Steptoe Cyberlaw Podcast, Episode #95: An Interview with Nick Weaver

Stewart Baker
Wednesday, January 6, 2016, 3:26 PM

We’re back from hiatus with a boatload of news and a cautiously libertarian technologist guest in Nick Weaver of the International Computer Science Institute in Berkeley.

Published by The Lawfare Institute
in Cooperation With
Brookings

We’re back from hiatus with a boatload of news and a cautiously libertarian technologist guest in Nick Weaver of the International Computer Science Institute in Berkeley.  To start Episode 95 of the podcast, Michael Vatis and I plumb the meaning of the Cyber Security Act’s passage.  The big news?  Apparently Santa is real, state laws prohibiting employer access to social media credentials may have been preempted, at least a bit, and ISPs just got new authority to monitor traffic to find bits that threaten other people.  Now if we could just find something useful to do with the defensive measures provision… 

Maury Shenk and Alan Cohn dig into the latest deal moving a new European data protection regulation forward – and the slow-motion disaster around the Safe Harbor. 

Maury and Michael note that the encryption debate just won’t stay dead, no matter how much Silicon Valley keeps pounding the stake into its heart.  In addition to the FBI, tech companies are seeing a whole bunch of new eyes gleaming in the dark – China’s new security lawPakistan’s fight with Blackberry, the new UK legislation, and Brazil’s shot across Whatsapp’s bow.  In every case, government has crowded Silicon Valley hard for more cooperation on access to customer data – but without (quite) insisting on a built-in backdoor.   

Speaking of governments, Michael tells us that regulators closed 2015 with a bang, with HIPAACOPPA, and order-enforcement fines up to $100 million.  And Alan points to the CFTC’s new testing rules, which I contend may have smuggled something close to strict security liability into the Federal Register.   

Michael brings us up to date on the never-ending turmoil over what access in excess of authorization means under the CFAA.  None of us are surprised that courts think it includes access in violation of a court order. 

The interview with Nick Weaver explores the charms and evils of bulk surveillance, not to mention its inevitability.  Nick analyzes the two Silicon Valley business models – which he shorthands as selling shiny stuff and selling people’s souls.  (Guess which model he disapproves of.)  Which leads us to the question of tracking terrorists as though we wanted to sell them beheading videos.  Call it Son of 702.  Which leads me to ask how soon it will be before the government blocks the sale of an online ad network to China on national security grounds. 

As always, the Cyberlaw Podcast welcomes feedback.  Send an e-mail to CyberlawPodcast@steptoe.com or leave a message at +1 202 862 5785. 

The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm. 


Stewart A. Baker is a partner in the Washington office of Steptoe & Johnson LLP. He returned to the firm following 3½ years at the Department of Homeland Security as its first Assistant Secretary for Policy. He earlier served as general counsel of the National Security Agency.

Subscribe to Lawfare