The Volokh Conspiracy

Mostly law professors | Sometimes contrarian | Often libertarian | Always independent

Who needs cyberlaw when we can have unicorns and fairy dust?

Episode 406 of the Cyberlaw Podcast


Nick Weaver kicks off this wide-ranging episode by celebrating Treasury's imposition of sanctions on a cryptocurrency mixer that facilitated the laundering of stolen cryptocurrency. David Kris calls on Justice to step up its game in the face of this competition, while Nick urges Treasury to also sanction Tornado Cash — and explains why this would incentivize better behavior more generally. Scott Shapiro weighs in to describe North Carolina's effort to prohibit government entities from paying ransomware gangs; he doubts it will work.

David and Scott also further our malware education by summarizing two chilling reports about successful long-term intrusion campaigns – one courtesy of Chinese state hackers and the other likely launched by Russian government agents. I can't help wondering whether the Russian agencies haven't prioritized flashy hacks over effective ones – to Russia's cost in the war with Ukraine.

Nick provides a tutorial on why quantum cryptanalysis is worrying the Biden Administration and what it thinks we ought to do about it. I note how good U.S. physicists have gotten at selling expensive dreams to their government – and express considerable relief that Chinese physicists are apparently at least as good at extracting funding from their government.

I find a story mainstream media is already burying because it doesn't fit the "AI bias" narrative. It turns out that, in a study of face recognition systems by the Department of Homeland Security, most errors (75%) were introduced at the photo capture stage, not by the matching algorithms. What's more, the bias we keep hearing about has disappeared for the best products. Error rates were reported for the most accurate systems by gender and skin color. Errors in matching women, light-skinned subjects, and dark-skinned subjects were all as low as it's possible to be—zero. For men, the error rate was nearly zero—0.8%. These tests were of authentication/identification face recognition, which is easier to do than 1:n "searches" for matching faces, but the results mean that we can expect the whole bias issue to disappear as soon as the public wises up to the ideologically driven journalism now on offer.

Nick and I spar over location data sales by software providers. I pour cold water on the notion that evil prosecutors will use location data to track women to abortion clinics in other states. Nick thinks I'm wrong and we put some money on the outcome, though it may take five years for one of us to collect.

Scott unpacks the flap over Department of Homeland Security (DHS) Disinformation Governance Board, headed by Cyberlaw Podcast alumna Nina Jankowicz, who revealed on Tiktok that I should have asked her to sing the interview. Scott and I agree that DHS is retreating quickly from the board's name and mission as negative reviews pile up for the body's name, leader, and mission.

This Week in Schadenfreude is covered by Nick, who dwells on the irony of the Spanish prime minister's phone being targeted with Pegasus spyware not long after the Spanish government was widely blamed for using Pegasus against Catalan separatists.

In quick hits,

You can subscribe to The Cyberlaw Podcast using iTunes, Google Play, Spotify, Pocket Casts, or our RSS feed. As always, The Cyberlaw Podcast is open to feedback. Be sure to engage with @stewartbaker on Twitter. Send your questions, comments, and suggestions for topics or interviewees to Remember: If your suggested guest appears on the show, we will send you a highly coveted Cyberlaw Podcast mug!

The views expressed in this podcast are those of the speakers and do not reflect the opinions of their institutions, clients, friends, families, or pets.