Steptoe Cyberlaw Podcast: An Interview with Fred Kaplan

Stewart Baker
Tuesday, June 28, 2016, 4:43 PM

Was Iran’s cyberattack that bricked vast numbers of Saudi Aramco computers justified by a similar attack on the National Iranian Oil Company a few months’ earlier? Does NSA have the ability to “replay” and attribute North Korean attacks on companies like Sony? And how do the last six NSA directors stack up against each other?

Published by The Lawfare Institute
in Cooperation With
Brookings

Was Iran’s cyberattack that bricked vast numbers of Saudi Aramco computers justified by a similar attack on the National Iranian Oil Company a few months’ earlier? Does NSA have the ability to “replay” and attribute North Korean attacks on companies like Sony? And how do the last six NSA directors stack up against each other? Those and other questions are answered by our guest for episode 122, Fred Kaplan, author of Dark Territory: The Secret History of Cyber War.

In the news roundup, we explore British corollary of the Pottery Barn Rule: “You Brexit, you owns it.” As the UK and the EU struggle to deal with fallout from the historic UK vote, all the incentives seem to be in place for the EU to do what it does best: vindicate the worst instincts of the European elite. In the name of deterring other departures, the EU is unlikely to offer the UK much in the way of concessions. On data protection, for example, Maury Shenk points out that the UK will likely have to keep its current law -- and adapt to the new regulation -- just to avoid a claim that British privacy law is inadequate.

In other news, DHS has released final guidelines for protecting privacy while sharing cyber threat information; I think they’re pretty good.

Michael Vatis and I also puzzle over the dicta adopted in a recent EDVA opinion that the utter insecurity of personal computers leaves users without a reasonable expectation of privacy and allows the FBI to use hackers’ tools without a warrant. I love it when a district court stakes out territory that makes even me feel like a civil libertarian.

The FTC drops a heavy fine on inMobi. Michael points out the much heavier weaponry that COPPA allows the Commission to deploy in privacy cases that involve children. But we have trouble mustering much sympathy for inMobi.

Finally, we’re still trolling for listener feedback on whether we should go to the trouble of trying to arrange CLE credit for listening to the podcast. Based on reaction so far, we won’t. So if you’d like to get CLE credit for the podcast, it’s time to send your vote to CyberlawPodcast@Steptoe.com.

As always, the Cyberlaw Podcast welcomes feedback. Send e-mail to CyberlawPodcast@steptoe.com or leave a message at +1 202 862 5785.

Download the 122nd episode (mp3).

Subscribe to the Cyberlaw Podcast here. We are also now on iTunes, Pocket Casts, and Google Play!

The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.


Stewart A. Baker is a partner in the Washington office of Steptoe & Johnson LLP. He returned to the firm following 3½ years at the Department of Homeland Security as its first Assistant Secretary for Policy. He earlier served as general counsel of the National Security Agency.

Subscribe to Lawfare