Our interview this week is with Francis Fukuyama, a fellow and teacher at Stanford and a renowned scholar and public intellectual for at least three decades. He is the coauthor of the Report of the Working Group on Platform Scale, an insightful paper on the power of platforms to suppress and shape public debate. Fukuyama understands the temptation to address those issues through antitrust lens – as well as the reasons why antitrust will fail to counter the threat that platform power poses to our democracy. As a solution, the report proposes forcing the platforms to divest their curatorial authority over what Americans (and the world) reads, creating a host of middleware suppliers who will curate consumers' feeds in whatever way consumers prefer. We explore the many objections to this approach, from first amendment purists to those, mainly on the left, who really like the idea of suppressing their opponents on the right. But it remains the one policy proposal that could attract bipartisan support from left and right and at the same time actually make a difference.
In the news roundup, Dmitri Alperovich, Nick Weaver, and I have a spirited debate over the wisdom of Google's decision to expose and shut down a western intelligence agency's use of zero day exploits against terrorist targets. I argue that if a vulnerabilities equities process balancing security and intelligence is something we expect from NSA, we should expect the same of Google.
Nate Jones and Dmitri explore the slightly odd policy take on SolarWinds that seems to be coming from NSA and Cyber Command – who are pushing the view that the Russians exploited NSA's domestic blind spot by using US infrastructure for their attack. That suggests that NSA wants to do more spying domestically, although no such proposal has surfaced. Nate, Dmitri, and I are united in thinking that a better solution is a change in US law, though Dmitri thinks a know your customer rule for cloud providers is the best answer, while I think I persuaded Nate that empowering faster and more automatic warrant procedures for the FBI is doable, a solution that we adopted to the burner phone intercept problem in the 90s.
The courts, meanwhile, seem to be looking for ways to bring back a Potter Stewart style of jurisprudence for new technology and the fourth amendment: "I can't define it, but I know it when it creeps me out." The first circuit's lengthy oral argument on how long video surveillance of public spaces can continue without violating the fourth amendment is a classic of the genre.
Dmitri and Nick weigh in on Facebook's takedown of Chinese hackers who were using Facebook to target Uighurs abroad. Dmitri thinks we can learn policy lessons from the exposure (and likely sanctioning) of the private Chinese companies that carried out the operation.
Dmitri also explains why CISA's head is complaining about the refusal of private companies to tell DHS which US government agencies were compromised in SolarWinds. The companies claimed that their NDAs with, say, Treasury meant that they couldn't tell DHS that Treasury had been pwned. I say that's an all too familiar example of federal turf fights hurting federal cybersecurity.
In our ongoing feature, This Week in U.S.-China Decoupling, we cover the "Disasta in Alaska," evaluate the latest bipartisan bill to build an international Western technology sphere to compete with China's, note the completely predictable ousting of Chinese telecom companies from the US market, and conclude that the financial sector's effort to defy the gravity of decoupling will be a hard act to maintain.
Always late to embrace a trend, I offer Episode 1 of the Cyberlaw Podcast as a Non-Fungible Token to the first listener who coughs up $150, and Nick explains why it would be cheap at a tenth the price, dashing my hopes of selling NFTs for the next 354 episodes and retiring.
Nick and I have kind words for whoever is doxxing Russian criminal gangs, and I suggest offering the doxxer a financial reward (not just a hat tip in a Brian Krebs column). We have fewer kind words have for the prospect that AI will soon be able to locate, track, and bankrupt problem gamblers.
I issue a rare correction to an earlier episode, renouncing any suggestion that Israel traded its citizens' health data for first dibs on the Pfizer vaccine. It turns out that what it offered was "deidentified aggregate health data." With proper implementation, that data may actually stay aggregate and deidentified, Nick tells me.
And I offer a hat tip to Peter Machtiger, whose student note in an NYU law journal cites the Cyberlaw Podcast, twice!
Download the 355th Episode (mp3)
You can subscribe to The Cyberlaw Podcast using iTunes, Google Play, Spotify, Pocket Casts, or our RSS feed. As always, The Cyberlaw Podcast is open to feedback. Be sure to engage with @stewartbaker on Twitter. Send your questions, comments, and suggestions for topics or interviewees to CyberlawPodcast@steptoe.com. Remember: If your suggested guest appears on the show, we will send you a highly coveted Cyberlaw Podcast mug!
The views expressed in this podcast are those of the speakers and do not reflect the opinions of their institutions, clients, friends, families, or pets.