Waging war in a networked age
Episode 396 of the Cyberlaw Podcast.
Much of this episode is devoted to how modern networks and media are influencing what has become a major shooting war between Russia and Ukraine. Dmitri Alperovitch gives us a sweeping overview. Ukraine and its President, Volodymyr Zelensky, clearly won the initial stages of the war in cyberspace, turning broad Western sympathy into a deeper commitment using short videos from downtown Kyiv at a time when Zelensky was expected to be racing for the border. The narrative of determined Ukrainian resistance and hapless Russian arrogance was set in cement by the end of the week, and Zelensky's ability to casually dial in to EU ministers' meetings (and just as casually say that this might be the last time the ministers saw him alive) changed official Europe's view of the conflict permanently. Putin's failure to seize Ukraine's capital and telecom facilities in the first day of the fight thus may guarantee a long, grinding conflict.
Russia is doing its best to control the narrative on Russian networks by throttling Facebook, Twitter, and other Western media. And it's essentially telling those companies that they need to distribute pro-Russian media in the West if they want a future in Russia. Dmitri doesn't believe that's a price Silicon Valley will pay for access to a country where every third bank and company is already off-limits due to Western sanctions. Jane Bambauer weighs in with the details of Russia's narrative-control efforts—and their failure.
And what about the cyber-attacks that press coverage led us to expect in this conflict between two technically capable adversaries? Nate Jones and Dmitri agree that, while network wiping and ransomware have occurred, their impact on the battle has not been obvious. Russia seems not to have sent its A-team to take down any of Ukraine's critical infrastructure. Meanwhile, as Western nations pledge more weapons and more sanctions, Russian cyber reprisals have been scarce, perhaps because Western counter-reprisals are clearly being held in reserve.
All that said, and despite unprecedented financial sanctions and export control measures, the initiative in the conflict remains with Putin, and none of the panel is looking forward to finding out how Putin will react to Russia's early humiliations in cyberspace and on the battlefield.
In other tech news, the EU has not exactly turned over a new leaf when it comes to milking national security for competitive advantage over U.S. industry. Nate and Jane unpack the proposed European Data Act, best described as an effort to write a GDPR (General Data Protection Regulation) for nonpersonal data. And, as always, it's chasing the dream that Europe can regulate a European tech industry into existence.
Nate and I dig into a Foreign Affairs op-ed by Chris Inglis, the Biden administration's National Cyber Director. It calls for a new Cyber Social Contract between government and industry. I hit CTRL-F and "regulation" but don't find the word, likely thanks to White House copy editors, but the op-ed clearly thinks that more regulation is the key to ensuring public-private cooperation.
Jane reprises a story from the estimable "Rest of World" tech site. It turns out that corrupt and abusive companies and governments have better tools for controlling their image than Vladimir Putin – all thanks to the European Parliament and the U.S. Congress, which approved GDPR and the Digital Millennium Copyright Act respectively. These turn out to be great laws for suppressing stories that make third-world big shots uncomfortable. I remind the audience about another of Baker's Law: "Privacy Law Principally Protects the Privileged and the Powerful."
In closing, Jane and I catch us up on the IRS's latest position on face recognition – and the wrongheadedness of the NGOs campaigning against the technology.
Download the 396th Episode (mp3)
Announcement: We're thinking about having a live recording of episode 400, maybe on the web and maybe in person here in Washington. That would be March 28, 2022. If you want to attend, please send us a message to that effect at CyberlawPodcast@steptoe.com.
The views expressed in this podcast are those of the speakers and do not reflect the opinions of their institutions, clients, friends, families, or pets.