Our interview today is with Bruce Schneier, who has coauthored a paper about how to push security back up the Internet-of-things supply chain: The Reverse Cascade: Enforcing Security on the Global IoT Supply Chain. His solution is hard on IOT affordability and hard on big retailers and other middlemen, who will face new liabilities, but we conclude that it’s achievable and maybe necessary. In fact, the real question is who’ll get there first, a combination of DHS’s CISA and the FTC or the California Secretary of State.
In the News Roundup Megan Stifel (@MeganStifel), Nate Jones (@n8jones81), and David Kris (@DavidKris) and I discuss TikTok's unenviable position -- holding the ball at the wrong end of the court as the clock winds down to 00:00. Every week seems to bring a new administration initiative that could hurt or kill TikTok's US business. The government’s options include a simple ban on TikTok sales to US buyers based on a finding that the company is a threat to national security or the security of Americans. That’s the applicable legal standard under Executive Order 13873; it's brand-new (the regs aren’t even final yet) but it relies on tools that have long been used under the International Economic Emergency Powers Act (IEEPA). A straightforward application of IEEPA remedies would cut TikTok off from the US market, I argue.
Meanwhile, another little-advertised but equally sweeping rule for government contractors is on its way to implementation. It will deny federal contracts, not just contractors who want to deliver certain Chinese products but it will also cut off contractors who jsut use those products themselves.
Not to be outdone by the contracting officers, the Federal Trade Commission and Justice Department are attacking TikTok from a different direction – investigating claims that the company failed to live up to last year’s consent decree on the privacy of children using the app.
And, on top of everything, private sector CISOs are drawing a bead on the app, too, as Wells Fargo and (briefly) Amazon told their employees to take the app off their work phones.
It’s no surprise in the face of these developments that TikTok is working overtime to decouple itself in the public’s mind from China, including going so far as to join the rest of Silicon Valley in signaling discomfort with Hong Kong’s new security rules (and ruler). Megan and I question whether this strategy will succeed.
If Chief Justice Roberts were running for office, he couldn’t have produced a better platform than the Court’s latest tech decision – upholding most of a law that makes robocalls illegal while striking down the one part that authorizes robocalls for collection of government debt. David Kris explains.
Nate unpacks a new Florida DNA privacy law prohibiting life, disability and long-term care insurance companies from using genetic tests for coverage purposes. I express skepticism.
Nate also explains the mysteriously quiet launch of the UK-US Bilateral Data Access Agreement. Four years in the making, and neither side wanted to announce that it had taken effect – what are they worried about, I wonder?
FBI Director Wray gives a compelling speech on the counterintelligence and economic espionage threat from China. He says the bureau opens a new such case every ten hours. And right on schedule comes the prosecution of a professor charged with taking $4M in US grant money to conduct research -- for China.
David and I puzzle over the surprisingly lenient sentence handed to a former Yahoo engineer for hacking the personal accounts of more than 6,000 Yahoo Mail users looking for sexually explicit images and videos.
For This Week in Silicon Valley Speech Suppression, I out Reddit as a particularly fanatical convert to SJW orthodoxy in censoring the right, as the service apparently tells its moderators that it’s hate speech to post stories or video showing a person of color as the aggressor in a confrontation.
And Nate closes us out by drawing again from a bottomless well of problems faced by technological contact tracing.
You can subscribe to The Cyberlaw Podcast using iTunes, Google Play, Spotify, Pocket Casts, or our RSS feed. As always, The Cyberlaw Podcast is open to feedback. Be sure to engage with @stewartbaker on Twitter. Send your questions, comments, and suggestions for topics or interviewees to CyberlawPodcast@steptoe.com. Remember: If your suggested guest appears on the show, we will send you a highly coveted Cyberlaw Podcast mug!
The views expressed in this podcast are those of the speakers and do not reflect the opinions of their institutions, clients, friends, families, or pets.