Transatlantic Drift

Episode 365 of the Cyberlaw Podcast

|

The Biden administration is dribbling away one of the United States' most important counterterrorism intelligence programs. At least that's my conclusion from this episode's depressing review of the administration's halting and delusion-filled approach to the transatlantic data crisis. Every day, Silicon Valley companies whose data stores in the US have been a goldmine for counterterrorism are feeling legal pressure to move that data to Europe. Those companies care little whether the US gets good intelligence from its section 702 requests, at least compared to their fear of massive fines and liability in Europe. The EU is standing firm because it thinks time is on its side, and it's ignoring Jamil Jaffer's heartfelt plea to be a better ally in the face of Russian and Chinese pressure.

So, unless the administration creates a countervailing incentive, the other actors will simply present Washington with a fait accompli. The Biden administration, like the Trump administration before it, seems unable to grasp the need for action. When Trump was in charge, we could call him incompetent. When we wake up to what we've lost under Biden, that's what we'll call him, too.

For companies struggling with their role in this global drama, Charles Helleputte has moderately good news. The European Commission, contrary to the dogmatic approach of the data protection agencies, has opened a door for transfers using the new standard corporate clauses. If your data has not been requested by the US under 702 or similar authorities and you can offer good reason to think they won't in future, you can avoid the ban.

In other news, Jamil and I cross swords on whether the Colonial pipeline hack should have ended TSA's light-touch oversight of pipeline cybersecurity.

And Nate Jones and I dig deep into the state laws regulating police access to DNA ancestry databases. After some fireworks, we come close to agreement that some state law on database access is inevitable and workable, but the Maryland law is so hostile to solving brutal crimes with DNA searches that it is hard to distinguish from a ban.

Jamil explains the Biden administration's decision to provide a new foundation for the Trump ban on investment in Chinese military companies. Treasury will take the program away from DOD, which had handled its responsibilities with the delicacy of Edward Scissorhands.

Nate limbers up the DeHype Machine to put in perspective DOJ's claim to be giving ransomware hacks the same priority as terrorism. Jamil takes on autonomous drones and pours cold water on the notion that DOD will be procuring some of its drones from China.

In a moment of weakness I fail to attack or even mock the UN GGE's latest report on norms for cyberconflict, which look pretty anodyne.

And in a series of quick hits:

  • Jamil reviews Facebook's latest antitrust problems in the EU and UK
  • I remind listeners of the "throuple" Congresswoman, whose failed pivot from abuser of power to victim of revenge porn has just cost her over $100,00
  • In case you haven't heard, Facebook might let Trump come back in January 2023, and his blog page has shut down for good.
  • The European Commission has proposed a trusted and secure Digital Identity for all Europeans but Charles thinks there's less there than meets the eye.
  • And Nigeria has suspended Twitter after the platform shut down the President's account for obliquely threatening military action against secessionists.
  • And More!

Download the 365th Episode (mp3)

You can subscribe to The Cyberlaw Podcast using iTunes, Google Play, Spotify, Pocket Casts, or our RSS feed. As always, The Cyberlaw Podcast is open to feedback. Be sure to engage with @stewartbaker on Twitter. Send your questions, comments, and suggestions for topics or interviewees to CyberlawPodcast@steptoe.com. Remember: If your suggested guest appears on the show, we will send you a highly coveted Cyberlaw Podcast mug!

The views expressed in this podcast are those of the speakers and do not reflect the opinions of their institutions, clients, friends, families, or pets.

NEXT: Poetry Monday!: "Lines Written in Dejection" by William Butler Yeats

Editor's Note: We invite comments and request that they be civil and on-topic. We do not moderate or assume any responsibility for comments, which are owned by the readers who post them. Comments do not represent the views of Reason.com or Reason Foundation. We reserve the right to delete any comment for any reason at any time. Report abuses.

  1. I think it is time for a byte tax — they want to move their servers overseas, fine — we tax every byte of data that goes over to it and every byte that comes back.

    1. LOL. That would actually reinforce European data localization, not discourage it.

  2. So the US might have to pass laws making it harder for the government to spy on people? Seems like a good thing to me, honestly.

  3. Why does an ostensibly libertarian website regularly publish the statist musings of an authoritarian right-winger?

    Carry on, clingers.

  4. The EU has long been on a quest to neuter the US while maintaining US Defense subsidies.

  5. Maybe if we didn’t constantly and overtly spy on this data, we wouldn’t have other countries demanding it not be stored here. It’s not like they’re being unreasonable; storing it here *is* a privacy concern for their citizens.

    “countervailing incentive”? What are we going to do, pay the fines for them? (They’ll keep increasing until that’s impractical.) Give them an equal fine for daring to storing European data in Europe?

  6. it’s ignoring Jamil Jaffer’s heartfelt plea to be a better ally in the face of Russian and Chinese pressure.

    A good ally would ask us to violate our citizens’ civil liberties, or to facilitate other countries violating them. And it certainly wouldn’t suggest that the best way to avoid Chinese-style mass surveillance is to set up our own.

Please to post comments