance to explain why TikTok might win. 

Brian also reminds us that export control policymaking is even slower and less functional on the other side of the Atlantic, as Europe tries, mostly ineffectively, to adopt stricter limits on exports of surveillance tech

Mark and I admire the new Aussie critical-infrastructure cybersecurity initiative, for its clarity if not for its likely political appeal. 

Charles explains and I decry the enthusiasm of European courts for telling Americans what they can say and read on line, as an Austrian court tells Facebook to take down worldwide the description of an Austrian politician as belonging to a "fascist party." Apparently, we aren't allowed to say that political censorship is what members of a fascist party tend to advocate; but don't worry about our liability; we can't pronounce the plaintiff's name.  

So, in retrospect, how did the United States do in policing all the new cyberish threats to the 2020 election

  • Brian gives the government credit for preventing foreign interference. I question the whole narrative of foreign interference, which didn't have much effect in 2016 or 2020 (other than the hack and dump operation against the DNC) but did align conveniently with Democratic messaging in both years (Hillary only lost because of the Russians! Ignore Trump's corruption allegations because they're just more Russian interference!).
  • Mark and I wonder what Silicon Valley thinks it's accomplishing with its extended bans on political advertising after the election.  After all, it's almost always election season somewhere (see, e.g., Georgia).
  • DHS's CISA did produce a detailed rumor control site that helped correct misunderstandings—but may have corrected one too many of the President's tweets.  In consequence, Under Secretary Chris Krebs, familiar to Cyberlaw Podcast listeners, may be on the chopping block. That would be a shame for DHS and CISA; for Chris it's probably a badge of honor. Frank Cilluffo and Mark Montgomery weigh in with praise for Chris as well.

And more.

Download the 338th Episode (mp3)

You can subscribe to The Cyberlaw Podcast using iTunes, Google Play, Spotify, Pocket Casts, or our RSS feed. As always, The Cyberlaw Podcast is open to feedback. Be sure to engage with @stewartbaker on Twitter. Send your questions, comments, and suggestions for topics or interviewees to CyberlawPodcast@steptoe.com. Remember: If your suggested guest appears on the show, we will send you a highly coveted Cyberlaw Podcast mug!

The views expressed in this podcast are those of the speakers and do not reflect the opinions of their institutions, clients, friends, families, or pets.