Our guest this week is Ambassador Daniel Sepulveda, the man charged with managing the US relationship with the International Telecommunications Union.  The ambassador helps us make sense of the recent ITU meeting in Busan, South Korea, where efforts to validate a greater government role in internet affairs seem to have been turned back for another four years.  Markham Erickson, a Steptoe partner specializing in internet law, also joins regulars Jason Weinstein, Michael Vatis, and me.

This week in NSA:  The USA Freedom Act is showing signs of life, as Senator Reid promises Senator Leahy floor time in the lame duck session.  But with Senator Feinstein opposed to the Judiciary-written bill, and the House having passed a different one, it’s still a long haul to get a bill to the President before the lame duck limps into history.  After a year-and-a-half-long Snowden-induced cringe, the US is again raising Chinese espionage more aggressively.  But that’s the only thing that has changed in the US-China dialogue on cyberespionage.  Just ask the Postal Service and the NOAA weather network.

We try out a new feature:  The Law Behind the Headlines, where we provide the legal background behind tech stories in the news:

Remember that Insecam website that streams video from thousands of video surveillance cameras that are still using the manufacturers’ default login credentials?  To Jason, it looks like the world’s most public confession to thousands of criminal violations. And according to the press, law enforcement uses flying DRT Boxes (not to mention ground-based stingrays) to imitate cell towers and thus locate particular phones very accurately.  But to do so, the machines have to accept and then drop thousands of connections from the phones of ordinary Americans who aren’t suspects.  Is that legal?  How is it different from the NSA’s program of collecting data but not looking at it?  And can we get the US Marshal’s service to actually connect some of the calls they get from dead spots out in Great Falls?  Answers to all these questions in the podcast!

This week in bad law:  the Ninth Circuit will be revisiting the too-creative Kozinski opinion that based a takedown order on the dubious copyright claim of an actress who appeared in in “The Innocence of Muslims.”

This week in data breaches:  Anthem Blue Cross puts a bunch of medical advice and data in the subject line of its emails to patients.  That doesn’t inspire confidence in its data security, but is HIPAA violated?  Maybe not, Jason explains.

Argentina’s Supreme Court joins the great debate over search engine liability, spurring Michael and Markham to a debate of their own.  A Justice Department advocate admits to a mistake in oral argument on how forthcoming companies can be in NSL disclosures.  We debunk left/lib claims that the mistake is a government “misrepresentation.”

Google has weighed in on another privacy issue, essentially taking Europe’s side in a long-running debate over whether and how non-Americans should be covered by the Privacy Act.  I argue that changing the Act would simply enable European unilateralism in the long privacy debate with the United States.  Amb. Sepulveda and I tangle over whether the demand is a legitimate part of negotiations over the data protection US-EU Safe Harbor Agreement.

We remind everyone that the Podcast welcomes feedback, either by email (CyberlawPodcast@steptoe.com) or voicemail (+1 202 862 5785).

Download the forty-third episode (mp3).

Subscribe to the Cyberlaw Podcast here. We are also now on iTunes and Pocket Casts!

The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.