Cybercrime’s International Challenges

Jane and I are in Cluj-Napoca, Romania, for a conference titled “Crimes, Criminals, and the New Criminal Codes:¬†Assessing the Effectiveness of the Legal Response” at Babes-Bolyai University. Jane is speaking on “Surveillance in a Technological Age: The Case of the NSA,” and I’m giving a talk based on my forthcoming article Ghost in the Network. [...]

Cyberwar and Cyberespionage

My paper “Ghost in the Network” is available from SSRN. It’s forthcoming in the University of Pennsylvania Law Review. I’m appending the abstract and (weirdly, but I hope it will become apparent why) the conclusion below. Comments welcomed. Abstract Cyberattacks are inevitable and widespread. Existing scholarship on cyberespionage and cyberwar is undermined by its futile [...]

Petraeus and Privacy

The resignation of CIA Director David Petraeus, after a cyberharassment investigation brought his affair with biographer Paula Broadwell to light, has generated a fascinating upsurge in privacy worries. (Side note: I believe “working with my biographer” has now superseded “hiking the Appalachian Trail” as the top euphemism for infidelity). Orin Kerr has an excellent summary [...]

When Cybersecurity Makes Things Worse

Adam Dachis has an interesting and worrisome post up at Lifehacker. (Disclosure: he kindly asked me for input into the post.) It thinks about a post-CISPA world, where privacy exists only at the behest of companies who hold our information. CISPA would immunize these firms for sharing information with the federal government, so long as [...]

Cybersecurity Puzzles

Cybersecurity is in the news: a network intrusion allegedly interfered with railroad signals in the Northwest in December; the Obama administration refused to support the Stop Online Piracy Act due to worries about interfering with DNSSEC; and the GAO concluded that the Department of Homeland Security is making things worse by oversharing. So, I’m fortunate [...]

Goldilocks and Cybersecurity

It may seem strange in a week where Megaupload’s owners were arrested and SOPA / PROTECT IP went under, but cybersecurity is the most important Internet issue out there. Examples? Chinese corporate espionage. Cyberweapons like Stuxnet. Anonymous DDOSing everyone from the Department of Justice to the RIAA. The Net is full of holes, and there [...]

Cyber-Terror: Still Nothing to See Here

Cybersecurity is a hot policy / legal topic at the moment: the SEC recently issued guidance on cybersecurity reporting, defense contractors suffered a spear-phishing attack, the Office of the National Counterintelligence Executive issued a report on cyber-espionage, and Brazilian ISPs fell victim to DNS poisoning. (The last highlights a problem with E-PARASITE and PROTECT IP: [...]

The Myth of Cyberterror

UPI’s article on cyberterrorism helpfully states the obvious: there’s no such thing. This is in sharp contrast to the rhetoric in cybersecurity discussions, which highlights purported threats from terrorists to the power grid, the transportation system, and even the ability to play Space Invaders using the lights of skyscrapers. It’s all quite entertaining, except for [...]

WikiLeaks and the Pentagon Papers

For those interested in whistleblowing, WikiLeaks, and the role journalists can play as the Internet saps traditional media, I shamelessly recommend Consider the Censor, an essay I wrote in the Wake Forest Journal of Law & Policy that is now available on-line.

Cybersecurity Theory and Myths

David Opderbeck put together a terrific cybersecurity conference at Seton Hall today. I was on a panel discussing cybersecurity policy and legal theory. The audience was primarily law enforcement and practicing attorneys, so I asked, “What are you doing here?” In good academic fashion, I proceeded to (try to) answer my own question – why [...]