The FBI Laughs Last

We begin the episode with Michael Ellis taking a close look at the takedown of the ransomware gang. It’s a good story for the good guys, as REvil seems to have been brought down by the same tactic it used against so many of its victims—malware that lingered in the backups it used to restore its network. I note that this seems to be a continuation of efforts that were interrupted in the early summer—and led to a lot of criticism that the FBI had prioritized its intrusion and takedown over giving victims the decryption key. Looks like the FBI is getting the last laugh. The U.S. is trying to hold Putin responsible for stopping Russian ransomware gangs. Michael thinks that effort is not advanced by recent statements from the Pentagon raising doubts about whether Putin actually has the ability to stop the attacks. One technology where Russia’s capabilities have grown stronger is, naturally, the ability to censor and suppress criticism both on domestic and Western platforms. David Kris discusses the kinds of hostages Russia has learned to take, and their success in bringing Western social media to heel. The U.S. Commerce Department has released a complex new rule for the export of network intrusion tools. Meredith Rathbone, from Steptoe’s trade regulation practice, boils the rule down to a few soundbites. The short version? Commerce has done a pretty good job of protecting legitimate distributors of intrusion software, but even the good guys are going to have to save a lot more receipts. Michael and Paul Rosenzweig reprise the latest news about content moderation, particularly Twitter’s own study showing that its algorithms offer up a bit more conservative than left-wing content. That raises the question whether right-leaning commentary and news is more popular because more people want it. If so, the employees at Facebook are determined to keep it from them, as recent leaks show aggressive internal efforts to squash Breitbart’s reach on the platform. David and I unpack Ian Bremmer’s Foreign Affairs article on “How Big Tech Will Reshape the Global Order.” David sees more in the piece than I do. Paul and Michael kick off a discussion of our negotiations with the EU over transatlantic data flows. But in no time, all four of us are sounding off. We offer some solutions, and plenty of criticism for the EU (“The continent that invented hypocrisy”).  David notes that NSA is pursuing more collaboration with the private sector. How well that will work out is TBD, we agree. In quick hits and updates: I note with irony that Frances Haugen has discovered the limits of criticizing Facebook. Whatever you do, you can’t criticize WhatsApp’s growing use of end2end encryption, even if it does allow the service to ignore foreign cyberespionage. Trump and TRUTH are together at last, and Paul has the details. Bottom line: it feels like a typical Donald Trump production: great hype, plenty of controversy, and weak execution.  Hackback, isn’t dead, it turns out, yet. I discuss the political and business advocates for a kinder, gentler version of private hackback, modeled on private investigators. Download the 380th Episode (mp3) You can subscribe to The Cyberlaw Podcast using iTunes, Google Play, Spotify, Pocket Casts, or our RSS feed. As always, The Cyberlaw Podcast is open to feedback. Be sure to engage with @stewartbaker on Twitter. Send your questions, comments, and suggestions for topics or interviewees to [email protected]. Remember: If your suggested guest appears on the show, we will send you a highly coveted Cyberlaw Podcast mug! The views expressed in this podcast are those of the speakers and do not reflect the opinions of their institutions, clients, friends, families, or pets.