The Empire Strikes Back, at Elon
The Cyberlaw Podcast leads with the rising legal costs of Elon Musk’s anti-authoritarian takeover of Twitter. It turns out that authority figures have a mean streak, and many weapons, many grounded in law, as Twitter is beginning to learn. Brian Fleming explores one of them – the seemingly immortal notion that the Committee on Foreign Investment in the United States (CFIUS) should review Musk’s Twitter deal because of a relatively small stake that went to investors with Chinese and Persian Gulf ties. CFIUS may indeed seek information about what Twitter data these investors want access to, but I’m skeptical that CFIUS will be moved to act on what it learns. More dangerous for Twitter and Musk, says Charles-Albert Helleputte, is the possibility that the company will lose its one-stop-shop privacy regulator for failing to meet the elaborate compliance machinery set up by European privacy bureaucrats. A quick calculation could expose Twitter to fines of up to 120% of annual turnover. That would be smart. Finally, I repeat my opinion on all the people leaving Twitter for Mastodon in protest of Musk putting Babylon Bee and President Trump back on the platform. If the protesters really think Mastodon’s system is better, there’s no reason why Twitter can’t adopt it, or at least the version proposed by Francis Fukuyama and Roberta Katz.
If you’re looking for the outer edge of the establishment’s Overton window on China policy, you can’t do better than the US-China Economic and Security Review Commission, a consistently China-sceptical but mainstream body. Brian reproduces the commission’s latest report. The headline is about Chinese hacking, but the report doesn’t offer much hope for a solution to that problem, other than more disconnection.
Score one more win for the Trump-Biden continuity, and one more loss for the State Department. Michael Ellis reminds us that the Trump administration took much of Cyber Command’s decision-making on cyber offenses out of the National Security Council and put it back in the Pentagon. This made it much more difficult for the State Department to stop cybercrimes. When it appeared that this made Cyber Command more effective and not more unaccountable, the Biden administration followed its predecessor’s lead, drafting a memo that would largely ratify Trump’s order, with a few tweaks.
I unpack Google’s expensive (almost $400 million) settlement with 40 states over location history. Google’s promise to users that it would stop storing location history if the feature was turned off was poorly designed and misleading, but I doubt anyone actually wanted to prevent Google from using location for most of the apps where it remained operational, so the settlement is a good deal for the states, and a reminder of how unpopular Silicon Valley has become in both red and blue states.
Michael tells the doubly embarrassing story of an Iranian hack of the US Merit Systems Protection Board. It’s embarrassing enough for the board to be hacked using a log4j exploit that should have been patched a long time ago. But worse, an Iranian government hacker gained access to a US government network – and decided the access is best used to mine cryptocurrency.
Brian tells us that the U.S. goal to resume chip manufacturing is making progress, and Apple plans to use TSMC chips from a new factory in Arizona.
In a few updates and quick hits:
- I remind listeners that many tech companies are laying off employees, but that overall employment in Silicon Valley is still way up over the past couple of years.
- I am updating the mess on cryptocurrency exchange FTX, a mess that is only getting worse.
- Charles updates us on the next adequacy negotiations between the US and the EU, and the prospects for litigation in Schrems 3 (and 4 and 5).
- And I give both admiration and caution to Australia’s plan to “unleash the dogs” – in the form of its own Cyber Command equivalent – on ransom gangs. As the American experience shows, it makes for a great speech, but actual impact can be difficult to achieve.
Download Episode 431 (mp3)
You can subscribe to The Cyberlaw Podcast using iTunes, Google Play, Spotify, Pocket Casts or our RSS feed. As always, The Cyberlaw Podcast is open to feedback. Be sure to engage with @stewartbaker on Twitter. Send your questions, comments and suggestions for topics or interviewees to [email protected]. Remember: If your suggested guest appears on the show, we’ll send you a coveted Cyberlaw Podcast mug!
The views expressed in this podcast are those of the speakers and do not reflect the opinions of their institutions, clients, friends, families or pets