The Volokh Conspiracy
Mostly law professors | Sometimes contrarian | Often libertarian | Always independent
How long before grid attacks become the new normal?
Episode 351 of the Cyberlaw Podcast
In the news roundup, David Kris digs into rumors that Chinese malware attacks may have caused a blackout in India at a time when military conflict was flaring on the two nation's Himalayan border. This leads us to Russia's targeting of the U.S. grid and to uneasy speculation on how well our regulatory regime is adapted to preventing successful grid attacks.
The Biden administration is starting to get its legs under it on cybersecurity. In its first major initiative, Maury Shenk and Nick Weaver tell us, it has called for a set of studies on how to secure the supply chain in several critical products, from rare earths to semiconductors. As a reflection of the rare bipartisanship of the issue, the President's order is weirdly similar to Sen. Tom Cotton's call to "beat China" economically.
Nick explains the most recent story on how China repurposed an NSA attack tool to use against U.S. targets. Bottom line: It's embarrassing for sure, but it's also business as usual for attack teams. This leads us to a surprisingly favorable review of the Cyber Threat Alliance's recent paper on how to run a Vulnerability Equities Process.
Maury explains the new rules that Facebook, WhatsApp and Twitter will face in India.
Among other things, the rules will require India-based "grievance officers" to handle complaints. I am unable to resist suggesting that, if ever there were a title that the wokeforce at these companies should aspire to, it's Chief Grievance Officer.
Nick and I make short work of two purported scandals—ICE investigators using a private utility database to enforce immigration law and the IRS purchasing cellphone location data. I argue that the first story is the work of ideologues who would loudly protest ICE access to the White Pages. And the second is a nonstory largely manufactured by Sen. Wyden.
In a story that isn't manufactured, David and I predict that the Supremes will agree to decide the scope of cellphone border searches. More than that, we conclude, the Ninth Circuit will lose. The hard question is how broadly the Court decides to rule once it has kicked the Ninth Circuit rule to the curb.
Maury reports that Facebook and Google have pushed the Aussie government into a compromise on paying Aussie media fees for links. Facebook gets the credit for being willing to shoot the family members the government was holding hostage (although in Facebook's case, the hostage was probably a second cousin once removed). Maury predicts that the negotiations will be tougher once the European Union starts rounding up its hostages.
In quick hits, I claim credit for pointing out years ago that sooner or later the crybullies would come for "quantum supremacy." And they have. Maury and I note the rise of audits for AI bias. He's mildly favorable; I am not. And I close by noting the surprisingly difficult choices illustrated by Pro Publica's story on how the content moderation sausage was made at Facebook when the Turkish government demanded that a Kurdish group's postings be taken down.
Download the 351st Episode (mp3)
You can subscribe to The Cyberlaw Podcast using iTunes, Google Play, Spotify, Pocket Casts, or our RSS feed. As always, The Cyberlaw Podcast is open to feedback. Be sure to engage with @stewartbaker on Twitter. Send your questions, comments, and suggestions for topics or interviewees to CyberlawPodcast@steptoe.com. Remember: If your suggested guest appears on the show, we will send you a highly coveted Cyberlaw Podcast mug!
The views expressed in this podcast are those of the speakers and do not reflect the opinions of their institutions, clients, friends, families, or pets.