The 11th Circuit’s LabMD decision is a dish served cold for Michael Daugherty, the CEO of the defunct company. The decision overturns decades of FTC jurisdiction, acquired over the years by a kind of bureaucratic adverse possession. Thanks to the LabMD opinion, practically all the FTC’s privacy and security consent decrees are at risk of being at least partly unenforceable — and if the dictum holds, the FTC may have to show that everything it views as an “unfair” lack of security is actually a negligent security practice.
David Kris introduces a remarkable week for Justice Department responses to leaks of classified information. A long-time security director at the Senate Intelligence Committee succumbs first to the wiles of an aspiring reporter, and then to the temptation to lie about the romance to the FBI. James Wolfe will pay a heavy price for his leaks of classified information — without ever being tried for leaking classified information.
I can’t help asking how the FBI gathered as much information as they did from supposedly secure services like Signal and WhatsApp. Nick Weaver and David point to metadata as the fatal flaw in Wolfe’s security — and to cloud backup as the fatal flaw in Manafort’s (along with the problem that any secret shared with another is a hostage to that party’s inclinations).
The Chinese are having a hell of a run at US secrets, David also reports, as evidenced by an espionage arrest, another espionage conviction, and a major story about a Chinese hack to harvest Pentagon technology. The Chinese recruitment of Hansen, who faced money trouble, maybe the first fruits harvested by the Chinese from their trove of OPM files listing all the weaknesses of US clearance holders.
Nate reports on the Democrats’ effort to get a threat assessment of President Trump’s phone use.
Speaking of things we really need to worry about more, Nick tells us the Russian’s VPNFilter is worse than we thought, and we already thought it was bad. It’s time to take the security of your home router very seriously.
I close with a quick rant, calling out Twitter, Facebook, Google, and Amazon for all accepting advice on who is a “hate” group from the irresponsible and irredeemably biased Southern Poverty Law Center. Really, guys, if you want half the country to hate Silicon Valley, this is exactly what you should be doing.
As always, The Cyberlaw Podcast is open to feedback. Send your questions, comments, and suggestions for topics or interviewees to CyberlawPodcast@steptoe.com or leave a message at +1 202 862 5785. Remember: If your suggested interviewee appears on the show, we will send you a highly coveted Cyberlaw Podcast mug!