Our interview is with Chris Bing and Patrick Howell O’Neill of Cyberscoop. They’ve broken two cyberscoops in the last week or so. First, an in-depth look at Kaspersky’s outing of a US cyberespionage program aimed at foreign terrorists. Hint to Kaspersky: Bringing out a brass band to warn terrorists that are being tracked by the US government is not likely to help you win your PR and legal battles in the United States. Chris Bing also covers his other scoop – the surprisingly advanced talks among the leaders of the Senate Judiciary Committee on a bill to address the FBI’s “going dark” problem.
In the news, Jennifer Quinn-Barabanov and I debate the impact of two recent incidents on the future of self-driving cars. She thinks they’ll weather these events, and that the lives such cars save will outweigh the deaths. I’m less sure, mainly because the mistakes that lead to autonomous vehicle deaths are so different from the usual human-driver error and therefore inherently compelling and disquieting.
Nick Weaver and I cover the Grindr security flap and the company's transmission of HIV status without complete encryption protection. I think there’s less to the story than meets the eye, and that Grindr is getting more heat than it deserves. Senators Markey and Blumenthal, on the other hand, deserve a lot more heat than they’ve gotten so far.
How clueless can they be to send thirteen “when did you stop beating your husband” questions to Grindr’s CEO and not notice that he’s based in Hong Kong? In fact, Grindr was bought last year by a Chinese company. Neither senator, though, bothers to ask where this authoritative database of gay American men is stored and what access the Chinese government has to it. Or how that deal got through CFIUS. Sad! To coin a phrase.
Nick covers the big new IOT botnet’s tryout and asks why it was the banks that got attacked. I’ve got some theories, as does Nick. Along the way, he dispenses advice for people who have just realized that the router is probably the weakest link in their home network security.
When does the first amendment allow researchers to violate websites’ terms of service? Judge Bates has some preliminary answers in the Sandvik case, says Brian Egan, who thinks the case may turn into an important and perhaps unhappy ruling for websites.
In other topics, Softbank is getting a CFIUS workout. YouTube’s demonetization policy leads to a mass shooting and suicide at company headquarters. Stingrays blanket DC. And Keeper can’t even get through a news cycle about its lame lawsuit without another story about its lame security.
The Cyberlaw Podcast is hiring a part-time intern for our Washington, DC offices.
As always The Cyberlaw Podcast is open to feedback. Send your questions, suggestions for interview candidates or topics to CyberlawPodcast@steptoe.com or leave a message at +1 202 862 5785.