The next National Defense Authorization Act (the NDAA FY’18) is nearing the finish line. A Conference Report is now available, and so the time has come for a closer look at some of the key provisions of interest to Lawfare readers. My colleague Scott Anderson is going to post a broad overview shortly. For my part, I’d like to walk you through the “Cyberspace-Related Matters” section (sections 1631-1649C).
Latest in Cybersecurity
Alan Cohn and I did a one-hour explanation of the fuss over the Wassenaar Arrangement, intrusion software, and cybersecurity on Friday. Because we did it for the Federalist Society’s Regulatory Transparency Project, we tried to link this international regulatory initiative to broader lessons about regulating technology in today’s world. One of the lesser lessons: European officials will always be invited to better lunches than their American counterparts.
Deputy Attorney General Rod Rosenstein’s speech on encryption reveals law enforcement’s misunderstanding of risks.
We are fast moving to a world in which customers and users of all stripes become the exclusive gatekeepers of their own data and communications.
The U.K’s new Green Paper, takes a stronger stance on internet regulation. The policies outlined, and those anticipated, will change the face of private sector internet operations.
The Equifax breach raises questions about the duty of care with respect to special relationships and statutes as the basis for a claim.
A review of Ben Buchanan's The Cybersecurity Dilemma: Hacking, Trust and Fear Between Nations (Oxford University Press, 2017).
Surviving standing in a data-breach lawsuit.
C4ISRNET recently published an interesting and useful four-part series exploring what U.S. Cyber Command will need to operate on its own, separate from the National Security Agency. (Part I is here and provides links to the other parts in the series.)