The Biden administration is dribbling away one of the United States' most important counterterrorism intelligence programs. At least that's my conclusion from this episode's depressing review of the administration's halting and delusion-filled approach to the transatlantic data crisis. Every day, Silicon Valley companies whose data stores in the US have been a goldmine for counterterrorism are feeling legal pressure to move that data to Europe. Those companies care little whether the US gets good intelligence from its section 702 requests, at least compared to their fear of massive fines and liability in Europe. The EU is standing firm because it thinks time is on its side, and it's ignoring Jamil Jaffer's heartfelt plea to be a better ally in the face of Russian and Chinese pressure.
So, unless the administration creates a countervailing incentive, the other actors will simply present Washington with a fait accompli. The Biden administration, like the Trump administration before it, seems unable to grasp the need for action. When Trump was in charge, we could call him incompetent. When we wake up to what we've lost under Biden, that's what we'll call him, too.
For companies struggling with their role in this global drama, Charles Helleputte has moderately good news. The European Commission, contrary to the dogmatic approach of the data protection agencies, has opened a door for transfers using the new standard corporate clauses. If your data has not been requested by the US under 702 or similar authorities and you can offer good reason to think they won't in future, you can avoid the ban.
In other news, Jamil and I cross swords on whether the Colonial pipeline hack should have ended TSA's light-touch oversight of pipeline cybersecurity.
And Nate Jones and I dig deep into the state laws regulating police access to DNA ancestry databases. After some fireworks, we come close to agreement that some state law on database access is inevitable and workable, but the Maryland law is so hostile to solving brutal crimes with DNA searches that it is hard to distinguish from a ban.
Jamil explains the Biden administration's decision to provide a new foundation for the Trump ban on investment in Chinese military companies. Treasury will take the program away from DOD, which had handled its responsibilities with the delicacy of Edward Scissorhands.
Nate limbers up the DeHype Machine to put in perspective DOJ's claim to be giving ransomware hacks the same priority as terrorism. Jamil takes on autonomous drones and pours cold water on the notion that DOD will be procuring some of its drones from China.
In a moment of weakness I fail to attack or even mock the UN GGE's latest report on norms for cyberconflict, which look pretty anodyne.
And in a series of quick hits:
- Jamil reviews Facebook's latest antitrust problems in the EU and UK
- I remind listeners of the "throuple" Congresswoman, whose failed pivot from abuser of power to victim of revenge porn has just cost her over $100,00
- In case you haven't heard, Facebook might let Trump come back in January 2023, and his blog page has shut down for good.
- The European Commission has proposed a trusted and secure Digital Identity for all Europeans but Charles thinks there's less there than meets the eye.
- And Nigeria has suspended Twitter after the platform shut down the President's account for obliquely threatening military action against secessionists.
- And More!
You can subscribe to The Cyberlaw Podcast using iTunes, Google Play, Spotify, Pocket Casts, or our RSS feed. As always, The Cyberlaw Podcast is open to feedback. Be sure to engage with @stewartbaker on Twitter. Send your questions, comments, and suggestions for topics or interviewees to CyberlawPodcast@steptoe.com. Remember: If your suggested guest appears on the show, we will send you a highly coveted Cyberlaw Podcast mug!
The views expressed in this podcast are those of the speakers and do not reflect the opinions of their institutions, clients, friends, families, or pets.