Publications Sign-Up

Publications Search

Your search criteria matched 79 items:

Steptoe Cyberlaw Podcast
Stewart A. Baker, Michael Vatis, Jason M. Weinstein
Steptoe Cyberlaw Podcast - Interview with Robert Litt
Stewart A. Baker, Harry Lee, Michael Vatis
October 28, 2014

In our fortieth episode of the Steptoe Cyberlaw Podcast, Stewart Baker, Michael Vatis, and Harry Lee discuss this week in NSA: two high-ranking NSA employees have recently left positions due to scrutiny over their involvement in private industry; the Supreme Court is taking another privacy case; PF Chang’s cybersecurity insurance dispute with Travelers; Leslie Caldwell, the new head of the Justice Department’s criminal division, joins FBI Director Comey in complaining about Silicon Valley’s reluctance to help law enforcement; according to the Stored Communications Act, companies like Google may not provide the contents of emails in response to subpoenas; the FCC proposes $10 million in fines for bad cybersecurity practices; confusion over when you need a warrant to get third party information continues in the courts; and banks are demanding that their contractors and suppliers adopt stronger cybersecurity – law firms are expressly included. In our second half, we discuss the USA Freedom Act and the Presidential Policy Directive-28 (PPD-28) with Robert Litt, the General Counsel of the Office of the Director of National Intelligence. The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.


Steptoe Cyberlaw Podcast - Interview with Tom Finan
Stewart A. Baker, Marc Frey, Stephanie Roy, Michael Vatis
October 22, 2014

In our thirty-ninth episode of the Steptoe Cyberlaw Podcast, Stewart Baker, Michael Vatis, Stephanie Roy, and Marc Frey discuss this week in NSA: House and Senate Judiciary chairs call for action on USA Freedom Act; HBO and CBS announce they will be offering online streaming services and the implications on net neutrality; parents' responsibility for what their children do on Facebook; FBI director Comey calling for CALEA reform; the Justice Department opens the door to a round of new disability claims against websites; this week in the right to be forgotten: The BBC announces the “right to remember” and a progressive group urges Google to bring the right to be forgotten to the US; TD Bank pays $850,000 to the state AGs over a “possible” breach; Russian hackers target Western governments and are caught; the FBI is warning about another and even more sophisticated set of Chinese government hackers; and Video Privacy Act may not be as effective as first thought. In our second half, we discuss the role of DHS’s National Protection and Programs Directorate (NPPD) in cybersecurity insurance with Tom Finan, Senior Cybersecurity Strategist and Counsel at DHS’s NPPD. The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.


Steptoe Cyberlaw Podcast - Interview with Shaun Waterman
Stewart A. Baker, Michael Vatis, Jason M. Weinstein
October 15, 2014

In our thirty-eighth episode of the Steptoe Cyberlaw Podcast, Stewart Baker, Jason Weinstein, and Michael Vatis are joined by Shaun Waterman, editor of POLITICO Pro Cybersecurity, in a discussion of this week in NSA: NSA has released its second privacy transparency report; a review of Laura Poitras’s Edward Snowden documentary, 'Citizenfour;’ more fall-out from Clapper; Judge Pauley declares he has lost confidence in the Justice Department’s representations about the risks of releasing FISA opinions; Twitter claims a first amendment right to list the orders it has not (yet) received under national security surveillance laws; the government’s authority to issue gag orders in national security letters is argued before the Ninth Circuit; Europol is raising the possibility that the internet might be used to kill people and the FDA is issuing cybersecurity guidelines for manufacturers; Australian government is enacting surveillance reforms that increase government authority to conduct national security intercepts; the European Commission and Japan rule on the right to be forgotten; controversy over Ross Ulbricht and how the FBI managed to captcha him; Judicial Opinion out of the Ninth Circuit on a Navy investigator who conducted “surveillance of all the civilian computers in an entire state;” and FCC charges the Marriott for blocking Wi-Fi. The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.


Steptoe Cyberlaw Podcast - Interview with Rob Corbet
Stewart A. Baker, Maury Shenk
October 7, 2014

In our thirty-seventh episode of the Steptoe Cyberlaw Podcast, Stewart Baker and Maury Shenk discuss this week in NSA: questions being raised on how the Treasury Department designates people and institutions for sanctions; Russia has told Google, Twitter, and Facebook to register under Russian law and submit to Russian regulation; EU Article 29 Working Party is working on how to implement the right to be forgotten; The New York Times announces that it’s been hit by the right to be forgotten; Google is hit with the threat of a lawsuit over the Apple photo leak; JP Morgan acknowledges a deep penetration of its computer networks by sophisticated hackers; and free Wi-Fi for life in Great Britain in exchange for your first born. We also discuss how Ireland is a uniquely important jurisdiction for US companies dealing with data protection issues with Rob Corbet, a partner and head of the Technology & Innovation group in Arthur Cox. The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.


Data Access Shouldn’t Be Up to Companies Alone
Stewart A. Baker
October 1, 2014, The New York Times
Steptoe Cyberlaw Podcast - Interview with Admiral David Simpson
Stewart A. Baker
September 30, 2014

In our thirty-sixth episode of the Steptoe Cyberlaw Podcast, Stewart Baker discusses this week in NSA: The agency has named Anne Neuberger the Chief Risk Officer; the courts work on how to handle location data after Riley; Apple may have known about the iCloud security flaw; the Shellshock bug refutes the notion that open-source code is inherently more secure than proprietary code; the financial industry launches a real-time information-sharing program; Google’s potential liability for “wiretapping” publicly broadcast Wi-Fi signals; Russia advances the date for data localization; and Apple’s latest transparency reports. In our second half, we discuss the public safety bureau’s role in cybersecurity with Admiral David Simpson, Chief of the FCC’s Public Safety and Homeland Security Bureau and his Chief Counsel for Cybersecurity, Clete Johnson. The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.


Steptoe Cyberlaw Podcast - Interview with Orin Kerr
Stewart A. Baker, Michael Vatis, Jason M. Weinstein
September 9, 2014

In our thirty-third episode of the Steptoe Cyberlaw Podcast, Stewart Baker, Michael Vatis, and Jason Weinstein discuss this week in NSA: Multiple news stories claiming that Snowden’s leaks contributed to US intelligence failures against ISIS; the decision by Justice and DNI officials to announce support for Senator Leahy’s USA Freedom bill; the release of a less-redacted version of Jack Goldsmith’s OLC opinion; Yelp prevails in a case claiming that the company suppresses bad reviews for advertisers; Google will suppress European search results for anyone anywhere; LinkedIn is being accused of applying Chinese censorship to Chinese customers; Home Depot is accused of a data breach and healthcare.gov has been hacked; computer and privacy implications of the Hasidic child abuse case; and in other regulatory action, Google deals with kids’ in-app purchases and Verizon pays $7.4 million for sending inadequate notices to customers. In our second half we have our second repeat interviewee, Orin Kerr, computer crime law guru and professor of law at Georgetown Washington University. The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.


Steptoe Cyberlaw Podcast - Interview with David Hoffman
Stewart A. Baker, Michael Vatis
September 3, 2014

In our thirty-second episode of the Steptoe Cyberlaw Podcast, Stewart Baker and Michael Vatis, discuss this month in NSA: The NSA released Judge Bates’s redacted opinion of the FISC; journalists attempt to make an issue out of the fact that the NSA has developed a search engine for metadata called ICREACH; Laura Poitras and Der Spiegel provide information on US intelligence collection on Turkey; German intelligence intercepted Hillary Clinton and John Kerry as they carried out diplomatic efforts; the Microsoft case questioning the government’s authority to issue warrants for overseas data continued to evolve over the month; LinkedIn settles its data breach case for a relatively modest $1.25 million; NIST seeks comment on how its Cybersecurity Framework is working; a federal court in Massachusetts rules that computers are only protected under CFAA if they are connected at the moment when they are attacked; and US courts hold that search engines are not liable for the links they publish or their autocomplete suggestions. In our second half we discuss the right to be forgotten with David Hoffman, the Director of Security Policy and Global Privacy Officer at Intel Corporation. The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.


Steptoe Cyberlaw Podcast - Debate with Harley Geiger
Stewart A. Baker
August 15, 2014

In our thirty-first episode of the Steptoe Cyberlaw Podcast, Stewart Baker participates in a debate sponsored by the Federalist Society. Moderated by Christian Corrigan, Mr. Baker and Harley Geiger, the Senior Counsel and Deputy Director for the Freedom, Security and Surveillance Project at the Center for Democracy and Technology, debate Senator Leahy’s version of the USA Freedom Act. Download the thirty first episode (mp3). Subscribe to the Cyberlaw Podcast here. We are also now on iTunes and Pocket Casts! The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.


Steptoe Cyberlaw Podcast - Interview with Richard Danzig
Stewart A. Baker, Michael Vatis, Jason M. Weinstein
July 29, 2014

In our thirtieth episode of the Steptoe Cyberlaw Podcast, Stewart Baker, Michael Vatis, and Jason Weinstein discuss this week in NSA: The Senate Judiciary Committee has come up with a new version of the section 215 reform bill passed by the House; Glen Greeenwald discloses that the NSA has a limited intelligence sharing arrangement with Saudi Arabia; four senators express concern about NSA’s overseas intelligence collection program; Sony settles its service-suspending hack for $15 million worth of free stuff for users; the 9/11 Commission issues a soft endorsement of “direct action” by private parties who are hacked; Vladimir Putin signs legislation to keep Russian data in Russia; The Washington Post explains that the FBI “Going Dark” is real; the President’s plan to talk about drone privacy; and Congress votes to end DMCA protection for locked cell phones. In our second half we interview, Richard Danzig, former Navy Secretary, board member of the national security think-tank, The Center for a New American Security, and author of the paper Surviving on a Diet of Poisoned Fruit: Reducing the National Security Risks of America’s Cyber Dependencies. The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.


Steptoe Cyberlaw Podcast - Interview with Orin Kerr
Stewart A. Baker, Michael Vatis, Jason M. Weinstein
July 21, 2014

In our twenty-ninth episode of the Steptoe Cyberlaw Podcast, Stewart Baker, Michael Vatis, and Jason Weinstein discuss this week in NSA: Snowden claims that NSA employees are circulating inappropriate pictures and Glen Greenwald reports that the Government Communications Headquarters has developed the ability to send spam and tamper with web polls; last week’s UK data retention legislation has been passed into law; advocates of the right to be forgotten push for censorship of the forgotten; the Chinese government demands that Internet companies self-censor; the FBI is concerned Google’s driverless cars could be used as ‘lethal weapons’; to prevent whistleblowers, the Veterans Administration claims that talking about patient mistreatment is a violation of patient privacy; FBI affidavit by Agent Noel Neeman on Chinese cyberespionage tactics and motivations; class action privacy issues move from West Virginia to Illinois; and Massachusetts Supreme Judicial Court declares that you can be forced to decrypt your files. In our second half we interview, Orin Kerr, computer crime law guru and professor of law at Georgetown Washington University. The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.


Steptoe Cyberlaw Podcast - Interview with David Medine
Stewart A. Baker, Maury Shenk
July 15, 2014

In our twenty-eighth episode of the Steptoe Cyberlaw Podcast, Stewart Baker and Maury Shenk discuss false claims that NSA has flagged the Linux Journal as an "extremist forum"; the UK has introduced new stopgap legislation to make sure it doesn’t lose its data retention authority in the wake of an unfavorable ECJ decision, and to allow UK law enforcement to require foreign entities to turn over data under a warrant; the UK government has also proposed creating their own PCLOB; the Senate Intelligence Committee produces a cybersecurity information sharing bill as a bookend to the House’s bill; and Russia has proposed their own data protection rule. In our second half we have our first repeat interviewee, David Medine, Chairman of the Privacy and Civil Liberties Oversight Board (PCLOB). We discuss the 702 report and have a roundup of this week in NSA, including a discussion of Glenn Greenwald’s disclosure of the Americans targeted by NSA and Bart Gellman’s defense of his Washington Post article. The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.


Steptoe Cyberlaw Podcast - Interview with David Heyman
Stewart A. Baker, Michael Vatis
July 8, 2014

In our twenty-seventh episode of the Steptoe Cyberlaw Podcast, Stewart Baker and Michael Vatis discuss this week in NSA: Glenn Greenwald decides not to expose individuals who are targeted for surveillance; The Washington Post reveals that "9 out of 10" targets in the NSA’s datasets are non-targets; NSA Director Mike Rogers says that Snowden’s thefts can be managed; the Seventh Circuit ruled that FISA intercepts cannot be routinely shown to defense counsel; Ellen Nakashima and Bart Gellman reveal that the NSA thinks it may have to gather foreign intelligence from every country in the world; government reports triggered by Snowden continue to multiply; Microsoft’s fight with the US government over warrants for overseas data gets more support; Google continues to reveal how it is applying the right to be forgotten; New York’s cyberbullying law is struck down; and the SEC has begun investigating network intrusions, starting with Target. In our second half we have an interview with David Heyman, former DHS Assistant Secretary for Policy. The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.


Steptoe Cyberlaw Podcast - Interview with Dmitri Alperovich
Stewart A. Baker, Michael Vatis, Jason M. Weinstein
June 30, 2014

In our twenty-sixth episode of the Steptoe Cyberlaw Podcast, Stewart Baker, Michael Vatis, and Jason Weinstein discuss this week in NSA: The Lofgren amendment, which prohibits NSA and CIA from asking a company to “alter its product or service to permit electronic surveillance;” NSA’s bulk collection program is extended again; the Supreme Court’s 9-0 decision in Riley, refusing to allow police to routinely search the cell phones carried by people they arrest; Facebook challenges 300+ search warrants on behalf of the targets; Wyndham files an appeal on the FTC’s jurisdiction over Internet privacy and security; and Steptoe launches the Data Breach Toolkit. In our second half we have an interview with Dmitri Alperovich, CEO of Crowdstrike, a well-known incident response cybersecurity startup whose recent report introduced the world to another unit of the PLA hacking force – one that is quite distinct from unit 61398, which was exposed by Mandiant last year, six of whose members were indicted recently by the Justice Department. The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.


Steptoe Cyberlaw Podcast - Interview with Ralph Langner
Stewart A. Baker, Maury Shenk, Michael Vatis
June 24, 2014

In our twenty-fifth episode of the Steptoe Cyberlaw Podcast, Stewart Baker, Maury Shenk, and Michael Vatis discuss this week in NSA: The House passes an NDAA amendment to regulate “secondary” searches of 702 data; the GCHQ defends its view that sending email thru Yahoo and Hotmail is an “external” communication; Darryl Issa raises questions about the FTC’s investigation into LabMD and asks for an IG investigation; an Irish court backs the Irish data protection authority’s decision not to investigate Facebook for cooperating with NSA; the Eighth Circuit decision on bank liability for weak security; the Senate Intelligence Committee’s information sharing bill; and privacy class actions. In our second half we have an interview with Ralph Langner, decoder of Stuxnet and founder of the Langner Group, which specializes in industrial control system security. The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.


Steptoe Cyberlaw Podcast - Interview with Paul Rosenzweig
Stewart A. Baker, Michael Vatis, Jason M. Weinstein
June 16, 2014

In our twenty-fourth episode of the Steptoe Cyberlaw Podcast, Stewart Baker, Michael Vatis, and Jason Weinstein discuss this week in NSA: A federal judge in San Francisco announced that she was not willing to take the Justice Department’s word that several FOIA’d FISA court opinions cannot be partially declassified and demanded that they be produced for in camera inspection; Crowdstrike outs another PLA hacker by name; the Chinese claim that the US government needs to provide more information about alleged Chinese hacking; and the DoD authorization bill is due to add a few more provisions tightening restrictions on China’s IT sector; Microsoft’s legal objections to getting a warrant for other people’s data stored in Ireland; fourth amendment news: Wi-Fi moochers have no expectation of privacy, but how to treat location data stored by cell phone companies continues to drive the federal courts to distraction; a study that Stewart and Jim Lewis of CSIS unveiled last week on the cost of cybercrime; the West Virginia data breach doctrine; and the FCC catches up to the FTC and SEC in cybersecurity “nudge” regulation. In our second half we have an interview with Paul Rosenzweig, consultant at Red Branch Consulting, blogger for Lawfare, writer for the Homeland Security Institute, and lecturer for the Great Courses on Audible. The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.


Steptoe Cyberlaw Podcast - Interview with Congressman Mike Pompeo
Stewart A. Baker, Stephanie Roy, Michael Vatis
June 10, 2014

In our twenty-third episode of the Steptoe Cyberlaw Podcast, Stewart Baker, Stephanie Roy, and Michael Vatis discuss Google's effort to implement the European Court of Justice’s “right to be forgotten” decision; New York Court of Appeal’s case on cyberbullying; Google’s decision to promote more encryption; how stingray cell phone location systems work, and why the US marshals might seize stingray records from the Florida police; the regulatory issues that might be involved with using satellites to provide internet service to developing countries; this week in NSA: German prosecutors have opened a criminal investigation into the tapping of Angela Merkel’s phone but not the hacking of her computer; and the EFF still wants NSA to hang on to more Americans’ records than NSA wants to keep. In our second half we have an interview with Congressman Mike Pompeo (R-KS), a member of the House Intelligence Committee who joined the House in 2010. The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.


"Groundhog Day" for Data Breaches
Jason M. Weinstein, Stewart A. Baker, Markham Cho Erickson, Michael Vatis
June 2, 2014
Steptoe Cyberlaw Podcast - Interview with Ron Deibert
Stewart A. Baker, Michael Vatis, Jason M. Weinstein
June 2, 2014

In our twenty-second episode of the Steptoe Cyberlaw Podcast, Stewart Baker, Michael Vatis, and Jason Weinstein discuss this week in NSA: Edward Snowden’s NBC interview and his claim to have raised concerns about the agency’s intelligence programs before he launched his campaign of leaks; the New York Times’ article on face recognition by the NSA; China responds to the indictment of its hackers by pointing to old Snowden documents; the FTC issues a report on data brokers; the LabMD litigation continues; Google starts to spell out how it will implement the right to be forgotten; NSL transparency is back in court; Iranian cyberattacks; and what happened with TrueCrypt. In our second half we have an interview with Ron Deibert, director of the Canada Centre for Global Security Studies and the Citizen Lab at the Munk School at the University of Toronto. The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.


Steptoe Cyberlaw Podcast - Interview with Peter Schaar
Stewart A. Baker, Maury Shenk, Michael Vatis, Jason M. Weinstein
May 28, 2014

In our twenty-first episode of the Steptoe Cyberlaw Podcast, Stewart Baker, Maury Schenk, Michael Vatis, and Jason Weinstein discuss this week in NSA: The House passage of the USA Freedom bill; LabMD goes to trial; China lashes back over the Justice Department’s indictment of PLA members; Apple loses a preliminary fight over its liability for the privacy practices of third party apps; the Blackshades indictments; the mild treatment given to the Anonymous hacker, Sabu; and California’s Attorney General’s guidance on how to comply with California’s latest privacy law. In our second half we have an interview with Peter Schaar, a proponent of the right to be forgotten and an eminent former data protection chief. From 2003 to 2013 Peter was the Federal Commissioner for Data Protection and Freedom of Information. He is currently Chairman of the European Academy for Freedom of Information and Data Protection (EAID) and a guest lecturer at the University of Hamburg. The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.


Steptoe Cyberlaw Podcast - Interview with Shane Harris
Stewart A. Baker, Stephanie Roy, Michael Vatis
May 21, 2014

In our twentieth episode of the Steptoe Cyberlaw Podcast, Stewart Baker, Stephanie Roy, and Michael Vatis discuss Breaking News: American counterattack on Chinese cyberspying – the indictment of several PLA members for breaking into US computers to steal commercial information; this week in NSA: It turns out that telcos did challenge the 215 program; Glenn Greenwald’s book claims that NSA considers Israel the most effective at spying on the US after China and Russia; Greenwald also says that NSA modifies equipment after it’s been sold to make hacking easier; and Greenwald’s book has now been leaked to Bittorrent; it looks as though LabMD is down to one lawsuit; the Justice Department released a statement that some kinds of information sharing don’t violate the antitrust laws. Now it’s put out a white paper saying that ISPs can release aggregate information about cybersecurity without violating the Stored Communications Act’s prohibition on releasing customer information; net neutrality and the difference between Title II and section 706 as a basis for net neutrality; and the European Court of Justice’s embrace of the “right to be forgotten” In our second half, we have an interview with Shane Harris, senior writer at Foreign Policy magazine, where he covers national security, intelligence, and cyber security. Shane’s book, The Watchers, offered thoughtful insights into the rise of surveillance in America. The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.


Steptoe Cyberlaw Podcast - Interview with Chris Painter
Stewart A. Baker, Michael Vatis
May 13, 2014

In our nineteenth episode of the Steptoe Cyberlaw Podcast, Stewart Baker and Michael Vatis discuss this week in NSA: Al-Jazeera gets an exclusive on e-mails where google execs turn down NSA invitations and talk briefly about online security threats; the State Department’s Coordinator for Cyber Issues; Oracle wins a Federal Circuit victory over Google, establishing that APIs can be copyrighted; New York State issues a short report on bank cybersecurity practices and promises to start asking banks about these practices in inspections; in other litigation, LabMD claims a victory over the FTC, and we interview LabMD’s CEO, Michael Daugherty; the ACLU argues that criminal defendants who are acquitted should have no more privacy rights than those who are convicted; Zynga and Facebook get a reprieve from the Court of Appeals, but can face lawsuits under state law for breach of contract; and Snapchat finds itself exposed at the FTC. In our second half, we have an interview with Chris Painter, the State Department’s Coordinator for Cyber Issues. Chris discusses norms in cyberconflict, MLAT reform, Brazil’s recent Net Mundial conference, and much more. The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.


Steptoe Cyberlaw Podcast - Interview with Brian Krebs
Stewart A. Baker, Michael Vatis
May 5, 2014

In our eighteenth episode of the Steptoe Cyberlaw Podcast, Stewart Baker and Michael Vatis discuss this week in NSA: The internal NSA briefing memo surmising that GCHQ probably hoped to expand its access to PRISM data; Microsoft loses a big case before a magistrate in SDNY, who rules that the government can enforce warrants requiring Microsoft to produce data stored abroad; The Supreme Court hears oral argument over cell phone searches incident to arrest; The White House has released a couple of reports on Big Data—one from the PCAST and one from John Podesta’s group—along with several recommendations; The White House also released guidance on when NSA will exploit cybersecurity flaws and when it will try to fix them; GCHQ’s own independent monitor has released a long and favorable report; and data breaches claim their first CEO, as Target makes room at the top. In our second half, we have an interview with Brian Krebs, the noted security researcher behind Krebs on Security. Brian comments on the week’s news before giving us an interview on the latest in Russian cybercrime. The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.


Steptoe Cyberlaw Podcast - Interview with Elana Broitman and Shawn Cooley
Stewart A. Baker, Stephen Heifetz, Stephanie Roy, Michael Vatis, Jason M. Weinstein
April 28, 2014

In our seventeenth episode of the Steptoe Cyberlaw Podcast, Stewart Baker, Stephen Heifetz, Stephanie Roy, Michael Vatis, and Jason Weinstein discuss this week in NSA: No new scandal stories but the principal new release came from the US government and consisted of a FISA court ruling that took apart the only decision declaring NSA’s section 215 metadata program illegal – Judge Leon’s opinion in Klayman; the top story this week is the claim that the FCC is gutting net neutrality; the New York Times’ story suggesting that the FBI may have used Anonymous to help compromise foreign nations’ networks; the cell phone warrant case; the Aereo case; Magistrate Facciola’s approach to warrants, and DOJ’s method to appeal his latest ruling; and DHS’ announcement that it has notified all critical infrastructure companies that they are considered critical. In our second half, we have an interview with two government CFIUS experts, Elana Broitman, a deputy assistant secretary at DOD and Shawn Cooley, who manages DHS’s participation in CFIUS as well as Team Telecom. The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.


Steptoe Cyberlaw Podcast - Interview with Alex Joel
Stewart A. Baker, Christopher R. Conte, Michael Vatis, Jason M. Weinstein
April 21, 2014

In our sixteenth episode of the Steptoe Cyberlaw Podcast, Stewart Baker, Chris Conte, Michael Vatis, and Jason Weinstein discuss this week in NSA: Edward Snowden questions Putin; and the Bloomberg story that NSA exploited the Heartbleed vulnerability steadily loses altitude and believers; the SEC releases thoughtful and detailed set of cybersecurity questions for its examiners to use in dealing with the private sector; US magistrate Facciola calls for an amicus brief on cell-site data; Kentucky adopts a state breach notice law; the conviction of Andew “Weev” Auernheimer for the AT&T hack was overturned on appeal; the implications of giving first amendment protection to censored search results; and in bitcoin news, a more plausible candidate for Satoshi Nakamoto has emerged. In our second half, we have an interview with Alex Joel, the Civil Liberties Protection Officer of the Office of the Director of National Intelligence. The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.


Annual CFIUS Report Reflects Higher National Security Hurdle and Need for More Jurisdictional Guidance
Stewart Baker, Stephen Heifetz, and Andrew Bardi
April 2014, Global Trade and Customs Journal
Steptoe Cyberlaw Podcast - Interview with Daniel Sutherland
Stewart A. Baker, Maury Shenk, Jason M. Weinstein
April 14, 2014

Stewart Baker, Maury Shenk, and Jason Weinstein discuss this week in NSA: The FBI and ACLU tangle over FOIA; Larry Klayman loses an appeal over Section 215 metadata collection; according to a Bloomberg article the NSA exploited the Heartbleed security flaw for years – the NSA conclusively denied the story immediately; this week in FTC: the District Court ruling in the Wyndham case was largely unsurprising; Whatsapp and Facebook are being locked into their current privacy policies; the commission fairly charges jerk.com with deceptive practices and orders them to delete data; the European Court of Justice makes news, striking down parts of the data retention directive that have long distinguished Europe as a far less privacy-protective jurisdiction than the United States; continuing the tutorial in class action tactics, the Target litigation is consolidated in Minnesota; the Justice Department and the FTC issue antitrust guidance designed to ease the fears of companies that sharing cybersecurity information will create antitrust liability; and international cyberdiplomacy is slowly recovering from the Snowden leaks. The US makes a creative response to Iran’s DOS attacks on banks, and it tries candor on China. In our second half, we have an interview with Dan Sutherland, Associate General Counsel, National Protection and Programs Directorate at the US Department of Homeland Security. The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.


Steptoe Cyberlaw Podcast - Interview with Benjamin Wittes
Stewart A. Baker, Michael Vatis, Jason M. Weinstein
April 7, 2014

Stewart Baker, Michael Vatis, and Jason Weinstein discuss this week in NSA: A Reuters story claims that researchers showed something bad about the way NSA influenced the Dual EC encryption standard; a civil libertarian academic who was part of the President’s expert’s group NSA published a candid assessment of the agency – almost all of it positive; and Yahoo! has finally been able to encrypt its back-office communications; this week in Reruns: LabMD’s latest filing; the banks that sued Target’s security assessor have had second thoughts; Microsoft’s search of Hotmail to protect its property yields a guilty plea; and Google’s struggle with the most famous ten-second video performance in history ends abruptly; The Onion Router doesn’t really turn your messages into spoofed news stories (cool as that would be); Federal magistrates impose limits on computer search warrants as a condition of signing them. In our second half, we have an interview with Benjamin Wittes, senior fellow in Governance Studies at The Brookings Institution and co-founder and editor-in-chief of the Lawfare blog. The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.


Steptoe Cyberlaw Podcast - Interview with Michael Allen
Stewart A. Baker, Michael Vatis, Jason M. Weinstein
March 31, 2014

Stewart Baker, Michael Vatis, and Jason Weinstein discuss this week in NSA: Proposal to replace NSA's 215 metadata program with one where the data remains with the telephone companies; the new chief judge at the FISA court; and China has promised to bolster its cybersecurity while protesting news that Huawei was hacked by NSA, this week in Target: Banks suing not just Target but also its security assessor, Microsoft admits to opening a subscriber's Hotmail account to track an employee who was leaking its business secrets, Bitcoin assets to be subject to capital gains calculations. In our second half, we have an interview with Michael Allen, former Majority Staff Director of the House Intelligence Committee and Founder & Managing Director of Beacon Global Strategies. The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.


Steptoe Cyberlaw Podcast - Interview with Jim Lewis
Stewart A. Baker, Michael Vatis, Jason M. Weinstein
March 24, 2014

In our twelfth episode of the Steptoe Cyberlaw Podcast, Stewart Baker, Michael Vatis, and Jason Weinstein discuss this week in NSA: The President meets tech execs again on privacy and NSA; a decision/announcement on 215 changes seems imminent; Silliest Press Angle of the week: the press is shocked to hear government lawyers say that tech companies knew of PRISM intercepts; NSA “reaches into the past”; IBM denies helping NSA; NSA hacks Huawei; Brazil drops localization requirement, IL two-party consent law struck down, Gmail intercept class denied, settlement for victims who didn’t suffer harm, Android user privacy/battery case advances, and additional stories: Ninth Circuit “Innocence of Muslims” ruling undermined by Copyright Office but enbanc denied; SSCI-CIA forensic review ordered. In our second half, we have an interview with Jim Lewis of the Center for Strategic and International Studies. The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.


Steptoe Cyberlaw Podcast - Interview with Dan Novack
Stewart A. Baker, Markham Cho Erickson, Daniella Terruso, Michael Vatis
March 17, 2014

In our eleventh episode of the Steptoe Cyberlaw Podcast, Stewart Baker, Markham Erickson, Daniella Terruso, and Michael Vatis discuss this week in NSA: The EFF overrides one of the privacy protections in NSA’s metadata program by killing the 5-year retention limit; what is the New York Times story on “raw take” about?; will the NSA and the telcos will end up going “Dutch,” as in Ruppersberger; and Stewart brags about the results in his latest debate over Edward Snowden, who is starting to wear out his welcome with Americans; other fallout from the NSA leaks: Commerce announced its willingness to give up an oversight role for ICANN; members of the European Parliament start work on a data protection that they can’t finish before elections; the legal claims in the SSCI-CIA brouhaha; the Silverpop case and how it may be harder to win a hacker-breach negligence case than some of us thought; this week in the Target breach case: Did Target miss a chance to stop the exploit?; privacy groups want to block the Whatsapp deal on privacy grounds; additional stories: the public’s first good look at Russia’s cyberespionage tools; Google starts encrypting search in China; Leon Panetta invokes “cyber Pearl Harbor;” and it turns out we could lose power for 18 months if a handful of substations are successfully attacked. In our second half we have an interview with Dan Novack, a former big-firm litigator now serving as legal analyst at First Look, the Greenwald/Omidyar news service. The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.


Steptoe Cyberlaw Podcast - Interview with Mark Weatherford
Stewart A. Baker, Jason M. Weinstein
March 10, 2014

In our tenth episode of the Steptoe Cyberlaw Podcast, Stewart Baker and Jason Weinstein discuss NSA/Snowden: Keith Alexander hints about a possible end to the broad collection of metadata – and the FISA court’s refusal to extend the 5-year retention deadline for NSA’s store of metadata. Was that ruling a defeat for NSA – or the result of a clever litigation strategy?, Roundup of Bitcoin news: What is going on here?!, Taking a second look at the copyright fight over “Innocence of Muslims”, in wiretap news, the $21 million Justice Department claim against Sprint for overcharging on wiretaps, this week in cybersecurity policy: the Obama administration’s approach is getting the most sincere form of flattery from other nations; China and Europe are once again living out the fantasies of American officials; except for the FTC, which as far as we can tell is already living in its own fantasy, riding a 50-plus streak of wins to a couple more victories, though one was closer than expected. In our second half we have an interview with Mark Weatherford, a Principal at the Chertoff Group. The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.


Steptoe Cyberlaw Podcast - Interview with Adam Sedgewick
Stewart A. Baker, Michael Vatis, Jason M. Weinstein
March 5, 2014

In our ninth episode of the Steptoe Cyberlaw Podcast, Stewart Baker, Michael Vatis, and Jason Weinstein discuss NSA/Snowden: NSA weighs options for 215 data and the Office of the Director of National Intelligence will not disclose the study of storage options; GCHQ’s webcam captures; Canadian extradition flap; ABA President sends letter to NSA, LabMD falters, Cellphone unlocking – the long withdrawing roar of copyright maximalism begins, Holder calls for a national breach notice law – so why don’t we have one?, Julie Brill’s Princeton speech – big data and consumer privacy, Report from NSA: Trustycon and the boycott; What’s hot – bot catchers and intelligence driven security, and this week in weird copyright law – what the Google/Islam/takedown decision means. In our second half we have an interview with Adam Sedgewick, Senior Information Technology Policy Advisor at the National Institute of Standards and Technology. The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.


Steptoe Cyberlaw Podcast - Interview with Ed Stroz
Stewart A. Baker, Michael Vatis, Jason M. Weinstein
February 24, 2014

In our eighth episode of the Steptoe Cyberlaw Podcast, Stewart Baker, Michael Vatis, Jason Weinstein and guest commentators Stephen Heifetz and Stephanie Roy discuss this week in NSA/Snowden: Law Firm Surveillance Report Cited in Legal Challenge and Report: American law firm's communications spied on; Merkel Backs Plan to Keep European Data in Europe and EU Trade Deal Dead Unless US Spying Fixed, Lawmakers Say, Target breach update: Analyst estimates that Target may have to pay $1.1 billion, mainly to banks, FCC charts a Net Neutrality policy, and the National Cybersecurity and Critical Infrastructure Protection Act of 2013. In our second half we have an interview with Ed Stroz, Executive Chairman at Stroz Friedberg. The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.


Steptoe Cyberlaw Podcast - Interview with Steve Chabinsky
Stewart A. Baker, Michael Vatis, Jason M. Weinstein
February 21, 2014

In our seventh episode of the Steptoe Cyberlaw Podcast, Jason Weinstein discusses: •This week in NSA: Clapper says Snowden exploited perfect storm of security lapses/Snowden swiped password from NSA coworker; FISA Court backs Pres. Obama’s changes to phone metadata program/government seeking info about private sector’s ability to hold the data; Rand Paul sues Pres. Obama •Target breach update: Hackers exploited holes in network-management software; Target employees warned of risks; Experts predict new wave of cybercrime •NIST framework announced •Court orders government to disclose FISA information to defense in lawsuit In our second half we have an interview with Steve Chabinsky, Senior Vice President, General Counsel and Chief Risk Officer of Crowdstrike. The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.


Steptoe Cyberlaw Podcast - Interview with John Rizzo
Stewart A. Baker, Michael Vatis, Jason M. Weinstein
February 11, 2014

In our sixth episode of the Steptoe Cyberlaw Podcast, Stewart Baker, Michael Vatis, and Jason Weinstein discuss This Week in NSA: Transparency reports disclose Foreign Intelligence Surveillance orders and telephony metadata program is not tracking as much as previously thought, Target breach update: hackers got in through HVAC contractor and Senate Judiciary Committee hearing and legislation, Lavabit hearing, Google class action order, and possible CFAA amendments. In our second half we have an interview with John Rizzo, author of the recently released “Company Man,” his memoir of his time as a CIA Lawyer. The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.


Steptoe Cyberlaw Podcast - Interview with David Medine
Stewart A. Baker, Christopher R. Conte, Jason M. Weinstein
January 27, 2014

Stewart Baker, Jason Weinstein, and guest commentator Steptoe partner Chris Conte, discuss the Privacy and Civil Liberties Oversight Board issues report, SEC's National Examination Program identifies cybersecurity risk as exam priority, Supreme Court grants cert on cell phone searches incident to arrest, Verizon transparency report, FTC gets consent decrees from companies for falsely claiming to be in the Safe Harbor, The revival of the Privies, Snowden claims NSA is stealing industrial secrets unrelated to national security. In our second half we have an interview with David Medine, chairman of the Privacy and Civil Liberties Oversight Board. The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.


Steptoe Cyberlaw Podcast - Interview with Chris Inglis
Stewart A. Baker, Michael Vatis, Jason M. Weinstein
January 23, 2014

Stewart Baker, Michael Vatis, and Jason Weinstein discuss the Aereo case that the Supreme Court has decided to hear; share their reactions to the President’s NSA announcement; explain what went on with Apple’s refund of in-app purchases; discuss NIST’s announcement that they would reduce the privacy rules to the cybersecurity framework; and discuss the President’s proposal to treat foreign nationals privacy similar to US citizens. This episode closes with an interview with Chris Inglis, former deputy director of NSA. The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.


Steptoe Cyberlaw Podcast - Episode Two
Stewart A. Baker, Stephanie Roy, Michael Vatis, Jason M. Weinstein
January 21, 2014

In our second episode, Stewart Baker, Michael Vatis, Jason Weinstein, and guest panelist Stephanie Roy predict what the President may say regarding the NSA; discuss the latest update in the Target and Nieman Marcus breaches; and explain the recent net neutrality decision. The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.


Steptoe Cyberlaw Podcast - Episode One
Stewart A. Baker, Michael Vatis, Jason M. Weinstein
January 15, 2014

In this first episode, Stewart Baker, Michael Vatis, and Jason Weinstein discuss proposed changes to national security law as recommended in the "Liberty and Security in a Changing World: Report and Recommendations of The President's Review Group on Intelligence and Communications Technologies," published on December 12, 2013. The report offers forty-six recommendations of changes to national security law and policy. The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.


CFIUS Report: A Significant Increase In Scuttled Deals
Stewart Baker, Stephen Heifetz
January 13, 2014, Law360
Cyber Incidents: The Appropriate Response?
Andy Irwin, Stewart Baker, Tom Barletta, Ed Krauland, and Teddy Nemeroff
January 2014, WorldECR
CFIUS Report: Significant Increase In Scuttled Deals
Edward J. Krauland, Stewart A. Baker, Timothy M. Walsh, Stephen Heifetz, Peter Edward Jeydel
January 8, 2014
New Defense Rule Creates Export Control Concerns for Unclassified Technical Data
Andy Irwin, Stewart Baker, Tom Barletta, Ed Krauland, and Teddy Nemeroff
January 2014, WorldTrade Executive: Practical Trade and Customs Strategies
TARGETed for a Breach – and Now TARGETed for Litigation
Stewart A. Baker, Markham Cho Erickson, Michael Vatis, Jason M. Weinstein
December 30, 2013
A Battle That Snowden Is Not Winning
The New York Times
Stewart A. Baker
December 19, 2013
DOD Amends DFARS to Bolster Cybersecurity of Unclassified Contractor Systems, Answering Some Questions and Raising Others
Andrew Irwin, Stewart Baker, Tom Barletta, Ed Krauland, and Teddy Nemeroff
December 11, 2013, The Government Contractor
DoD Issues Final DFARS Rule Regarding Safeguarding Unclassified Controlled Technical Information and Cyber-Reporting
Andrew D. Irwin, Edward J. Krauland, Stewart A. Baker, Stephen Heifetz, Marc Frey, Thomas P. Barletta
December 4, 2013
DoD Publishes Interim Rule on Supply Chain Security for Defense Contractors
Stewart A. Baker, Thomas P. Barletta, Marc Frey, Stephen Heifetz, Andrew D. Irwin, Edward J. Krauland
December 3, 2013
Book Review: 'Treasury's War,' by Juan Zarate
Stewart A. Baker
October 28, 2013
Allies Aren’t Always Friends
Stewart A. Baker
October 24, 2013
The Best Cyberdefense is a Good Offense
Stewart A. Baker
October 4, 2013, Law360
Spy Programs Make Us Safer: Opposing View
Stewart A. Baker
September 9, 2013, USA Today
Keep Away: CFIUS Forces Procon-Lincoln Divestment, Demonstrating Continuing Strict Scrutiny of Acquisitions Near Defense Installations
Stewart A. Baker, Stephen Heifetz, Peter Edward Jeydel, Edward J. Krauland, Timothy M. Walsh
July 1, 2013
White House Issues Executive Order on Improving Critical Infrastructure Cybersecurity
Stewart A. Baker, Marc Frey, Michael Vatis
February 15, 2013
CFIUS Flexes Its Muscles
Stewart A. Baker, Stephen Heifetz, Edward J. Krauland, Timothy M. Walsh
November 1, 2012
Rethinking the Private Sector's Role in Cybersecurity
Stewart A. Baker
October 5, 2012, Law360
Steptoe Cyberblog
Stewart A. Baker, Michael Vatis
June 11, 2012
What Is the Role of Lawyers in Cyberwarfare?
Stewart A. Baker
May 1, 2012, ABA Journal
CISPA isn't 'son of SOPA'
Stewart A. Baker
April 24, 2012, Politico
Former Assistant Secretary of DHS for Policy Proposes ‘Adversary-Based’ Approach to Cyber Security
Stewart A. Baker
April 17, 2012, GSN: Government Security News
Update on Cybersecurity Legislative Efforts
Stewart A. Baker, Douglas Kantor, Michael Vatis
March 6, 2012
How Should Corporate Boards and General Counsels Deal with Cyber Risks?
Stewart A. Baker
February 14, 2012, Bloomberg Corporate and M&A Law Report
The SEC and Cybersecurity
Stewart Baker
January 20, 2012, The Deal
Denial of Service
Lawyers are crippling America's ability to defend against cyberwar with arcane rules and regulations. But war waits for no man.
Stewart A. Baker
September 30, 2011, Foreign Policy
A Security Turf War?
An odd attack on the NYPD
Stewart Baker
August 28, 2011, New York Post
How Europe Puts America at Risk
Stewart A. Baker
October 8, 2010, The Washington Post
“Staying Ahead of CFIUS”, The Deal
Stewart A. Baker, Stephen Heifetz
October 1, 2010
Addressing National Security Concerns
Stewart A. Baker and Stephen R. Heifetz
September 24, 2010, Insight
New Executive Order to Prompt Changes in Security Standards for Biolabs
Stewart A. Baker, Marc Frey, Stephen Heifetz
September 3, 2010
Cyber Security Alert - Major Cyber Security Threat Affecting US Companies
Stewart Baker and William Nakhleh
July 28, 2009
"Trade and Electronic Commerce"
Stewart A. Baker
2005, The World Trade Organization: Legal Economic and Political Analysis
Patriot Debates: Experts Debate the USA PATRIOT Act
(Stewart A. Baker and John Kavanagh, eds.)
2005, American Bar Association
A Patch in Time Saves Nine: Liability Risks for Unpatched Software
Stewart A. Baker
2003, National Legal Center for the Public Interest
The Executive’s Desk Book on Corporate Risks and Response for Homeland Security
Stewart A. Baker
2003
Co-author, The Limits of Trust – Cryptography, Governments and Electronic Commerce
Stewart A. Baker, Paul R. Hurst
1998
“Should Spies Be Cops?” (Winter 1994-95)
Stewart A. Baker
97 Foreign Policy 36
Mr. Baker has published a number of articles in such newspapers as The Wall Street Journal, The Washington Post, the Los Angeles Times, and The Journal of Commerce.
Stewart A. Baker

View All Current Publications | View Archived Publications