Privacy advocates are embracing a recent report recommending that the government require bulk data retention by carriers and perhaps web service providers, exercise extraterritorial jurisdiction over data stored abroad, and expand reliance on classified judicial warrants. In what alternative universe is this true, you ask? No need to look far. That’s the state of the debate in our closest ally. The recommendations were given to the United Kingdom by an independent reviewer, David Anderson. He’s our guest for Episode 71 of the Cyberlaw Podcast, and he provides a refreshingly different perspective on surveillance policy, one that makes us realize that it’s US civil libertarians , not the US government, who are out of step with the world.
In the news roundup, I bring Edward Snowden back for one last time – the fifteenth time I’ve done that, Michael Vatis points out. This time it’s a British government leak claiming that both Russia and China have decrypted the entire corpus of Snowden’s stolen files – including the enormous number of files that have nothing to do with surveillance and everything to do with military operations.
The OPM hack has now reached Target status, Jason Weinstein argues. It’s not the first, it’s maybe not even the worst, but it’s a hack that has captured the country’s imagination in a way that earlier warnings did not.
You might think that the OPM hack would show why information sharing is essential. But privacy advocates continue to hold CISA hostage to yet more protections for privacy. The 14 million government officials and former officials whose privacy has been grossly abused by the OPM hack will, I’m sure, thank Senators Mike Lee and Ron Wyden for their continued obstruction of government cybersecurity efforts. In the House, the likeminded Rep. Massie has again proposed an appropriations amendment that would put new limits on the most important part of NSA’s intelligence mission – overseas collection. His amendment passed the House but shows little prospect of surviving Senate review.
In a new feature, This Week in Self-Dealing, we review Jason’s recent op-ed on the New York bitcoin regulations and Alan Cohn’s op-ed on what’s wrong with government cybersecurity policy. We close with comments on the new, extensive, and probably ill-advised Connecticut breach and security law, plus new obstacles for Twitter’s “warrant canary” first amendment lawsuit.