Podcasts
Caveat
Ep 116
Caveat 3.10.22
Ep 116 | 3.10.22

The call for robust security in the broadband rollout.

Show Notes
Transcript

Lauren Van Wazer: You've got to have effective access to broadband. And so therefore, we've got to be smart about how we deploy these federal dollars.

Dave Bittner: Hello, everyone, and welcome to "Caveat," the CyberWire's privacy, surveillance, law and policy podcast. I'm Dave Bittner. And joining me is my co-host Ben Yelin from the University of Maryland Center for Health and Homeland Security. Hello, Ben. 

Ben Yelin: Hello, Dave. 

Dave Bittner: Today, Ben shares two recent Supreme Court decisions on the state secrets privilege. I've got the story of the U.S. Senate passing cyber breach notification legislation. And later in the show, my conversation with Lauren Van Wazer from Akamai on their call for robust security in the broadband rollout. 

Dave Bittner: While this show covers legal topics and Ben is a lawyer, the views expressed do not constitute legal advice. For official legal advice on any of the topics we cover, please contact your attorney. 

Dave Bittner: All right, Ben, let's jump into some stories here this week. Why don't you start things off for us? 

Ben Yelin: So we have two Supreme Court decisions that came down very recently dealing with the so-called state secrets privilege. As you recall, we've talked about this privilege a number of times. It is a common law legal privilege that the state can decide to withhold information from a court if it deems that information a threat to national security. In some instances, that means that the court would throw away the case entirely. And in other cases and most times it's invoked, it means that that particular piece of evidence can be excluded. We've had it in the United States throughout our history. It was articulated in a 1950s case called Reynolds v. United States. 

Dave Bittner: OK. 

Ben Yelin: So there are two cases that came out this week. One of them is of more interest to us, and that is about electronic surveillance that took place back in the old days, the early 2000s, in the San Diego area. There was an FBI informant who was snooping around in the area to try and suss out radical Islamic jihadists in Southern California. So he went to a mosque in Irvine, Calif., and started talking about jihad and violence. And it turns out that the actual people at this mosque were nonviolent. Not only that, but they realized that... 

Dave Bittner: (Laughter). 

Ben Yelin: ...They were being played by this informant, so they called... 

Dave Bittner: I'm imagining this guy ham-handedly walking into a mosque and saying, I'm here to do crimes (laughter). 

Ben Yelin: Yeah, exactly. He seems like he was not the best informant. 

Dave Bittner: Right (laughter). 

Ben Yelin: Anyway, they called law enforcement on him, probably to be like, if this guy's not an informant, we have a jihadist for you. 

Dave Bittner: (Laughter) Right, right, OK. 

Ben Yelin: So with very good reason, these individuals sued the FBI and Mr. Monteilh... 

Dave Bittner: OK. 

Ben Yelin: ...Alleging unlawful electronic surveillance. 

Dave Bittner: All right. 

Ben Yelin: This is a case that's been playing its way through the court for, you know, probably 15 years now. 

Dave Bittner: Wow. 

Ben Yelin: The broader question in the case is whether the government can get this case thrown out under the state secrets privilege, saying they don't want to divulge their methods of electronic surveillance in the war on terrorism. The very narrow question is whether a provision in FISA, the Foreign Intelligence Surveillance Act, supersedes the state secrets privilege. So there's a provision in that act - if you want to take notes on this, it's 1806(f) - that... 

Dave Bittner: Ah, yeah. Ah, yes, 1806(f). 

Ben Yelin: Yes, that one. 

Dave Bittner: One of my favorites. 

Ben Yelin: Has a nice ring to it. 

Dave Bittner: (Laughter). 

Ben Yelin: So in that provision, there's a whole procedure when the government is looking to classify information as part of some criminal case dealing with foreign intelligence. And the way the process works is the case will go ex parte in camera, so in the chambers of the judge with no parties present. The judge will review the evidence to see if it presents some type of national security concern. 

Dave Bittner: OK. 

Ben Yelin: What the 9th Circuit Court of Appeals in - which is located on the West Coast of the United States, held is that FISA supersedes the state secrets privilege. So the government can't invoke the state secrets privilege, in their view, because FISA already lays out a process of what to do when you're dealing with classified information. 

Dave Bittner: Oh. 

Ben Yelin: That decision was appealed to the Supreme Court in a 9-0 decision, which you rarely see on things that are even remotely controversial. The court held that the FISA provision actually does not displace the state secrets privilege. They are separate and distinct from one another. 

Ben Yelin: The reasoning - and this is in a decision by Justice Samuel Alito - is that nothing in the FISA statute calls out the state secrets privilege, gives any indication that FISA supersedes the state secrets privilege. And, you know, FISA is concerned about restricting the government's use of evidence. That's why we have this FISA process, so that they're not using illegally obtained evidence. 

Ben Yelin: The state secrets privilege is broad enough that, you know, sometimes it could be invoked to bar evidence that was illegally or unreasonably obtained. So the result of that means when we have some type of potentially illegal surveillance, the government can get that evidence thrown out or the case thrown out of court under the state secrets privilege regardless of how that process would work out under FISA. 

Ben Yelin: So this bolsters, I think, the usefulness of the state secrets privilege for the government in cases where, you know, there might be some questions about whether they should have invoked the state secrets privilege in the first place. 

Dave Bittner: So does this remove a layer of oversight, then, because we're not going to - in front of a judge, in the judge's chambers, to have a look at this? It gets thrown out before that happens? 

Ben Yelin: Basically, yeah. So there's also a process laid out in the Reynolds case on how to deal with classified information under the state secrets privilege. Basically, the government has to make some type of preliminary showing that this is the type of information that might harm national security. And if a judge agrees with that declaration, he can exclude that evidence even without digging into the details of those allegations. 

Ben Yelin: And this comes from, you know, a long-held notion emanating from Article II of the Constitution that the executive branch has power over national security matters. And it's not the job of the court to distrust the national security establishment when they come with this type of evidence. 

Ben Yelin: Of course, we know that that's not always the case. And in fact, a point I think I've made on the show is we found that about 60 years after the Reynolds case was decided, that the information at issue in that case wasn't actually secretive at all. The government was trying to hide its own negligence. It was a case relating to Air Force planes during the Cold War era. 

Ben Yelin: So, you know, we know that the government doesn't always properly invoke the state secrets privilege. And with that in mind, we have this other case. It doesn't concern electronic surveillance, so not as much in our wheelhouse, but it does concern the state secrets privilege, and I think it's important to cover. It is the United States v. Zubaydah. 

Dave Bittner: OK. 

Ben Yelin: So Zubaydah was captured in the battlefields in Afghanistan during the early years of the war on terrorism and was held at one of those black sites. That black site was later determined to be in Poland. It's been confirmed not by our government, but by basically everybody else - international amnesty organizations, nonprofits. Everybody who was involved in this detention has confirmed that this black site was in Poland. 

Dave Bittner: OK. 

Ben Yelin: So Zubaydah was brutally tortured using enhanced interrogation techniques, as we called it during the 2000s, and there is now a case in Polish criminal court that would basically hold the Polish government accountable to what happened to Zubaydah. And Zubaydah wants the testimony from two CIA contractors who he alleged - he's alleging basically tortured him at this black site. And United States is trying to stop these individuals from testifying by invoking the state secrets privilege, saying it would be dangerous for them even to admit the existence of this black site in Poland - that would jeopardize national security. 

Dave Bittner: The black site that everyone else already... 

Ben Yelin: Knows it's true. 

Dave Bittner: ...Knows about. OK. (Laughter) All right. Go on. 

Ben Yelin: So the Supreme Court, in a decision by retiring Justice Stephen Breyer, said that, in this case, the state secrets privilege can be properly invoked. The government has made a good enough showing that even admitting the existence of this black site in Poland would harm national security. 

Ben Yelin: You know, I think what most of us would say is it was already in the public domain anyway. What's the difference? What Breyer says is, you know, the government might have its reasons, even if information is public, for not themselves admitting that the site exists. 

Dave Bittner: OK. 

Ben Yelin: There is some extra cachet that comes with it when it's the government admitting that the site exists. Basically, maybe we'd be violating some type of bilateral agreements by admitting it ourselves. 

Ben Yelin: So it was a 6-3 decision. It was kind of bifurcated. Some justices agreed with some parts of the decision. I won't bore you with the minutia of that, except to say that there was a impassioned dissent from Justice Gorsuch, signed by Justice Sotomayor. So we have this cross-ideological dissent, which I just find so fascinating - probably the most conservative and the most liberal justice on the court. 

Ben Yelin: It was basically a broadside against the invocation of the state secrets privilege in this case, with these two justices saying, everybody knows this took place. Everybody knows the black site was in Poland. The government is just trying to avoid any determination of negligence or legal responsibility here, as they frequently do with the state secrets privilege. You know, Gorsuch flat-out says, you might be ashamed of the fact that you tortured this guy 20 years ago. That should not shield you from legal liability. So it's really a remarkable defense. 

Ben Yelin: You know, to sum up what we see in these two cases, the state secrets privilege is alive and well. In the national security context, it can be used even if there is unlawful electronic surveillance. But I think there's a hint now, with this dissent, that we have justices who are willing to see the follies of the privilege and how it can be abused, and that might be of interest going forward as the makeup of the court changes. 

Dave Bittner: What kind of oversight is there on the state secrets privilege? I mean, is it - does it - is it one of these things where it is only when it goes to a court that things get decided? Or I guess what I'm asking is, you know, to what degree at this point in time do we feel like the state secrets privilege is used in good faith for what it is designed for, versus being kind of a get-out-of-jail-free card? 

Ben Yelin: I frankly think, you know, it would be appropriate to see it as a get out of jail free card knowing what we know about history. There have been efforts to reform it. There was a bill that was introduced every Congress, you know, that never actually went anywhere. It was advocated for by Senator Patrick Leahy, currently the most senior member of the Senate, that would limit the use of the state secrets privilege to only extraordinary circumstances. In the early Obama years, Attorney General Holder tried an effort to rein in the state secrets privilege and guarantee that the government wouldn't abuse it. You know, it's something that then-candidate Obama criticized about the Bush administration's prosecution of the war on terrorism. Of course, that all changes once you get into office. 

Dave Bittner: (Laughter) Right, and you thought... 

Ben Yelin: Now that I'm the president, I have this awesome tool. 

Dave Bittner: It's very useful for me (laughter). 

Ben Yelin: Yeah. I could keep these bad things out of court. Of course, I'm going to use it. 

Dave Bittner: Torture. What torture? There's no torture. 

Ben Yelin: Yeah. I don't want to be held liable. 

Dave Bittner: (Laughter). 

Ben Yelin: So the Obama administration, just like every administration before them, made use of the state secrets privilege to its fullest. 

Dave Bittner: Yeah. 

Ben Yelin: And, you know, we know it continued in the Trump administration 'cause it was secretary - or then-CIA director Mike Pompeo who invoked it in the Zubaydah case. It has to be invoked by the head of the relevant department. 

Dave Bittner: OK. 

Ben Yelin: So there is oversight in the sense that, you know, this is something that Congress has its eye on. We've talked about executive order 12333, where maybe that's kind of out of the oversight purview to a certain extent from congressional committees. That's not the case here. You know, we have pretty good notice when the state secrets privilege is being invoked. But the Supreme Court and judges across the country have given great deference to the government when they invoke this privilege. And given what we know about history and Gorsuch in his dissent talks about what happened with the Reynolds case, I think more skepticism really does need to be applied in those circumstances. 

Dave Bittner: All right. Well, that's a lot, isn't it (laughter)? 

Ben Yelin: Yes. Sorry, I bombarded you with a lot of information there. 

Dave Bittner: I'm going to be thinking about this all day now, Ben. Thanks a lot (laughter). 

Ben Yelin: Well, if you want to immerse yourself in it, the Supreme Court website obviously posts all their opinions. 

Dave Bittner: Yeah. 

Ben Yelin: And I particularly recommend the Gorsuch-Sotomayor dissent in the Zubaydah opinion. 

Dave Bittner: How interesting that it's - you know, as you say, very, very different points of view typically from those two justices. 

Ben Yelin: Yeah - and that they found this area of common ground. I think it's really meaningful that it came from the two of them. 

Dave Bittner: Yeah. All right. Well, we will have links to those stories in the show notes. My story this week comes from The Washington Post. This is a story written by Joseph Marks, and it's titled "The Senate is Finally Passing Big Cyber Bills." (Laughter) Hallelujah, right? 

Ben Yelin: Woo hoo. 

Dave Bittner: (Laughter). So this was the day of President Biden's State of the Union address. The Senate passed a bill that is a measure that enhances cyber reporting requirements. And this is something that's been called for for a while. They attempted to pass this, I guess, last year, but it did not pass. And this year it seems as though things have changed. I think perhaps the situation in Ukraine has made folks a little more focused on cyber and the part it plays in national security and defense and so on and so forth. So this is going to put rules on how organizations must report breaches - puts a timeline on them. Also in the bill - updates some rules for how government agencies manage their information security and how they manage cybersecurity of cloud computing systems in federal agencies and things like that. This has not yet passed the House. But this article seems to think that there's a good chance that it will do so. What do you think of this, Ben? 

Ben Yelin: It's a huge step. I think it's a big deal. We haven't seen a major piece of cybersecurity related legislation in several years. As you mentioned, this particular proposal failed last year due to kind of parochial reasons having to do with logrolling this provision to a larger bill. But there's pretty much unanimous support for this approach in the Senate. It's a bipartisan bill - Senator Gary Peters, a Democrat of Michigan, and Rob Portman, a Republican of Ohio. I think there is certainly new urgency sparked by what's happening in Ukraine and this prospect that - you know, this has almost become a cliche at this point - but that we're in line for some type of, you know, cyber September 11. I think that's certainly true for when we're talking about critical infrastructure. You know, cybersecurity threats can seem abstract. Even things like ransomware - if you're not attacked by ransomware, you know - not that many people in some circumstances really feel the kinetic effects. When we're talking about something like critical infrastructure and we're knocking out power grids or water systems or sewage systems, that becomes really scary. And nothing inspires legislation - legislators to move more than the concept of fear. 

Dave Bittner: (Laughter). 

Ben Yelin: And I think that's been proven throughout history. 

Dave Bittner: Fear, but primarily fear of not being reelected, right? (Laughter). 

Ben Yelin: Well, yeah. But I also think there is a real, genuine concern right now that - you know, we're at the first stage of this conflict... 

Dave Bittner: Yeah. 

Ben Yelin: ...With Ukraine, and the next stage might be more of the cyberattack stage to their engagement. 

Dave Bittner: Yeah. 

Ben Yelin: And I think this is members of Congress recognizing that threat. It does seem like it has good prospects in the House. So certainly, this is something that the president would sign if he - reached his desk. So I think the prospects are quite good, and I think it's encouraging to see that legislators from both sides of the aisle are willing to compromise on something like this. 

Dave Bittner: Yeah. 

Ben Yelin: It is just a notification bill. I mean, as important as that is, it's not as substantive as other pieces of legislation that, you know, mandate minimum security standards. We do those types of things for federal agencies. We haven't yet done that at a broader level. But this is certainly a first step. And as this article says, it is sort of a sea change in that it applies to all different types of critical infrastructure firms. I just... 

Dave Bittner: Yeah. 

Ben Yelin: And we haven't seen something this broad in the past. 

Dave Bittner: Yeah. The article points out that, you know, this is going to give organizations like CISA better insight on exactly what the - what's happening across the country in terms of the attacks that are happening. Some critics of the bill say that it has terminology in it - they refer to a substantial cyber incident and that that is a little vague. 

Ben Yelin: Right. 

Dave Bittner: And also, they're saying that a 72-hour deadline for reports may be too quick to share useful information. I - that's - you know, that's a complaint I've seen when this has come up in the past, that people say, you don't want to have the reporting be too quick because the incident responders are still working out exactly what happened sometimes if something happened. 

Ben Yelin: Right. 

Dave Bittner: I don't know if I agree with that. I think, you know, perhaps the 72-hour deadline could include, hey, something's happening. Something happened. 

Ben Yelin: Right. 

Dave Bittner: We're still working on it (laughter), but... 

Ben Yelin: We don't have all the information yet. 

Dave Bittner: Right. 

Ben Yelin: But there's... 

Dave Bittner: We know that - but that clock is running. We acknowledge that clock is running, so we're putting you on notice that we think something has happened. So, you know, let it be that. I think it's reasonable. 

Ben Yelin: I think that's fair. I mean, you also - you have to draw the line somewhere. 

Dave Bittner: Right, right. 

Ben Yelin: You know, if you don't give a deadline, then there's not going to be any incentive for them to report. You know, we have already shielded them from liability for reporting. That's what we did in 2015. 

Dave Bittner: Yeah. 

Ben Yelin: But, you know, you need to have some type of temporal deadline in there. So I think 72 hours is as reasonable as anything else. Hopefully, in most circumstances, you would have moved beyond the emergency response phase at that point, and you're moving more towards the recovery phase. 

Dave Bittner: Yeah. 

Ben Yelin: And I think that's the general thinking behind 72 hours. It's not, you know, when there are still metaphorical bodies on the ground. 

Dave Bittner: (Laughter) Right. 

Ben Yelin: So to speak. 

Dave Bittner: Right, right. No, I think this is a good thing. I think this is a move in the right direction, to have this kind of reporting. I think good things will come of this. So I tend to agree with this. So I hope it passes the House. 

Dave Bittner: All right. That is my story this week. We will have a link to that in the show notes as well. 

Dave Bittner: Ben, I recently had the pleasure of speaking with Lauren Van Wazer. She is the VP of public policy from Akamai. And we're discussing the call for robust security in the broadband rollout. Here's my conversation with Lauren Van Wazer. 

Lauren Van Wazer: The National Telecommunications and Information Administration is the agency that advises the president on telecommunications, internet and broadband policy writ large. It sits in the Department of Commerce, so it's an agency contained within the Department of Commerce. 

Dave Bittner: I see. And this is an advisory organization? Or do they have any regulatory function there? 

Lauren Van Wazer: Oh, yes, absolutely. So they've got, obviously, a key role in broadband deployment, broadband policy, but also, they manage the federal airwaves for spectrum - so radio spectrum use as well. 

Dave Bittner: I see. So they have put out a request for comment on implementation of some of the broadband funding programs that have been established in the Infrastructure Investment and Jobs Act from the Biden administration. I know you and your colleagues at Akamai have some opinions on this and see this as an opportunity here. 

Lauren Van Wazer: Oh, absolutely. So what's fun for me is - being able to engage on this issue is really a marriage of my background in both broadband policy but also cybersecurity. It's really important that we work to get more broadband services out to those who need them, and that's both unserved and underserved populations. And it's really important that we're smart about how we do that. And right now we've got an unprecedented opportunity with these broadband funds to do just that. 

Dave Bittner: And how do you suppose this is going to play out? I mean, the folks who are keeping an eye on this - how do they suspect this rollout, the ability to take broadband to people who are underserved - what are the most likely ways that that's going to happen? 

Lauren Van Wazer: Well, first off, just from a quick process overview perspective, the NTIA is going to come up with some broad criteria for these broadband deployments, and that's why it was seeking public comment on the broadband infrastructure deployments. And then it will provide guidance to the states who will actually have the on-the-ground implementation in their respective states. So it's going to be both a federal process and ultimately a state-level process to help push these deployments out to where they need to be. So the NTIA is going to set broad criteria for these federal funds, and then the states are going to do some criteria and prioritizing on their end. And the states are actually going to be pushing that money out. 

Dave Bittner: And so what are some of the recommendations that you all have made here? 

Lauren Van Wazer: Yes. It's really important. I think the pandemic was very instructive in terms of accelerating services, online services. So more and more people need to have trust in those services. And so these broadband deployments really need to have cybersecurity baked in from the front end. And that sounds, you know, especially to your audience who's so savvy in cybersecurity, like, oh, wow, you know, this is just like what we say. Don't bolt on cybersecurity solutions. Imbue them into the DNA. But in the broadband infrastructure space and policy, that is new. Cybersecurity really hadn't been front and center. 

Lauren Van Wazer: And, you know, what the pandemic taught us was you've got to ensure there's a foundation for trust in these online services - if I'm doing banking, if I'm doing health care. And so we need to be thinking about cybersecurity from the front end, particularly with greenfield deployments. So people getting access to broadband services for the first time and wanting to encourage businesses to develop in those places really need access to baseline cybersecurity services. So that's how we've weighed in as Akamai in this formal proceeding. NTIA, please put these in on the front end. Think about these issues. It's becoming increasingly important with the types of services consumers are using online, like health care, banking, et cetera. It's really important that they be able to have a level of trust in their online experience. 

Dave Bittner: I think everyone would agree with that as an aspirational goal. Do you have any practical elements that you could share, actual examples of how something like this could be implemented? 

Lauren Van Wazer: Absolutely. So just traditionally in the broadband space, the FCC, NTIA looked at issues like just access - do I have access to the broadband pipe? - and also speed. What are the speeds that are available to me? And so this would be asking for best practices to be referenced in. You know, maybe it's this guidelines. Maybe it's other guidelines - so that, for example, anti-phishing and malware protection could be baked into the services that are deployed to people receiving broadband services for the first time. 

Dave Bittner: Yeah. I mean, that really is kind of a change in the way we approach this, right? I mean, I think most people have thought about those things and relied on, I don't know, downstream service provider. You know, if I have Gmail, I trust them to do my spam filtering and so on. But what we're advocating here is having more of those sorts of things really baked into the fundamental level of the network access. 

Lauren Van Wazer: Both, actually - fundamental level of network access, but also, you know, some of the broadband won't be for pipes themselves. Some of the funds will be for actual devices, et cetera. So it's thinking about making sure that the folks we're bringing online for the first time have access to those services. What we want is for businesses in rural places to be able to grow and develop access to the same level of digital experience and confidence in that digital experience as those in metropolitan areas. 

Dave Bittner: Has there been any pushback against this sort of notion? Are there providers or installers who say this is going to be, you know, a regulatory burden that they're not prepared to take on? 

Lauren Van Wazer: Well, there was generally support for our position. And the comments that were filed - just so folks know, these comments are public. The proceeding is public. So you can have access to all of those comments. So there's general support. I think, as with anything else, there's a tension between, you know, how prescriptive you are as a regulatory body and, you know, how much flexibility there is in terms of deployments on the ground. And so you want to have flexibility in terms of the actual technologies that are used to accommodate and tailor to local situations, but at the same time saying that - as NTIA is saying, that, you know, cybersecurity needs to be baked in from the front end is a big change from the way it's been done historically. So I think there is a balancing act. The way you're alluding to it is certainly the case. But it's important that we don't simply measure access to broadband as it's been done historically, as geographic access. You've got to have effective access to broadband. And so therefore, we've got to be smart about how we deploy these federal dollars. 

Dave Bittner: And what sort of timeline are we on from this point forward? When do you suppose we'll actually see communities seeing the benefits of this? 

Lauren Van Wazer: You know, I would hope soon. It's going to take some time. You know, when you have a public process like this, I would expect NTIA to be issuing guidelines in the spring. States need to come up with their individual plans. Obviously, they know the areas that they need to target - places where they don't have enough deployments now. And so I would expect, you know, maybe a year and a half to two years' timeline before - if I'm in a community that doesn't have broadband today, that I might possibly receive it. And I think part of it depends on the nature of the technology. Certainly, certain wireless technologies are much faster in terms of implementation than other types of technologies, you know, where you have to go dig and, you know, put fiber into the ground. And so I think, you know, the timeline also depends on the nature of the technologies that are deployed. 

Dave Bittner: Are we at the point where there's an issue with the fact that, as you mentioned, you know, a public process like this takes a certain amount of time, and yet the rate of change in technology is fast and always seems to be accelerating. Is it possible those two things get a little out of sync? 

Lauren Van Wazer: Well, you know, sometimes that happens, but I think because technology - and it's known that technology keeps evolving, that it's really important to have forward interoperability. So even if I were thinking - I mean, I've been in the broadband area - I hate to even say it - you know, we were talking 2G. And now we're talking, you know, beyond 5G. And so the key is ensuring that technologies are deployed in a forwardly interoperable way so that if I - if the technologies have changed, I can deploy the newest at the time that I'm doing the actual deployment. So I think it's important that the plans that the states develop have flexibility for that and that there is a general awareness of, you know, let's go this way because we can - you know, whatever generation of technology, we can deploy the next if we need to. So I think it's an important consideration to keep in mind, but it's something that isn't new to, you know, the proceeding we're in now. 

Dave Bittner: All right, Ben, what do you think? 

Ben Yelin: I have sort of a dull but, I think, interesting angle on this. 

Dave Bittner: Yeah? 

Ben Yelin: This is a really good time - if you have any interest in the rollout of broadband as part of the infrastructure bill - to get involved with the process that she talks about, with the NTIA forming these regulations. And that's something that's done through notice and comment. So they will - the NTIA will promulgate an initial recommendation, there will be this period for public comment, and the nature of it is that the only people who comment are either crazy old people with nothing else to do... 

(LAUGHTER) 

Ben Yelin: ...Who go onto the online federal register. 

Dave Bittner: People sitting at their public library, banging out angry comments - (laughter) I get the... 

Ben Yelin: It's basically get off my lawn. 

Dave Bittner: Yeah (laughter). 

Ben Yelin: I mean, if you go through a file of public comments, that ends up making, you know, depending on the regulation, a pretty good, you know, percentage of the comments. 

Dave Bittner: Right. 

Ben Yelin: Most of the other comments come from industry groups and people who have the type of resources who you can, you know, have the junior-level staffer looking at the Federal Register every day, trying to cull through regulations. 

Dave Bittner: Yeah. 

Ben Yelin: For smaller firms and organizations who don't have those resources, they just don't - you know, they don't get the notices, and they don't have the opportunity to comment. So I think what's great about, hopefully, this interview is that everybody is aware that this is happening right now, and if you want to, you know, make your voice heard, that's something - that's a really good way to do so. 

Dave Bittner: Yeah. 

Dave Bittner: All right. Well, again, our thanks to Lauren Van Wazer from Akamai for joining us. We do appreciate her taking the time. 

Dave Bittner: That is our show. We want to thank all of you for listening. The "Caveat" podcast is proudly produced in Maryland at the startup studios of DataTribe, where they're co-building the next generation of cybersecurity teams and technologies. Our senior producer is Jennifer Eiben. Our executive editor is Peter Kilpe. I'm Dave Bittner. 

Ben Yelin: And I'm Ben Yelin. 

Dave Bittner: Thanks for listening.

Caveat
Podcast Info
HOST(S):
Dave Bittner
Ben Yelin
Dave Bittner is a security podcast host and one of the founders at CyberWire. He's a creator, producer, videographer, actor, experimenter, and entrepreneur. He's had a long career in the worlds of television, journalism and media production, and is one of the pioneers of non-linear editing and digital storytelling.
Ben Yelin, JD, is the Program Director for Public Policy & External Affairs at the University of Maryland Center for Health and Homeland Security, where he consults public and private entities on homeland security, cybersecurity and emergency management policy. He is also an adjunct faculty member at the University of Maryland Francis King Carey School of Law, where he teaches courses on electronic surveillance and the Fourth Amendment.
Schedule: Wednesdays
Creator: CyberWire, Inc.
ADVERTISEMENT
Sponsored by Kolide
Sponsored by Kolide

Kolide sends employees important, timely, and relevant security recommendations for their Linux, Mac, and Windows devices, right inside Slack. Kolide is perfect for organizations that want to move beyond a traditional lock-down model. Learn more.