In the news roundup, Michael Vatis covers Microsoft’s surprising Second Circuit victory over the Justice Department in litigation over a warrant for data stored in Ireland. The hidden issue in that case was data localization – the same issue driving the Justice Department’s new legislative proposal to allow foreign nations to obtain information from US data repositories. That proposal is unpacked by special guest David Kris, former Assistant Attorney General for National Security and author of the treatise, National Security Investigations and Prosecutions.

In other news, LabMD has found yet another defendant in its campaign against Tiversa. Michael discusses what may be the first judicial decision requiring a warrant to use a Stingray to locate a criminal suspect. And HHS tries to achieve a plausible policy goal with an overreaching legal interpretation; as Michael explains, the result could be massive unintended consequences.

In quick hits: more evidence that foreign nations are targeting our energy grid, FDIC engages in a surprisingly successful breach cover-up, a Chinese browser sends data back to China unmolested (all because we still haven’t funded the Europocrisy Prize, I argue), and the cyberwar on ISIS is going slowly, mainly, I argue, because cyberwar on ISIS is not all that good an idea.

What’s the argument in favor of hacking back that is best calculated to infuriate the State Department? We talk hackback with the father and son team that produced a thoughtful paper on the topic for the Hoover Institution. Jeremy, a law professor at the Scalia Law School, and his son, Ariel Rabkin, a computer scientist out of Berkeley, have the expertise to deal gracefully and concisely with the policy debate over hacking back. Their proposal charts a middle ground while cheerfully eviscerating State’s hand-wringing about the international consequences of permitting hacking victims to act outside their networks. Bonus feature: lifetime career advice from yours truly!

Download the 125th episode (mp3).