Regulatory Swagger Comes to Washington

All of Washington is back from Christmas break, and suddenly the Biden Administration is showing a sharp departure from the Obama and Clinton years where regulation of Big Tech is concerned. Regulatory swagger is everywhere.

Treasury regulatory objections to Facebook's cryptocurrency project have forced the Silicon Valley giant to  abandon the effort, Maury Shenk tells us, and the White House is initiating what looks like a major interagency effort to regulate cryptocurrency on national security grounds. The Federal Energy Regulatory Commission is getting serious (sort of) about monitoring the internal security of electric grid systems, Tatyana Bolton reveals. The White House and Environmental Protection Agency are launching a "sprint" to bring some basic cybersecurity to the nation's water systems. SEC Chairman Gary Gensler is full of ideas for expanding the Security and Exchange Commission's security requirements for brokers, public companies, and those who service the financial industry. And the Federal Trade Commission is entertaining a rulemaking petition that could profoundly affect companies now enjoying the gusher of online ad money generated by aggregating consumer data. And that's just this week.

In other news, Dave Aitel gives us a thoughtful assessment of why the log4j vulnerability isn't creating as much bad news as we first expected. It's a mildly encouraging story of increased competence and speed in remediation, combined with the complexity (and stealth) of serious attacks built on the flaw.

Dave also dives deep on the story of the Belarussian hacktivists (if that's what they are) now trying to interfere with Putin's threatened invasion of Ukraine. It's hard to say whether they've actually succeeded in delaying trains carrying Russian tanks to the Belarussian-Ukrainian border, but this is one group that has consistently pulled off serious hacks over several years as they harass the Lukashenko regime.

In a blast from the past, Maury Shenk takes us back to 2011 and the Hewlett Packard (HP)-Autonomy deal, which was repudiated as tainted by fraud almost as soon as it was signed. Turns out, HP is getting a long-delayed vindication, as Autonomy's founder and CEO is found liable for fraud and ordered extradited to the U.S. to face criminal charges. Both rulings are likely to be appealed, so we'll probably still be following court proceedings over events from 2011 in 2025 or later.

Speaking of anachronistic court proceedings, the EU's effort to punish Intel for abusing its dominant position in the chip market has long outlived Intel's dominant position in the chip market, and we're nowhere near done with the litigation. Intel won a big decision from the European general court, Maury tells us. he and I agree that it's only the European courts that stand between Silicon Valley and a whole lot more European regulatory swagger.

Finally, Dave brings us up to date on a New York Times story about how Israel used NSO's hacking capabilities in a campaign to break out of years of diplomatic isolation.

Download the 392nd Episode (mp3)

You can subscribe to The Cyberlaw Podcast using iTunes, Google Play, Spotify, Pocket Casts, or our RSS feed. As always, The Cyberlaw Podcast is open to feedback. Be sure to engage with @stewartbaker on Twitter. Send your questions, comments, and suggestions for topics or interviewees to CyberlawPodcast@steptoe.com. Remember: If your suggested guest appears on the show, we will send you a highly coveted Cyberlaw Podcast mug!

The views expressed in this podcast are those of the speakers and do not reflect the opinions of their institutions, clients, friends, families, or pets.