Episode 76 of the podcast features the power couple of privacy and cybersecurity, Peter Swire and Annie Antón, both professors at Georgia Institute of Technology. I question them on topics from the USA FREEDOM Act to the enduring gulf between writing law and writing code.
In the news roundup, as our listeners have come to expect, we do indeed return to our recurring feature, This Week in Prurient Cybersecurity, with a riff on the Ashley Madison hack. But you’ll have to wait until the end, when we’re loosened up.
We begin more soberly, with Jason Weinstein and Michael Vatis covering the courts’ mopping up after passage of the USA FREEDOM Act. The DC Circuit has received supplemental briefs on section 215, and the ACLU is leading hopeless charge against the 215 program in the Second Circuit.
The Hacking Team doxxing draws attention to the risk involved in hiring hackers. When they’re disgruntled, they don’t just slam the door on the way out. Still, Alan Cohn and I can’t help but be fascinated by the Hacking Team proposal to use drones to hover over the target, intercepting his Wi-Fi connection.
In regulatory news, Alan Cohn and Jason Weinstein discuss the FERC’s revisions to the CIP cybersecurity requirements, with a focus on supply chain practices, and a Boston hospital’s settlement of HIPAA charges, prompting me to ask whether HHS’s Office of Civil Rights is the most hypocritically aggressive privacy regulator in government.
Russia’s Right to Be Forgotten law is signed, after further tweaks. And Google announces that it has officially tipped more than one million links into the dustbin of history.
I respond to listener feedback by walking back my mockery of Tony Scott’s “TLS Everywhere” initiative, noting that it might have some modest security benefits after all. Instead of “privacy theater” perhaps I should have called it a “privacy skit.” And as attribution gets better, so does the temptation to fly false flags. It looks as though the Russians will pioneer this particular development, attacking US sites under the nom de guerre of the Cyber Caliphate. And the US government response to the Russian attacks? A predictable silence.