This episode of the Cyberlaw Podcast is dominated by stories about possible regulation of cybersecurity. David Kris first refers us to article by the head of the Cyber Security and Infrastructure Security Administration (CISA) in Foreign affairs. Jen Easterly and Eric Goldstein seem to take a strong stance on “Why Companies Need to Build Security into Technology Products.” But for all its rough language, one word, “regulation,” is missing from the text entirely. Meanwhile, the White House’s cybersecurity strategy appears to be months in the making hung up on how to enthusiastically demand regulation.
It all seems a little strange in a world where Republicans hold the House of Representatives. Regulation is unlikely to be high on the GOP’s to-do list, so calls for tighter regulation are almost certainly more symbolic than real.
Still, this is clearly a week for symbolic calls for regulation. David also takes us through an A report from the National Telecommunications and Information Administration (NTIA). on the influence of Apple and Google on the competition over the mobile application markets. The report points to many problems and opportunities for abuse inherent in the blocking of two companies about which applications can be sold to phone users. But as Google and Apple were quick to point out, stores play a role in regulating app security, so cracking the block could be bad for cybersecurity. In any case, virtually every recommendation for action in the report is a call for Congress to step in—and thus almost certainly a non-starter for the reasons already stated.
Not to be outdone in sham regulation, Jordan Schneider and Sultan Meghji explore some of the AI policy and regulatory proposals inspired by ChatGPT’s success. The EU’s AI law is attracting a lot of attention, mostly from parts of the industry that want to be exempted. Sultan and I exchange observations on who ChatGPT, law firms or investment firms will empty first.
In other news, Sultan also tells us why hacking ION ransomware is important. Jordan and Sultan find the cybersecurity angle in the Great China Balloon Scandal of 2023. And I offer an assessment of Matt Taibbi’s story on Hamilton 68 reports of “Russian influence.” If you’ve been wondering what all the fuss is about, don’t expect the mainstream media to tell you; the media does not look good in this story. Unfortunately for Matt Taibbi, he doesn’t look much better than the journalists his story criticizes. David thinks it’s a balanced and moderate view of the story, for which I apologize and promise to do better next time.
You can subscribe to The Cyberlaw Podcast using iTunes, Google Play, Spotify, Pocket Casts or our RSS feed. As always, The Cyberlaw Podcast is open to feedback. Be sure to participate with @stewartbaker on Twitter. Send your questions, comments, and suggestions for topics or interviewees to CyberlawPodcast@steptoe.com. Remember: if your suggested guest appears on the show, we’ll send you a highly coveted Cyberlaw Podcast mug! The views expressed in this podcast are those of the speakers and do not reflect the opinions of their institutions, clients, friends, family or pets.