The Cyberlaw Podcast: We Can’t Run a Twelfth-Century Regime Without WhatsApp!

Stewart Baker
Wednesday, September 8, 2021, 3:17 PM

Published by The Lawfare Institute
in Cooperation With
Brookings

Back at last from hiatus, the podcast finds a host of hot issues to cover. Matthew Heiman walks us through all the ways that China and the U.S. found to get in each other’s way on technology. China’s new data security and privacy laws take effect this fall, and in keeping with a longstanding theme of the podcast—that privacy law is mostly about protecting the privilege of the powerful—we muse on the ways that legal innovations in the West have empowered China’s rulers. The SEC is tightening the screws on Chinese companies that want to list on American exchanges. Meanwhile, SenseTime is going forward with a $2 billion IPO in Hong Kong despite being subject to the stiffest possible Commerce Department sanctions. Talk about decoupling!

In Washington, remarkably, a bipartisan breach notification law is moving “We Can’t Run a Twelfth-Century Regime Without WhatsApp!” through both House and Senate. Michael Ellis explains the unorthodox (but hardly unprecedented) path the law is likely to take—a “preconference” followed by attachment to the defense authorization bill scheduled to pass this fall.

I ask Brian Egan for the tech fallout from the fall of the U.S.-backed regime in Afghanistan. All things considered, it’s modest. Despite hand-wringing over data left behind, that data may not be really accessible. Google isn’t likely to turn over government emails to the new regime, if only because US sanctions make that legally risky. The Taliban’s use of WhatsApp is likely to suffer from the same sanctions barrier. I predict a Taliban complaint that it’s being forced to run a thirteenth century regime with twelfth century technology.

Meanwhile, Texas Republicans are on a roll, as Democrats forced to return to the State House sit on their hands. They’ve adopted a creative and aggressive antiabortion law that has proven a challenge to tech companies, which responded by canceling tech services for pro-life groups and promising to defend gig workers who are caught up in litigation. Texas has kept pace, adopting a bill that limits Silicon Valley censorship of political speech; it raises many of the same issues as the Florida statute, but without the embarrassing prostration before the Disney theme park empire. I ask whether Texas could have used the same tactics for its interpretation of Section 230 that it used in the abortion bill—authorizing private suits but not government enforcement. Such tactics work when there is a real possibility that the Supreme Court will overturn some settled circuit rulings, and section 230 is ripe for exactly that.

Matthew Heiman and I debate whether the Justice Department’s dropping of several Chinese visa fraud cases heralds a retrenchment in the department’s China Initiative.

Michael and I dig into the Apple decision to alienate the Guardians of Privacy in an effort to do something about child sex abuse material on iPhones—and Apple’s recent decision to alienate the rest of the country by casting doubt on whether it would ever do something about child sex abuse material on its phones.

Finally, in quick hits, Brian doubts the significance of claims that the Israeli government is launching an investigation of NSO Group over spyware abuse. Michael picks apart the Cyberspace Solarium Commission’s report card on Congress’s progress implementing its recommendations. And Brian highlights the UK’s new and much tougher version of CFIUS, the National Security and Investment Act 2021. I turn that into career advice for our listeners.

And more!

Download the 373rd Episode (mp3)

You can subscribe to The Cyberlaw Podcast using iTunes, Google Play, Spotify, Pocket Casts, or our RSS feed. As always, The Cyberlaw Podcast is open to feedback. Be sure to engage with @stewartbaker on Twitter. Send your questions, comments, and suggestions for topics or interviewees to CyberlawPodcast@steptoe.com. Remember: If your suggested guest appears on the show, we will send you a highly coveted Cyberlaw Podcast mug!

The views expressed in this podcast are those of the speakers and do not reflect the opinions of their institutions, clients, friends, families, or pets.


Stewart A. Baker is a partner in the Washington office of Steptoe & Johnson LLP. He returned to the firm following 3½ years at the Department of Homeland Security as its first Assistant Secretary for Policy. He earlier served as general counsel of the National Security Agency.

Subscribe to Lawfare