Our guest for the week is Troels Oerting, the head of EC3, Europe’s new cybercrime coordination center. He talks about EC3’s role in the recent take down of over 400 darknet sites, arrests of travelers using fake credit cards and of users of the Blackshades Remote Access Tool. He repeats his view that there are probably only a hundred talented criminal writers of malware, whose work is then used by a host of dimmer bulbs. So striking at the hundred could make a big difference. Troels Oerting thinks we’re in a position to hurt a number of them.
The interview compares US and European willingness to name and shame Chinese PLA hackers. I ask Troels if he’d order the arrest of any of the five indicted PLA hackers if they vacationed in Europe. And we compare US and EU legal constraints on private sector “direct action” against hackers.
This week in the NSA: NSA’s privacy officer speaks; and she has a sense of humor. Regin schools hackers around the world, and German hypocrisy about NSA spying is on full display. It turns out that Angela Merkel’s phone was being tapped by the Brits, the Chinese, the Russians and even the North Koreans. But Merkel has yet to say that Russian, Chinese, or North Korean spying reminds her of the Stasi; only NSA seems to remind her of Communist espionage. Meanwhile, the BND reveals that it too spies on everyone but Germans, and that it has a remarkably narrow definition of who qualifies as “German.”
Michael Vatis previews a Supreme Court argument about when online abuse passes from colorful imitations of rap lyrics to prosecutable threats. Jason Weinstein counts the growing library of lawsuits against Home Depot and evaluates the risk.
Doug Kantor, a Steptoe government affairs partner specializing in cybersecurity issues, gives a rundown on the new, Republican-dominated Congress, including the many chair changes in both House and Senate. Firedoglake makes an appearance.
Meanwhile, US tech companies have become all-purpose European whipping boys. They don’t volunteer enough information about terrorists to satisfy the Brits. They don’t hide enough “right to be forgotten” information to satisfy the European privacy regulators. And they make too much money for the European Parliament, which wants to break up Google.
The Justice Department has claimed a scalp in its campaign against spyware. Jason has the back story. And it’s a good thing the All Writs Act didn’t come with a sunset clause, or it would too would be attracting the wrath of EFF and Silicon Valley. Michael explains why the act is now part of Apple’s future, and Google’s too.