Brad Smith is President of Microsoft and author (with Carol Ann Browne) of Tools and Weapons: The Promise and Peril of the Digital Age. The book is a collection of vignettes of the tech policy battles in the last decade or so. Smith had a ringside seat for most of them, and he recounts what he learned in a compelling and good-natured way in the book – and in this episode’s interview. Starting with the Snowden disclosures and the emotional reaction they caused in Silicon Valley, through the CLOUD Act, Brad Smith and Microsoft displayed a relatively even keel while trying to reflect the interests of the company's many stakeholders. In that effort, Smith became an advocate for more international cooperation in regulating digital technology. (A point on which Brad and I disagree.) As the interview wends on, Brad discloses how the Cyberlaw Podcast’s own Nate Jones and his Microsoft partner, Amy Hogan-Burney, became “Namy,” achieving a fame and moniker inside Microsoft that only Brangelina has achieved in the wider world. Finally, Brad Smith sums up Microsoft’s own journey in the last quarter century as came to recognize that humility is a better long-term strategy than hubris.
Turning to the news, it looks like the surveillance renewal debate will be pushed to March 15 instead of December 15. That’s thanks to impeachment, David Kris assesses. We summarize what’s up for renewal before turning to the hottest of FISA topics: The DOJ inspector general report on bias in the FBI’s investigation of the 2016 Trump-Russia connection. All we’re getting at this point is self-serving leaks, but it sounds as though the report is finding real misbehavior only in the lower rungs of the Bureau. The IG finds no political bias at the top, but criminal charges against one “vive le resistance” lawyer look possible.
David sums up China’s Vulnerability Equities Process: “You can disclose the vulns when MSS is done using them.”
Nick Weaver, meanwhile, tells us that China’s dependence on US-origin AI frameworks is more a matter of bragging rights rather than real disadvantage – unless you think that being unable to deny access to GitHub is a real disadvantage. And if you’re Xi Jinping, you might.
Nate Jones, already immortalized as the quiet half of Namy, reveals that Iran’s APT33 is targeting industrial control systems –and that Iran has shut down its Internet for several days in the face of civil unrest. I suggest that we keep track of the regime-essential links that stay up – so we can take them down later, when Iran really needs them, as retaliation for any intrusion into our industrial control systems.
Nate and I ask why a majority of the UN General Assembly bought into a Russian proposal for a “cybercrime” resolution. Hint: Many of the governments that support it couldn’t survive the combination of a democratic election and a free press.
Speaking of Russians, Nick flags a Brian Krebs explainer on why the Russians really, really didn’t want their accused cybercriminal extradited from Israel to the US.
David and I gape in wonder at the chutzpah of the Indiana police force that accused a suspected drug dealer of theft for removing a police GPS tracker from his car – and then used that theft to justify a search of his home.
In a lightning round, Nick covers the new Russian law that prohibits sale of devices without preinstalled “alternative” software. And Nick and I debate the value and legality of Uber’s plan to introduce audio recordings during rides.
Join Steptoe for a complimentary webinar on Tuesday, December 10. We’ll be talking about the impacts on retailers of the newly implemented California Consumer Privacy Act and the EU’s General Data Protection Regulation. This is a fast-moving area of the law; we can keep you up to date. You can find out more and register here.
As always, The Cyberlaw Podcast is open to feedback. Be sure to engage with @stewartbaker on Twitter. Send your questions, comments, and suggestions for topics or interviewees to CyberlawPodcast@steptoe.com. Remember: If your suggested guest appears on the show, we will send you a highly coveted Cyberlaw Podcast mug!
The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.