Bruce Schneier joins us to talk about AI hacking in all its forms. He’s particularly interested in ways AI will hack humans, essentially preying on the rough rules of thumb programmed into our wetware – that big-eyed, big-headed little beings are cute and need to have their demands met or that intimate confidences should be reciprocated. AI may not even know what it’s doing, since machines are famous for doing what works unless there’s a rule against it. Bruce is particularly interested in law-hacking – finding and exploiting unintended consequences buried in the rules in the U.S. Code. If any part of that code will lend itself to AI hacking, Bruce thinks, it’s the tax code (insert your favorite tax lawyer joke here). It’s a bracing view of a possible near-term future.
In the news, Nick Weaver and I dig into the Colonial Pipeline ransomware attack and what it could mean for more aggressive cybersecurity action in Washington than the Biden administration was contemplating just last week as it was pulling together an executive order that focused heavily on regulating government contractors.
Michael Weiner takes us through a quick tour of all the pending U.S. government antitrust lawsuits and investigations against Big Tech. What’s striking to me is how much difference there is in the stakes (and perhaps the prospects for success) depending on the company in the dock. Facebook faces a serious challenge but has a lot of defenses. Amazon and Apple are being attacked on profitable but essentially peripheral business lines. And Google is staring at existential lawsuits aimed squarely at its core business.
Nate and I mull over the Russian proposal for a UN cybercrime proposal. The good news is that stopping progress in the UN is usually even easier than stopping legislation in Washington.
Nate and I also puzzle over ambiguous leaks about what DHS wants to do with private firms as it tries to monitor extremist chatter online. My guess: This is mostly about wanting the benefit of anonymity or a fake persona while monitoring public speech.
And then Michael takes us into the battle between Apple and Fortnite over access to the app store without paying the 30% cut demanded by Apple. Michael thinks we’ve mostly seen the equivalent of trash talk at the weigh-in so far, and the real fight will begin with the economists’ testimony this week.
Nick indulges a little trash talk of his own about the claim that Apple’s app review process provides a serious benefit to users, citing among other things the litigation-driven disclosure that Apple never send emails to users of the 125 million buggered apps it found a few years back.
Nick and I try to make sense of stories that federal prosecutors in 2020 sought phone records for three Washington Post journalists as part of an investigation into the publication of classified information that occurred in 2017.
I try to offer something new about the Facebook Oversight Board’s decision on the suspension of President Trump’s account. To my mind, a telling and discrediting portion of the opinion reveals that some of the board members thought that international human rights law required more limits on Trump’s speech – and they chose to base that on the silly notion that calling the coronavirus a Chinese virus is racist. Anyone who has read Nicholas Wade’s careful article knows that there’s lots of evidence the virus leaked from the Wuhan virology lab. If any virus in the last hundred years deserves to be named for its point of origin, then, this is it. Nick disagrees.
Nate previews an ambitious task force plan on tackling ransomware. We’ll be having the authors on the podcast soon to dig deeper into its nearly 50 recommendations.
Signal is emerging a Corporate Troll of the Year, if not the decade. Nick explains how, fresh from trolling Cellebrite, Signal took on Facebook by creating a bevy of personalized Instagram ads that take personalization to the Next Level.
Years after the fact, the New York Attorney General has caught up with the three firms that generated fake comments opposing the FCC’s net neutrality rollback. They’ll be paying fines. But I can’t help wondering why anyone thinks it’s useful to think about proposed rules by counting the number of postcards and emails that shout “yes” or “no” but offer no analysis.
As always, The Cyberlaw Podcast is open to feedback. Be sure to engage with @stewartbaker on Twitter. Send your questions, comments, and suggestions for topics or interviewees to CyberlawPodcast@steptoe.com. Remember: If your suggested guest appears on the show, we will send you a highly coveted Cyberlaw Podcast mug!
The views expressed in this podcast are those of the speakers and do not reflect the opinions of their institutions, clients, friends, families, or pets.