The Steptoe Cyberlaw Podcast: Episode #9

Last year, I was arguing with a couple of my partners, Michael Vatis and Jason Weinstein over the latest developments in privacy and security law. It was fun, mainly because they’re smarter than I am and almost as opinionated. They’ve both had serious jobs in government. Michael handled national security and cybersecurity at Justice and the FBI during the Clinton Administration, while Jason oversaw cybercrime and other units at Justice under Obama. And both of them litigate in those fields at Steptoe. I learned more in a short conversation with them than hours of legal reading. I’m an avid consumer of podcasts while driving, working out, and shoveling the driveway, so I quickly decided that what the world needed was a weekly conversation on these topic. Remarkably, they and my law firm agreed to give the idea a try. We’re still feeling our way, but as we near our tenth episode, the podcast is pretty clearly here to stay. It’s settling into a pattern: half an hour reviewing the latest legal developments, followed by an interview with a Washington newsmaker or expert. We’ve been lucky to have great conversations already with like Chris Inglis, former deputy director of NSA, Ellen Nakashima of the Washington Post, John Rizzo, former everything at CIA, and David Medine, chairman of the Privacy and Civil Liberties Oversight Board. So just an hour of listening each week can keep you current with the latest legal developments in privacy, security, and the Life of Snowden. I’m pleased that Lawfare thought well enough of our first few episodes that Ben offered to host the series here. We’re starting with Episode 9 of the Steptoe Cyberlaw Podcast. (Earlier episodes are available here.) Episode 9 covers “The Week in Snowden” – a review of the intelligence community’s options for storing metadata outside NSA, GCHQ’s fleshy webcam captures, a Canadian extradition flap, and the ABA President’s finger-wagging letter to the NSA. It also explores the collapse of LabMD’s challenge to the FTC over private sector security regulation, FTC Commissioner Brill’s ideas for regulating big data, and a new, short-lived feature, “The Week In Weird Copyright Law,” which reveals how copyright law connects Google, terrorism, Hillary Clinton, Louis Brandeis, and an obscure California actress. Other features include a quick review of the RSA convention, an update on the Justice Department’s support for federal legislation on data breach notices, and prospects for legislation that would allow Americans to unlock their phones without violating the law. This week’s interview is with Adam Sedgewick, NIST’s policy adviser on cybersecurity and a moving force in the administration’s new Cybersecurity Framework. We discuss the framework’s content and whether it can be likened to a university’s courses, majors, and grades. (Well, maybe two out of the three, Adam says.) Adam also gracefully accepts a compliment on NIST’s flexibility in dealing with privacy--and equally gracefully acknowledges my complaint that NIST made a “bush league” decision to embargo its website during the government shutdown. Along the way, we learn a lot about the future of the framework. Michael, Jason, and I are pleased to be part of the Lawfare community, and we look forward to your comments.