This is Stewart Baker's Typepad Profile.
Join Typepad and start following Stewart Baker's activity
Join Now!
Already a member? Sign In
Stewart Baker
Former government official now practicing law
Recent Activity
We devote episode 100 to “section 702” intelligence – the highly productive counterterrorism program that collects data on foreigners from data stored on US servers. What’s remarkable about the program is its roots: President Bush’s decision to ignore the clear language of FISA and implement collection without judicial approval. That decision has now been ratified by Congress – and will be ratified again in 2017 when the authority for it ends. But what does it say about the future of intelligence under law that our most productive innovation in intelligence only came about because the law was broken? Our guest for the episode, David Kris, thinks that President Bush might have been able to persuade Congress to approve the program in 2001 if he’d asked. David may be right; he is a former Assistant Attorney General for National Security, the coauthor of the premier sourcebook on intelligence under law, "National Security Investigations & Prosecutions,” and the General Counsel of Intellectual Ventures. But what I find surprising is how little attention has been paid to the question. How about it? Is George Bush to FISA what Abraham Lincoln was to habeas corpus? My interview with David leaves Lincoln to the history... Continue reading
Posted 3 days ago at Skating on Stilts
Our guest is Amit Ashkenazi, whom I interviewed while in Israel. Amit is Legal Advisor of The Israel National Cyber Bureau and a former general counsel to Israel’s data protection agency. Israel is drafting its own cybersecurity act, and we discuss what if anything that country can learn from the US debate – and what the US can learn from Israel’s cybersecurity experience. We explore the challenges Israel will face in trying to start a new cybersecurity agency, how Israel strikes the balance between security and privacy, the risks of using contractors to staff a new agency, the danger of stating agency authorities with too much specificity, and why the agency is likely to look more like DHS than the FBI. In the news roundup, I discuss the dynamics of the Safe Harbor talks with Maury Shenk, boldly predicting that the EU will cave on the remaining issues once it’s convinced the US means business. Jason Weinstein and I talk about the Judicial Redress Act and the gratifying Senate Judiciary Committee amendment – an amendment that the EU must have seen as a bad sign for the future if the Safe Harbor talks fail. The Act is intended to facilitate... Continue reading
Posted Feb 1, 2016 at Skating on Stilts
If there really is another crypto war in Washington, then this week’s podcast features several war correspondents and at least one victim of PTSD. Our guest is Melanie Teplinsky, former cybersecurity lawyer at Steptoe, adjunct professor at American University’s Washington College of Law, advisory board member for Crowdstrike, and a regular columnist on privacy and security issues for the Christian Science Monitor. We cover crypto news from Davos to the New York legislature. We also discuss my latest policy provocation, designed to unveil yet another example of European hypocrisy where privacy, data protection, and the United States are concerned. Inspired by the still-stalled Safe Harbor talks, I announce plans to award a Europocrisy Prize for filings that force European data protection authorities to assess the adequacy of surveillance law in important European trading partners who aren’t the United States, such as China, Russia, Saudia Arabia, and Algeria. Amazingly, in twenty years of bitter attacks on US privacy adequacy, that’s never been done. We dig into several developments in the world of litigation. Michael Vatis and Alan Cohn discuss several new cases: a lawsuit claiming that fake emails should be covered by a forgery insurance policy, a hacked casino’s effort to... Continue reading
Posted Jan 26, 2016 at Skating on Stilts
I recently posted about the threat posed to US counterterrorism efforts by European data protection dogma. Briefly, European law has long insisted that personal data may not be transferred to a country whose data protection law is not “adequate.” And the European Court of Justice (ECJ) recently decided that U.S. surveillance law did not provide “adequate” protections for human rights; it authorized every data protection agency in Europe to impose an embargo on data exports to the United States. You'd be right in thinking this story sounds familiar. In the last fifteen years, the EU has used the threat of a data embargo to create half a dozen transatlantic crises just over exports of travel reservation data, another two or three on financial data, years of negotiations over law enforcement data, and at least two over a “Safe Harbor” for U.S. firms who promise to follow European law when handling data in the United States. Yet despite all those crises and all those negotiations, the EU has never once cut off data transfers. It’s fair to conclude from that history that a data embargo is for EU negotiators what nuclear weapons are to Kim Jong Un – a dandy way... Continue reading
Posted Jan 22, 2016 at Skating on Stilts
Back for a rematch, John Lynch and I return to the “hackback” debate in episode 97, with Jim Lewis of CSIS providing color commentary. John Lynch is the head of the Justice Department’s computer crime section. We find more common ground than might be expected but plenty of conflict as well. I suggest that Sheriff Arpaio in Arizona may soon be dressing hackers in pink while deputizing backhackers, while Jim Lewis focuses on the risk of adverse foreign government reactions. We also consider when it’s lawful to use “web beacons” and whether trusted security professionals should be given more leeway to take action outside their customers’ networks. In response to suggestions that those who break into hacker hop points might be sued by the third parties who nominally own those hop points, I suggest that those parties could face counterclaims for negligence. We close with a surprisingly undogmatic discussion of Justice Department “no-action letters” for computer security practitioners considering novel forms of active defense. In the news roundup, Alan Cohn and I consider whether Twitter should worry about being sued for providing material support to ISIS. Answer: Yes, at least a little. Tim Cook, too, for that matter. Meredith Rathbone... Continue reading
Posted Jan 21, 2016 at Skating on Stilts
How do you graduate as a conservative with two Harvard degrees? We learn this and much more from Sen. Tom Cotton (R-AR), our guest for episode 96 . We dive deep with the Senator on the 215 metadata program and its USA FREEDOM Act replacement. We ask what the future holds for the 702 program, one of the most important counterterrorism programs and just entering yet another round of jockeying over renewal; Sen. Cotton has already come out in favor of making the program permanent. To round things out, Sen. Cotton assesses the risks of Going Dark for our intelligence community and the difficulties that the Safe Harbor negotiations pose for US intelligence. In the news roundup, evidence mounts that someone has hacked the Ukrainian electric grid. Michael isn’t ready to point the finger at Russia yet; but I pretty much am. Whoever gets the blame, this probably means another aspirational cyberwar norm down the tubes. In the United Kingdom, US tech firms are lobbying against a security bill, but Maury Shenk questions whether they’re mainly complaining about rules that are already part of UK law. In the US, administration officials and Silicon Valley are happy talking about cooperation to... Continue reading
Posted Jan 12, 2016 at Skating on Stilts
We’re back from hiatus with a boatload of news and a cautiously libertarian technologist guest in Nick Weaver of the International Computer Science Institute in Berkeley. To start Episode 95 of the podcast, Michael Vatis and I plumb the meaning of the Cyber Security Act’s passage. The big news? Apparently Santa is real, state laws prohibiting employer access to social media credentials may have been preempted, at least a bit, and ISPs just got new authority to monitor traffic to find bits that threaten other people. Now if we could just find something useful to do with the defensive measures provision … Maury Shenk and Alan Cohn dig into the latest deal moving a new European data protection regulation forward – and the slow-motion disaster around the Safe Harbor. Maury and Michael note that the encryption debate just won’t stay dead, no matter how much Silicon Valley keeps pounding the stake into its heart. In addition to the FBI, tech companies are seeing a whole bunch of new eyes gleaming in the dark – China’s new security law, Pakistan’s fight with Blackberry, the new UK legislation, and Brazil’s shot across Whatsapp’s bow. In every case, government has crowded Silicon Valley... Continue reading
Posted Jan 6, 2016 at Skating on Stilts
The intelligence tools that protect us from terrorism are under attack, and from an unlikely quarter. Europe, which depends on America's intelligence reach to fend off terrorists, has embarked on a path that will sabotage some of our most important intelligence capabilities. This crisis has been a long time brewing, and up to now, the US has responded with a patchwork of stopgap half-solutions. That's not likely to work this time. We need a new strategy. And most of all, we need to get serious about defending U.S. interests. It's no surprise that the US fight against terrorism depends crucially on the so-called 702 program, which allows the government to serve orders on social media, webmail, and electronic service providers who store their global customers' data in the United States. The intelligence we gather in this way protects Europe as much as the United States. Within days of the Paris attacks, the US agreed to give France direct access to much raw intelligence. Even more recently, the German government credited US (and French) intelligence with helping it thwart planned suicide bombings in Munich over the New Year holiday. The British communications intelligence agency, GCHQ, has a deeply integrated intelligence sharing... Continue reading
Posted Jan 5, 2016 at Skating on Stilts
The Cyberlaw podcast is officially on hiatus for the holidays, but we just can't resist sending out a Christmas present to our listeners. With Wyndham’s surrender to the FTC after a brutal court of appeals opinion, the last outpost of resistance to the FTC’s cybersecurity agenda is Mike Daugherty, CEO of LabMD. Daugherty refused to take the easy road and enter into a consent decree with the FTC to settle its claim that the company’s security was insufficient because of a file-sharing program installed on the corporate network. That decision has cost Daugherty his company. LabMD has ceased operations. And it took him on an extraordinary odyssey through Washington that he has described in his book, The Devil Inside the Beltway, and speeches. I caught up with Mike at the Black Hat Executive Summit where we were both speakers, and he kindly agreed to a short interview describing some of that odyssey. That short interview makes up our bonus episode 94 -- the last of 2015. I offered the FTC equal time to offer their perspective. So far, they haven’t taken me up on the offer, but it remains open. As always, the Cyberlaw Podcast welcomes feedback. Send an e-mail... Continue reading
Posted Dec 21, 2015 at Skating on Stilts
Our guest for episode 93 is cybersecurity’s Renaissance Man. Rod Beckstrom started DHS’s National Cybersecurity Center, then headed ICANN; before and after those gigs, he was a Silicon Valley investor and officer in security startups as early as the 1990s and as recently as this year. Our interview spans Rod’s career and what it has taught him about security, privacy, law, and government. In the news roundup, Alan Cohn and Jason Weinstein talk about proposals to require social media sites to do more about online terrorist activity. Alan and I take a dive into the EU’s achingly slow progress toward new cybersecurity rules for critical infrastructure – and how those rules will affect US companies. Michael Vatis tells us that Michael Daugherty of LabMD is officially the only challenge facing the FTC as it sets (or at least enforces) cybersecurity requirements for American business. That’s because Wyndham Hotels has officially given up the ghost, agreeing to twenty years of privacy and security monitoring by the FTC. Finally, Michael Vatis and I agree that encryption has become the Donald Trump of tech issues – but each of us for different reasons. The podcast will be on hiatus over the holidays, but... Continue reading
Posted Dec 15, 2015 at Skating on Stilts
Has China’s PLA really stopped hacking US companies for commercial secrets? And does it matter? In episode 92, we ask those questions and more of two experts on the topic ‒ Washington Post reporter Ellen Nakashima, who has broken many stories on PLA hacking, and Tony Cole, the Global Government CTO with FireEye, who has fought off his share of PLA hackers. In the news roundup, Jason Weinstein and Michael Vatis explain how the ‘cannibal cop’ beat the rap for violating the Computer Fraud and Abuse Act. Maury Shenk and Michael mull the fate of the Safe Harbor negotiations – and question whether a deal can be done before the Christmas holidays. Meanwhile, privacy activist Max Schrems is doing his best to close off the other options US companies have used to cushion the blow from losing the Safe Harbor. The same Europeans who want to punish US tech giants for helping fight terrorism also want to punish them for not helping fight terrorism. Michael and Maury consider the heavy pressure falling on tech companies from the EU, France, Pakistan, and even the Oval Office. Only the judicial branch still seems like safe ground for the companies. Jason and Michael... Continue reading
Posted Dec 9, 2015 at Skating on Stilts
Is the internet really worth it? Our guest for episode 91, Jason Healey of the Atlantic Council and Columbia University, recaps a study finding that, even with a worst-case Clockwork Orange Internet, the economic benefits of networking still outweigh the losses from security failures – though the closer we get to the worst case, the more likely we are to get Leviathan Internet, where the inherently controlling aspects of the network are embraced by governments around the world. Our post-Thanksgiving news roundup is dominated by leftovers – edible and otherwise. Larry Klayman and Judge Leon have apparently run out of time to challenge the now-deceased NSA metadata program, Michael Vatis and I note, while Section 702 has survived a rare judicial challenge. Meanwhile, it’s beginning to look as though the FTC and LabMD really deserve each other. The FTC has launched an ill-advised appeal in its ill-advised pursuit of LabMD, Michael reports, and LabMD has returned the favor by launching a lawsuit against the three FTC staffers who pursued the company so improvidently. The Google cookie case has mostly crumbled, Michael tells us, but the plaintiffs still have one big bite left, raising the chilling prospect of California law as... Continue reading
Posted Dec 2, 2015 at Skating on Stilts
Our guest for episode 90 is Charlie Savage, New York Times reporter, talking about Power Wars, his monumental new book on the law and politics of terrorism in the Obama (and Bush) administrations. I pronounce it superb, deeply informative, and fairly unbiased, “for a New York Times reporter.” With that, the fat is in the fire, and Charlie and I trade views – and occasional barbs – about how the Bush and Obama administrations handled the surveillance issues that arose after 9/11. In the news roundup, Michael Vatis and I puzzle over the FTC’s astonishing loss on its own home court. We wonder why the FTC failed to do the right thing and drop the LabMD case when the FTC’s source began to lose credibility by the shovel-load. I suggest that FTC leadership was suffering from the rarely spotted “Darrel Issa Derangement Syndrome.” Jason Weinstein deconstructs the claim that the European Union is “cracking down” on bitcoin in response to the attacks in Paris. Stepping out of character, I defend the value of diplomatic “words on paper,” finding promise in the G20’s announcement that all twenty members join in condemning cyberespionage for commercial purposes. Michael recaps the latest in litigation... Continue reading
Posted Nov 24, 2015 at Skating on Stilts
The U.S.-China Economic and Security Review Commission has finished its nearly 600-page annual report to Congress for 2015. The Commission's report is, as usual, a thoughtful and detailed assessment of the US-China economic relationship. So it's no surprise that the Commission addresses the problem of commercial cyberespionage. More surprising -- and satisfying -- is the Commission's interest in allowing US companies to "hack back" against Chinese intrusions. This is an approach I've long believed should be on the table, though with limitations. The Commission comes to the same posture, notably avoiding the stiff-necked cant displayed by the Department of Justice when the idea comes up. The Commission recommends that Congress assess the coverage of U.S. law to determine whether U.S.-based companies that have been hacked should be allowed to engage in counterintrusions for the purpose of recovering, erasing, or altering stolen data in offending computer networks. In addition, Congress should study the feasibility of a foreign intelligence cyber court to hear evidence from U.S. victims of cyber attacks and decide whether the U.S. government might undertake counterintrusions on a victim’s behalf. The first idea is now fairly widespread in policy circles. The second not so much. There are plenty of... Continue reading
Posted Nov 22, 2015 at Skating on Stilts
The NSA metadata program that is set to expire in two weeks was designed to provide early warning of a terror attack planned in a foreign safe haven and carried out inside the United States. Those are some of the most deadly terror attacks we’ve seen, from 9/11 to Mumbai. And now Paris. So should the United States be terminating the 215 program just as the Paris attacks show why it was created? That’s the question I ask in Episode 89 of the podcast as we watch the DC circuit cut short Judge Leon’s undignified race to give the program one last kick before it’s terminated. Our guest for the podcast is Mark Shuttleworth, founder of Thawte and Canonical/Ubuntu. He makes it clear from the start that he could hardly disagree with me less on issues such as encryption and intelligence collection. But we nonetheless get a great tour of the technology horizon. Mark is helping to build the future of computing, from the internet of things to mobile phones, the desktop, and the cloud. We explore what that means for privacy and security; we even touch on artificial intelligence and just how suddenly its risks will be upon us.... Continue reading
Posted Nov 18, 2015 at Skating on Stilts
I offered a modest proposal today for dealing with Europe's refugee problem and its Daesh problem in today's New York Times "Room for Debate" page. Here's the heart of it: A German parliamentarian is talking about conscripting military-age Germans to provide the services that displaced Syrians need. Maybe instead, Europeans should be conscripting military-age Syrian refugees, training them, and sending them back to fight for their own country. (According to the United Nations, in this wave of migrants, the men outnumber the women by nearly five to one.) Why shouldn’t those men be asked to help create the refuge that they and their families need -- in Syria, where they need it most. Such a measure would not just help to solve the problem at its source. It would separate true refugees from those who are simply hoping to dodge the Syrian draft or find a more prosperous place to work. And it has a proud history in the West, as the Polish pilots who fought the Battle of Britain could attest, along with theFrench, Belgian and Dutch soldiers who fought the Nazis across Normandy to build a true refuge in their own countries. Some may object that drafting combatants... Continue reading
Posted Nov 16, 2015 at Skating on Stilts
Where the hell are the FTC, Silicon Valley, and CDT when human rights and privacy are on the line? If the United States announced that it had been installing malware on 2% of all the laptops that crossed US borders, the lawsuits would be flying thick and fast, and every company in Silicon Valley would be rolling out technical measures to defeat the intrusion. But when China injects malware into 2% of all the computers whose queries cross into Chinese territory, no one says boo. Not the US government, not CDT or EFF, and not the big browser companies. That’s the lesson I draw from episode 88 of the podcast, featuring an in-depth discussion of China’s Great Cannon with Adam Kozy and Johannes Gilger of Crowdstrike. They expand on their 2015 Blackhat talk about China’s deployment of Great Firewall infrastructure to hijack American and Taiwanese computers and use them in a DDOS attack against Github. China’s first internet email, in 1987, said “Across the Great Wall we can reach every corner of the world.” And boy, did they mean it. The question now is what the other corners of the world are going to do about it. In other news,... Continue reading
Posted Nov 11, 2015 at Skating on Stilts
The TransPacific Partnership trade agreement has been released, and it goes way beyond resolving a few trade and tariff disputes. US and other trade negotiators leaped into a host of policy and legal matters, including the fight over when governments can demand access to encryption keys. The outcome to the crypto wars is one that no one would have expected: Jim Comey loses. NSA director Mike Rogers loses. But SEC chairman Mary Schapiro Jo White wins. In an annex to a chapter on Technical Barriers to Trade, the trade deal specifies that no government may require any company to provide cryptographic keys to its products. The only exceptions are for products or networks that actually belong to the government and for "supervisory, investigatory or examination [measures] relating to financial institutions or markets." So the trade negotiators have spoken. No point in any more debate. The FBI and NSA are out in the cold, but the chairman of the Securities and Exchange Commission can require companies to cough up their encryption keys. UPDATE: Corrected SEC chair's name. My fault for reading this Google search too quickly. Continue reading
Posted Nov 7, 2015 at Skating on Stilts
Here's one more surprise in the newly released TPP. It could have a big impact on cybersecurity. That's because the deal prohibits nations from asking mass market software companies for access to their source code. See TPP article 14.17. The ban doesn't apply to code run on critical infrastructure, which will make for endless disputes, since there's very little mass market software that doesn't run on computers involved in critical infrastructure. Right now, this is a measure US software companies want. That's because we make most of the mass market software in the market. But that's likely to change, especially given the ease of entry into smart phone app markets. We're going to want protection against the introduction of malware into such software. The question of source code inspection is a tough one. If other countries can inspect US source code, they'll find it easier to spot security flaws, so the US government would like to keep other countries from doing that. But I doubt US security agencies are comfortable letting Vietnam write apps that end up on the phones of their employees without the ability to inspect the source. In short, this is a tough policy call that is... Continue reading
Posted Nov 7, 2015 at Skating on Stilts
Now that both the House and Senate have passed information sharing bills that are strikingly similar but not identical, the prospects for a change in the law are good. But what changes, and how much difference will they make to network defenders? That’s the topic we explore in episode 87 with our guest, Ari Schwartz. Ari has just finished a tour as senior director for cybersecurity on the United States National Security Council Staff at the White House. He and I and Alan Cohn go deep into the weeds so you won’t have to. Our conclusion? The main value of the bill is that it frees some companies from aging privacy rules that prevented information sharing with groups that include the government. It also enables companies to monitor their networks without fear of liability under even older privacy laws preventing interception of communications without all parties’ consent. The other lesson to be drawn from the bill is that privacy groups are still something of a paper tiger without business support. More than seventy senators voted for CISAover the bleeding bodies of every privacy group in the country. In other news, Maury Shenk and I unpack the latest claim that the... Continue reading
Posted Nov 4, 2015 at Skating on Stilts
Are Russian hacker-spies a bunch of lethargic government drones more interested in smash-and-grabs than stealth? That’s one of the questions we pose to Mikko Hypponen in episode 86 of the podcast (right after we ask about how to pronounce his name; turns out, that’s harder than you think). Mikko is the Chief Research Officer at F-Secure and a long-time expert in computer security who has spoken and consulted around the world for over 20 years. His company recently published a lengthy paper on Russian government cyberspies, which F-Secure calls “the Dukes.” Mikko describes the Dukes’ targets and tactics, including a remarkably indiscriminate attack on a Tor exit node. I press him on whether attribution is really getting better. Mikko also joins us for the news roundup, where we do a damage assessment from the ECJ’s Safe Harbor demolition and I critique Brad Smith’s implausible solution to the transatlantic data rift. We explain why Israel has decided to cut off data transfers to the U.S. (hint: it’s not concerns about aggressive counterterror surveillance) . And I wonder whether the House of Representatives passage of the Judicial Redress Act makes Jim Sensenbrenner the abused spouse of the European Commission (“I was going... Continue reading
Posted Oct 29, 2015 at Skating on Stilts
Want to see cyber attribution and deterrence in action? In August, a hacker pulled the names of US military personnel and others out of a corporate network and passed them to ISIL. British jihadist Junaid Hussain exulted when ISIL released the names. “They have us on their ‘hit list,’ and we have them on ours too…,” he tweeted. On the whole, I’d rather be on theirs. Two weeks after his tweet, Hussain was killed in a US airstrike, and two months after that, the hacker who obtained the list was arrested in Malaysia (subscription required) on a US warrant. We explore that story and more with Gen. Michael Hayden, the only person to serve as both Director of the National Security Agency and of the Central Intelligence Agency. Gen. Hayden explains why he differs with FBI director Comey on encryption and with the European Court of Justice on whether the US sufficiently respects privacy rights, along with other topics. Our news roundup dwells again on the ECJ’s decision and the Article 29 Working Party press release on the decision, a release characterized by far more bold font than bold thinking. In other news, magistrates are revolting again, or maybe still,... Continue reading
Posted Oct 21, 2015 at Skating on Stilts
In episode 84 our guest is Jack Goldsmith, Professor at Harvard Law School, a Senior Fellow at the Hoover Institution at Stanford University, and co-founder of the Lawfare blog. Before coming to Harvard, he served as Assistant Attorney General, Office of Legal Counsel and Special Counsel to the Department of Defense. From cyberespionage to the right to be forgotten and the end of the Safe Harbor, we explore the many ways in which a globalized economy has tied the US government’s hands in cybersecurity matters – and subjected the United States to extensive extraterritorial “soft power” at the hands of Europeans. In the news roundup, the headline news is the continuing fallout from the ECJ’s attack on the Safe Harbor. Michael Vatis and Maury Shenk bring us up to date. Jason Weinstein explains why the latest convicted hacker thinks he should be a civil liberties hero/victim – and how weev has found yet another outlet for his bitterness at DOJ Michael Vatis explains DOD’s latest cybersecurity rules for contractors. We conclude that DOD is boldly going where no agency has gone before – mandating cybersecurity with traditional command and control regulation. It’s an experiment that many will be watching. And... Continue reading
Posted Oct 14, 2015 at Skating on Stilts
Bruce Schneier joins Stewart Baker and Alan Cohn for an episode of the podcast recorded live in front of an audience of security and privacy professionals. Appearing at the conference Privacy.Security.Risk. 2015., sponsored by the IAPP and the Cloud Security Alliance, Bruce Schneier talks through recent developments in law and technology. The three of us stare into the pit opened by an overwrought (and overdue and overweening) European Court of Justice advisor. If the European Court of Justice follows his lead (and what seems to be its inclinations), we could face a true crisis in transatlantic relations. VW’s decision to hack its own emissions control software leads to a deep dive into the internet of things that lie to us, the value (or not) of open source, and whether plausible deniability is the next skill that programmers will have to learn. We also talk China, the OPM hack, and the unique value and unique vulnerability of biometric authenticators. Bruce and Alan dig into the proposed export control rules for intrusion software; when they’re done, so is the case for the rules. The right to be forgotten leads to an exploration of when we should delegate law-making to private companies. I... Continue reading
Posted Oct 2, 2015 at Skating on Stilts
Cyberlaw negotiations are the theme of episode 82, as the US and China strike a potentially significant agreement on commercial cyberespionage and Europeans focus on tearing up agreements with the US and intruding on US sovereignty. Our guest for the episode is Jim Lewis, a senior fellow and director of the Strategic Technologies Program at the Center for Strategic and International Studies. Most importantly, Jim is one of the most deeply informed and insightful commentators on China and cybersecurity. He offers new perspectives on the Obama-Xi summit and what it means for cyberespionage. Meanwhile, the news roundup is full of flamboyant European attacks on US sovereignty and US agreements with Europe. In a pending case involving Facebook, a highly influential advisor to the European Court of Justice has fired both barrels pointblank at the Safe Harbor privacy agreement with the United States. First, he concludes that any data protection authority is free to defy the primacy of Brussels and refuse to give effect to the EU’s determination that US practices under the Safe Harbor are “adequate” for data transfer purposes. Second, he concludes that US practices are not adequate because section 702 of the Foreign Intelligence Surveillance Act and other... Continue reading
Posted Sep 30, 2015 at Skating on Stilts