Podcasts
Caveat
Ep 123
Caveat 4.28.22
Ep 123 | 4.28.22

A new executive order on cybersecurity.

Show Notes
Transcript

Lauren Van Wazer: It's really important that we work to get more broadband services out to those who need them, and that's both unserved and underserved populations. And right now, we've got an unprecedented opportunity with these broadband funds to do just that.

Dave Bittner: Hello, everyone, and welcome to "Caveat," the CyberWire's privacy, surveillance, law and policy podcast. I'm Dave Bittner, and joining me is my co-host, Ben Yelin from the University of Maryland Center for Health and Homeland Security. Hello, Ben. 

Ben Yelin: Hello, Dave. 

Dave Bittner: Today, Ben looks at content moderation in the EU. I've got the story of the White House limiting the DOD's offensive cyber operations. And later in the show, my conversation with Lauren Van Wazer from Akamai - we're going to be talking about the implications of the Biden administration's executive order on cybersecurity. While this show covers legal topics and Ben is a lawyer, the views expressed do not constitute legal advice. For official legal advice on any of the topics we cover, please contact your attorney. 

Dave Bittner: All right, Ben, we've got some good stories to share this week. Why don't you start things off for us here? 

Ben Yelin: So mine comes from Ryan Browne over at CNBC, and it's entitled "EU Agrees on Landmark Law Aimed at Forcing Big Tech Firms to Tackle Illegal Content." This is about a new digital regulation that was agreed to by officials in the European Union over this past weekend. And it would force our favorite tech giants - Google, Meta, Twitter and others - to better police illegal content on their platforms or else risk multibillion-dollar fines. It's something like 6% of their annual revenue, which is, you know, pretty significant. 

Dave Bittner: The Europeans really like to come at things with percentage of revenue fines, don't they? I mean, that was... 

Ben Yelin: Yes, they sure do. 

Dave Bittner: They baked in the GDPR (laughter). 

Ben Yelin: There are a lot of interesting parallels with GDPR here that I'm going to talk about. 

Dave Bittner: OK. 

Ben Yelin: I see this as sort of a - the ugly cousin of GDPR. 

Dave Bittner: (Laughter) OK. 

Ben Yelin: And I think it's going to be - the way it's going to carry out in the United States might be a little distinct than what we saw with GDPR, but there are a lot of similarities. 

Dave Bittner: OK. 

Ben Yelin: So first, what does this new regulation do? This would limit how digital giants target users with online advertisements. So the regulations would stop platforms from targeting users with algorithm, using data based on things like gender, race, religion - immutable characteristics. You won't be able to target children with targeted advertising. It would ban dark patterns. So any tactics designed to push people towards services and products that are not on the up and up are going to be banned as part of this regulation. And then, perhaps most controversially, tech companies are going to be required to institute procedures to take down illegal material, including things like hate speech, incitement to terrorism and child sexual abuse. I think that is going to be the most difficult thing for U.S. authorities and U.S. companies to grapple with. What we saw with GDPR is the EU put in these regulations, and the tech companies decided, if we're going to have to go through hoops to comply with these regulations for our European user base, we might as well just institute these as general practices. So back in 2018, 2019, we all got emails saying our terms of service have changed to comply with the GDPR. 

Dave Bittner: Right. 

Ben Yelin: I probably got hundreds of those emails. 

Dave Bittner: (Laughter). 

Ben Yelin: I think it was easier for the tech companies to just say, let's comply with these regulations and not have two separate regulatory regimes in the United States and in the European Union. 

Dave Bittner: Right. 

Ben Yelin: When we're talking about things like censoring illegal material, things like hate speech and incitement to terrorism, I think our values in the United States and our legal system makes it a little more difficult to apply that provision within the United States. I think we have more of a culture that prizes the marketplace of ideas, controversial opinions, and categorizing certain things as hate speech might be more offensive to the U.S. user base than it would be to our European counterparts. And so this might be something where if we were to just adopt these new digital service regulations in the United States, there might be an uproar that these terms are censoring too much particularly political content. And I think it's really interesting that this regulation was agreed to the same general period that Elon Musk purchased Twitter. 

Dave Bittner: OK. 

Ben Yelin: I know. I'm going to get there - drawing the connection.  

Dave Bittner: I'm waiting for you to connect those dots, but (laughter)... 

Ben Yelin: So his big objection to Twitter, seemingly - and I frankly don't exactly understand why he's purchasing it and what his goals are. 

Dave Bittner: Right. 

Ben Yelin: But he's talked about wanting to foster a platform that is absolutist in its stance on free speech. And he is, I think, against excessive content moderation, particularly things like shadow-banning people based on their political ideology. 

Dave Bittner: OK. 

Ben Yelin: And I think that kind of goes against the spirit of what this Digital Services Act in the European Union would be doing to entities like Twitter, where they would actually be moderating more content. So I think we're going to see this clash of values. This regulation - and I think particularly people on the left side of the political spectrum in the United States think that there's too much hate speech, too much incitement to terrorism, that big social media platforms played a large role, for example, in the January 6 events, and that we need stricter content moderation to make these platforms more tolerable to keep everybody safe. The other side of the ledger, represented by people like Elon Musk, is that we need to have reasonable content moderation that fosters the greatest exchange of ideas, that fosters the greatest extent of free speech as humanly possible. I'm not sure if the Elon Musk vision is achievable in practice. What's going to happen is if you don't do enough content moderation, your site is going to be overrun with bots and neo-Nazis and other undesirable people. 

Dave Bittner: Right. I mean, that's the way it's played out. We've been through this before, right? 

Ben Yelin: Right. 

Dave Bittner: So is this a fool's errand to think - is it just rhetoric to say, I'm coming in, and I'm going to be the one who supports free speech? Because it seems like every time that happens, you know, folks come in and they say that, and then the reality sets in, and they're like, well, actually, you know what? This isn't going to be a viable commercial entity if we just let everybody out here with their megaphones shout at each other. 

Ben Yelin: Right. So I - this is what I wonder about the whole Elon Musk thing. 

Dave Bittner: Yeah. 

Ben Yelin: Is he doing this because he thinks he can make Twitter profitable and he thinks that there would be a better business model in being more open to different types of speech, including some speech that would have been curtailed under the previous Twitter regime? 

Dave Bittner: OK. 

Ben Yelin: Or is he doing this as some sort of ideological play, where he's actually willing to lose money, but believes so strongly in the idea of an unregulated platform or a platform where content moderation is extremely minimal and is limited to direct threats of violence, things like that? And I think there are certain things that - certain actions he could take, one of them being letting President Trump back on Twitter and then a couple of the other famous, notorious accounts that have been permanently banned on Twitter, letting those back. It would be a signal that he's really doing this for ideological purposes, even if it would not be a viable business model. And unlike the other 7 billion people in the world, it might not be that big (laughter) of a deal to him to lose billions of dollars if this is an ideological project that he cares about. So I just thought... 

Dave Bittner: (Laughter) In the meantime, ruins Twitter for the rest of us (laughter). 

Ben Yelin: Well, that's certainly my worry. I mean... 

Dave Bittner: Although, I suppose some people could say, finally allows Twitter to realize its great potential, right? 

Ben Yelin: And that seems to be the view of even people like Jack Dorsey, who tweeted yesterday as we were recording this. We're going to let Twitter flourish. Twitter is going to take off to the stars. It's going to be this free speech platform. We are absolutist in our position on free speech. I think what we see in this European Union law is the countervailing force is unfettered free speech leads to hate speech, incitements to violence, and various forms of deranged, psychotic, pornographic material. And so I think we're starting kind of a - it's not yet a hot war. It's more like a cold war of opposing sides on the content moderation divide between the Elon Musks of the world, who think that we're moderating content too much, and entities like the European Union, who has really taken the lead in fighting big-tech companies in trying to prevent these services from being detrimental to society writ large. So I just thought that was a really interesting juxtaposition and that it happened kind of around the same time. 

Dave Bittner: Yeah. I think another aspect of this that fascinates me, just with the whole Elon Musk buying Twitter thing, is just that we are at this place where we have this billionaire class who can buy things up this way and so... 

Ben Yelin: As a vanity project. 

Dave Bittner: Right. And so you look at Jeff Bezos buying The Washington Post... 

Ben Yelin: Yeah. 

Dave Bittner: ...And you have Elon Musk buying Twitter. So you have this, you know, small number of people who have a large amount of control over many of the primary ways in which information is distributed today. It's not like it used to be. You know, owning a newspaper is not, you know, you can't compare owning a newspaper to owning Facebook or Twitter or, you know, it's just different - another - it's another level of magnitude, of reach, I suppose, is a good way to say it. 

Dave Bittner: Now, in fairness, it's not like Twitter was a company. It was like a co-op that you'd see in Park Slope in Brooklyn, owned by its users. I mean, it was a publicly traded company. 

Dave Bittner: Right. 

Ben Yelin: But it still had a top-down structure. And some of the major investors were eccentric billionaires. Certainly somebody like Mark Zuckerberg controlling Facebook is another example of a billionaire with a lot of decision-making power. I think what some of the Elon Musk boosters are saying now that he's bought Twitter is we're just transferring control from a billionaire class that doesn't believe in free speech to a billionaire class that does believe in free speech. So the constant is having an eccentric billionaire at the head of the company. 

Dave Bittner: Right. 

Ben Yelin: Now, we have someone that's supportive of free speech. The broader thing that I think you're bringing up is, is it good at all to have billionaires be in control of the main arteries of communication? People who have... 

Dave Bittner: Globally. 

Ben Yelin: Yeah. 

Dave Bittner: Yeah. 

Ben Yelin: People who might, frankly, have their own parochial interests. And that's true at any side of the ideological spectrum, whether it's Bezos at The Washington Post promoting his own business interests in Amazon and Whole Foods, or if it's Elon Musk and his ideology maybe making its way into some of the content moderation decisions he and his people are going to make at Twitter. I don't think that's particularly healthy. I don't know what the solution is. So the thought is maybe we do what Justice Thomas has argued in a recent Supreme Court dissent, that we start to look at these entities like common carriers, and we allow for increased federal regulation on these sort of content moderation practices. That itself is extremely problematic in a number of ways, so I think... 

Dave Bittner: That pesky First Amendment, right? (Laughter). 

Ben Yelin: I know. Really, we're at a position where - I'm not sure this is exactly the right term, but these companies are too big to fail. 

Dave Bittner: Yeah. 

Ben Yelin: We need to make them as successful as possible. 

Dave Bittner: Too big to fail or too big to be the playthings of individuals? 

Ben Yelin: Right. Too big to be vanity projects of people who think that they have a brilliant idea of how to reinvent the wheel. I guess the question is, is this going to be like Tesla, or is this going to be like one of those weird hyperloop tunnel projects that's gone nowhere? And I guess that remains to be seen. 

Dave Bittner: Well, or these guys with their spaceships, right? 

Ben Yelin: Right. 

Dave Bittner: I mean, you know, they're - let's go into low-Earth orbit together. Yay. Wee. So, you know, I mean, like, I suppose - look. Wealthy people can spend their wealth on whatever they want. 

Ben Yelin: Apparently, yeah. 

Dave Bittner: But I guess it gives me pause when you see public policy enable the - this amount of accumulation of wealth. That - I have a problem with that. I have no problem with rich people. But when it gets to this point, I think perhaps we've got a public policy failure here. That's - and that's - I'll get off my soapbox now (laughter). 

Ben Yelin: Yeah. I mean... 

Dave Bittner: I know that's not necessarily a popular opinion, but I submit it's bearing out that this can be problematic. 

Ben Yelin: Let me just state for the record to our new Twitter overlords, I don't agree with Dave Bittner. 

Dave Bittner: (Laughter). 

Ben Yelin: Do not kick me off your platform. 

Dave Bittner: I see. OK. 

Ben Yelin: I love our eccentric billionaires, our geniuses. 

Dave Bittner: This is how it's going to go. This is how it's going to play out, huh, Ben? 

Ben Yelin: I think so. I mean... 

Dave Bittner: So Twitter's more important to you than me. I understand. OK. I just - I know where I stand now. It's fine. 

Ben Yelin: If you happen to see me complimenting SpaceX on my Twitter profile, then, you know, you might have an idea of what I'm up to. 

Dave Bittner: All right. Fair enough. Fair enough. All right. We'll have a link to that story in the show notes. My story this week, this comes from The Wall Street Journal. It's actually an opinion piece written by Jacquelyn Schneider. She is a fellow at the Hoover Institution. And this is - it's titled "The Biden White House's Cyberwarfare Power Grab." And it's interesting to me from a couple of perspectives. 

Dave Bittner: So first, let me unpack what - the case that she's making here is that back during the Obama administration, President Obama had a policy directive which kind of centralized the interagency review process for offensive cyber operations. OK. So offensive cyber operations are when our Department of Defense, our intelligence community, rather than being reactive, they are proactive. And they go and do things in the cyber realm that they - our national defense or strategic interests, and they go out and do them. Evidently, during the Obama Obama administration, the systems that they put in place were, by some accounts, it took a lot of effort to get things through - right? - interagency review process. 

Ben Yelin: Bureaucratic squabbles. Yeah. 

Dave Bittner: Yes, all of that kind of stuff. So when President Trump took the reins, evidently he streamlined this, and he had National Security Presidential Memorandum 13, which, according to this piece, is classified. But public statements say that it allowed the folks in the Department of Defense to conduct what they call time-sensitive, offensive cyber operations by sidestepping this interagency approval process. 

Ben Yelin: Right. 

Dave Bittner: So if they needed to, they could go and do the things they needed to do without having to go through all of this rigamarole. Now, with President Biden in office, evidently he is looking to roll back to the way things were during the Obama administration, slowing things down again. I'm curious what your take on this is, Ben, because on the one hand I have to wonder, you know, to what degree is this just sort of partisan stuff, where Obama had one way of doing things, Trump came in and changed it, Biden's going to change it back to the way that Obama had it just because he can, or is there actually a legitimate policy reason that the Biden administration could see to slow this down? Could they perhaps think - the things that they know that we don't know, because a lot of the stuff is classified - is it possible that they've looked at this and said, yeah, you know what? Perhaps things were happening a little too fast. 

Ben Yelin: I think this is more of an ideological difference of views than a partisan one. I mean, I think, generally, Democratic administrations - and this isn't just true as it relates to defense policy - wants more layers of interagency oversight over everything. So there's going to be a more centralized, bureaucratic review of all federal regulations, for example. In Republican administrations, particularly as it relates to the Department of Defense and military operations, you don't want all of these additional bureaucratic hurdles, and you want to give more authority to people to take action when necessary. I mean, this is kind of George W. Bush war on terror mentality. We don't want to hamstrung our defense apparatus, our generals who are on the ground to understand these operations. We don't want them to be hamstrung by a burdensome review process. I'm not sure that either side in this dispute is necessarily right or wrong. I think it's just a different approach to cyber operations. What this author is saying, the author of this op-ed, is the Trump policy gives the Pentagon free rein to conduct whatever cyber operations it deems useful, and that's problematic. But what she's saying is, in the time that that regulation has been in place, there's not that much evidence that the U.S. is engaging in all kinds of offensive cyber operations. It's not the case that the Defense Department is acting brashly or out of turn and getting us wrapped up in cyber conflict. And in fact, that's just not how cyber conflict has played out over the past several years. It hasn't been used as an offensive weapon in a way that would cause more kinetic military activities. 

Dave Bittner: Right. 

Ben Yelin: It's been used for... 

Dave Bittner: It hasn't led to escalation. 

Ben Yelin: Right. 

Dave Bittner: Yeah. 

Ben Yelin: It's been used for things like surveillance, espionage, creating a general fog, social media trolling, hacktivism. And I think for that reason, this author might say, we don't need to be as worried about the Pentagon taking these actions without any oversight. What I might say is, because this is not necessarily a purely Defense Department operation, this isn't something that's wholly a military operation, maybe we do want review from other agencies that have different expertise. So whether that's an entity like CISA, whether that's the State Department, who understands how these things work diplomatically, or just people who have technical expertise - I mean, it might be useful as long as this is not solely a military operation. If we're doing things for the purpose of espionage, for the purpose of intelligence gathering, maybe it's better that other entities besides the Department of Defense get involved. But that's just my view. 

Dave Bittner: Yeah. No, it's an interesting point. I mean, as you say, Ms. Schneider, who wrote this piece, points out that cyberspace isn't necessarily the Wild West anymore, that we're seem to be settling into this mode where there are norms that are being developed. And I think a lot of the fears that people had - you know, look at the invasion of Ukraine. You know, we thought that perhaps the lights would be turned off or... 

Ben Yelin: Right. 

Dave Bittner: ...We wouldn't be able to pump our gas or, you know, all sorts of critical infrastructure things might happen. And they haven't. It hasn't played out that way - doesn't mean it couldn't in the future. 

Ben Yelin: Right. 

Dave Bittner: But so far, this is where we seem to be. So yeah, interesting. I think it's a good point she makes here. It is kind of wonky, I guess (laughter). It's sort of a subtle thing. You know, the back-and-forth between administrations kinds of - I guess that part fascinates me. The, you know, well, you did this, and I did this, and we're going to do this and, you know... 

Ben Yelin: And trust me, this is not even close to the most extreme example of how these things work. 

Dave Bittner: Yeah. 

Ben Yelin: I mean, my favorite example is the House of Representatives cafeteria. 

Dave Bittner: (Laughter) Go on. 

Ben Yelin: And I - this is going to sound fascinating, but in 2007, the Democrats took control of Congress. Speaker Pelosi came in and had this whole Green the Capitol initiative. 

Dave Bittner: OK. 

Ben Yelin: So all of the dishware in the House cafeteria was biodegradable. It was environmentally friendly. Then Republicans took over the House in 2011, and Styrofoam came back. 

Dave Bittner: Oh, interesting (laughter). 

Ben Yelin: We got Styrofoam - day one. 

Dave Bittner: Right (laughter). 

Ben Yelin: 2019 - Speaker Pelosi comes back into power, and the biodegradable cups made their return to the House cafeterias. 

Dave Bittner: Right, right. 

Ben Yelin: So it can get a lot more petty than defense policies. I mean, even something like the Mexico City policy, which is whether we provide foreign aid to organizations that promote abortions overseas, that's something that when every new administration comes in on the first day, they reverse the previous administration's policy if they disagreed with it. 

Dave Bittner: Right. 

Ben Yelin: So Republican administrations come in and reinstitute the Mexico City policy. Democratic administrations come in, and they rescind it. 

Dave Bittner: Right (laughter). 

Ben Yelin: So this is just part of the back-and-forth of politics. 

Dave Bittner: Yeah. 

Ben Yelin: There's no point in gaining power if you're not going to put your ideological stamp on everything you do... 

Dave Bittner: Yeah. 

Ben Yelin: ...Whether that's cyber-espionage or the House cafeteria dishware. 

Dave Bittner: Yeah. I mean, I'm thinking of when President Reagan came in and tore the solar panels off... 

Ben Yelin: Yeah. Solar panels are gone. 

Dave Bittner: ...The White House. (Laughter) Right. So the House cafeteria, soon you'll be able to order yourself a baby seal burger, right (laughter)? 

Ben Yelin: Right. If the Republicans win this fall, Styrofoam is coming back... 

Dave Bittner: (Laughter) Right. 

Ben Yelin: ...And we'll just put those biodegradable cups on the shelf until the next time the Democrats take power. 

Dave Bittner: Yes. Petty differences at the highest level, right? All right. Well, that is my story this week. We'll have a link to that in the show notes. Again, that's from The Wall Street Journal, written by Jacquelyn G. Schneider. 

Dave Bittner: All right, Ben, I recently had the pleasure of speaking with Lauren Van Wazer. She is from Akamai. And we were talking about some of the implications of the Biden administration's executive order on cybersecurity. Here's my conversation with Lauren Van Wazer. 

Lauren Van Wazer: So the National Telecommunications and Information Administration is the agency that advises the president on telecommunications, internet and broadband policy writ large. It sits in the Department of Commerce, so it's an agency contained within the Department of Commerce. 

Dave Bittner: And this is an advisory organization? Do they have any regulatory function there? 

Lauren Van Wazer: Oh, yes, absolutely. So they've got, obviously, a key role in broadband deployment, broadband policy, but also they manage the federal airwaves for Spectrum, so radio Spectrum use as well. 

Dave Bittner: So they have put out a request for comment on implementation of some of the broadband funding programs that have been established in the Infrastructure Investment and Jobs Act from the Biden administration. I know you and your colleagues at Akamai have some opinions on this and see this as an opportunity here. 

Lauren Van Wazer: Oh, absolutely. So what's fun for me is being able to engage on this issue is really a marriage of my background in both broadband policy, but also cybersecurity. It's really important that we work to get more broadband services out to those who need them, and that's both unserved and underserved populations. And it's really important that we're smart about how we do that. And right now, we've got an unprecedented opportunity with these broadband funds to do just that. 

Dave Bittner: And how do you suppose this is going to play out? I mean, the folks who are keeping an eye on this, how do they suspect this rollout, the ability to take broadband to people who are underserved? What are the most likely ways that that's going to happen? 

Lauren Van Wazer: Well, first off, just from a quick process overview perspective, the NTIA is going to come up with some broad criteria for these broadband deployments, and that's why it was seeking public comment on the broadband infrastructure deployments. And then it will provide guidance to the states who will actually have the on-the-ground implementation in their respective states. And so it's going to be both a federal process and ultimately a state-level process to help push these deployments out to where they need to be. So the NTIA is going to set broad criteria for these federal funds. And then the states are going to do some criteria and prioritizing on their end. And the states are actually going to be pushing that money out. 

Dave Bittner: And so what are some of the recommendations that you all have made here? 

Lauren Van Wazer: It's really important. I think the pandemic was very instructive in terms of accelerating services, online services. So more and more people need to have trust in those services. And so these broadband deployments really need to have cybersecurity baked in from the front end. And that sounds, you know, especially to your audience who's so savvy on cybersecurity, like, oh, wow, you know, this is just like what we say. Don't bolt on cybersecurity solutions, imbue them into the DNA. But in the broadband infrastructure space and policy, that is new. Cybersecurity really hadn't been front and center. And, you know, what the pandemic taught us was you've got to ensure there's a foundation for trust on these online services if I'm doing banking, if I'm doing health care. 

Lauren Van Wazer: And so we need to be thinking about cybersecurity from the front end, particularly with greenfield deployments, you know, people getting access to broadband services for the first time and wanting to encourage businesses to develop. And those places really need access to baseline cybersecurity services. So that's how we've weighed in as Akamai in this formal proceeding. NTIA, please put these in on the front end. Think about these issues. It's becoming increasingly important with the types of services consumers are using online like health care, banking, et cetera. It's really important that they be able to have a level of trust in their online experience. 

Dave Bittner: I think everyone would agree with that as an aspirational goal. Do you have any practical elements that you could share, actual examples of how something like this could be implemented? 

Lauren Van Wazer: Absolutely. So just traditionally in the broadband space, the FCC and NTIA looked at issues like just access. Do I have access to the broadband pipe? And also speed. What are the speeds that are available to me? And so this would be asking for best practices to be referenced in. You know, maybe it's NIST guidelines. Maybe it's other guidelines. So that, for example, anti-phishing and malware protection could be baked into the services that are deployed to people receiving broadband services for the first time. 

Dave Bittner: Yeah. I mean, that really is a kind of a change in the way we approach this, right? I mean, I think most people have thought about those things and relied on - I don't know - downstream service provider. You know, I if I have Gmail, I trust them to do my spam filtering and so on. But what we're advocating here is having more of those sorts of things really baked into the fundamental level of the network access. 

Lauren Van Wazer: Both, actually - fundamental level of network access, but also, you know, some of the broadband won't be for pipes themselves. Some of the funds will be for actual devices, et cetera. So it's thinking about making sure that the folks we're bringing online for the first time have access to those services. I mean, what we want is for businesses and rural places to be able to grow and develop with access to the same level of digital experience and confidence in that digital experience as those in metropolitan areas. 

Dave Bittner: Has there been any pushback against this sort of notion? Are there providers or installers who say this is going to be a regulatory burden that they're not prepared to take on? 

Lauren Van Wazer: Well, there was generally support for our position in the comments that were filed. Just so folks know, these comments are public. The proceeding is public. So you can have access to all of those comments. So there's there's general support. I think, as with anything else, there's a tension between you know, how prescriptive you are as a regulatory body and, you know, how much flexibility there is in terms of deployments on the ground. And so you want to have flexibility in terms of the actual technologies that are used to accommodate and tailor to local situations, but at the same time saying that - as NTIA is saying, that, you know, cybersecurity needs to be baked in from the front end is a big change from the way it's been done historically. So I think there is a balancing act. The way you're alluding to it is certainly the case, but it's important that we don't simply measure access to broadband as it's been done historically - as geographic access. You've got to have effective access to broadband, and so therefore we've got to be smart about how we deploy these federal dollars. 

Dave Bittner: And what sort of timeline are we on from this point forward? When do you suppose we'll actually see communities seeing the benefits of this? 

Lauren Van Wazer: Well, it's interesting. I mean, you know, I would hope soon. It's going to take some time. You know, when you have a public process like this, I would expect NTIA to be issuing guidelines in the spring. States need to come up with their individual plans. Obviously, they know the areas that they need to target - places where they don't have enough deployments now - and so I would expect, you know, maybe a year and a half to two years' timeline before - if I'm in a community that doesn't have broadband today, that I might possibly receive it. And I think part of it depends on the nature of the technology. Certainly, certain wireless technologies are much faster in terms of implementation than other types of technologies, you know, where you have to go dig and, you know, put fiber into the ground. And so I think, you know, the timeline also depends on the nature of the technologies that are deployed. 

Dave Bittner: Are we at the point where there's an issue with the fact that - as you mentioned, you know, a public process like this takes a certain amount of time, and yet the rate of change in technology is fast and always seems to be accelerating. Is it possible those two things get a little out of sync? 

Lauren Van Wazer: Well, you know, sometimes that happens, but I think, because technology - and it's, you know, known that technology keeps evolving - that it's really important to have forward interoperability. So even if I were thinking - I mean, I've been in the broadband area for - I hate to even say it - you know, we were talking 2G, and now we're talking, you know, beyond 5G. And so the key is ensuring that technologies are deployed in a forwardly interoperable way so that if I - if the technologies have changed, I can deploy the newest at the time that I'm doing the actual deployment. So I think it's important that the plans that the states develop have flexibility for that, and that there is a general awareness of let's go this way because we can - whatever generation of technology, we can deploy the next if we need to. So I think it's an important consideration to keep in mind, but it's something that isn't new to, you know, the preceding we're in now. 

Dave Bittner: All right, Ben, what do you think? 

Ben Yelin: First of all, we need to crown the Dave Bittner proposal and the cybersecurity executive order for the NTSB cyberincident review. That's something that you've been pushing for for years. 

Dave Bittner: (Laughter). 

Ben Yelin: The fact that she's mentioned it just really jumped off the page to me. I think you need to get more credit here. 

Dave Bittner: OK. Yes. Yes. I'm quietly pulling the levers and turning the dials right now (laughter)... 

Ben Yelin: Yeah, you really controlled... 

Dave Bittner: ...Behind the scenes. 

Ben Yelin: ...The strings on cyber policy. 

Dave Bittner: Mmm hmm. Yes, well... 

Ben Yelin: So congratulations on that. 

Dave Bittner: ...Thank you very much. Thank you. 

Ben Yelin: It's a really interesting interview. I mean, I think, earlier in this episode, we talked about how the EU has taken the lead on things like data privacy, regulating content on social media, but the U.S. has really taken a lead on some of the things that are embedded in the cybersecurity executive order - governance issues, reporting requirements - so it's kind of good to see that we're taking the lead in one realm here. 

Dave Bittner: Yeah, absolutely. All right. Well, our thanks to Lauren Van Wazer for joining us. We do appreciate her taking the time. 

Dave Bittner: And that is our show. We want to thank all of you for listening. The "Caveat" podcast is proudly produced in Maryland at the startup studios of DataTribe, where they're co-building the next generation of cybersecurity teams and technologies. Our senior producer is Jennifer Eiben. Our executive editor is Peter Kilpe. I'm Dave Bittner. 

Ben Yelin: And I'm Ben Yelin. 

Dave Bittner: Thanks for listening.

Caveat
Podcast Info
HOST(S):
Dave Bittner
Ben Yelin
Dave Bittner is a security podcast host and one of the founders at CyberWire. He's a creator, producer, videographer, actor, experimenter, and entrepreneur. He's had a long career in the worlds of television, journalism and media production, and is one of the pioneers of non-linear editing and digital storytelling.
Ben Yelin, JD, is the Program Director for Public Policy & External Affairs at the University of Maryland Center for Health and Homeland Security, where he consults public and private entities on homeland security, cybersecurity and emergency management policy. He is also an adjunct faculty member at the University of Maryland Francis King Carey School of Law, where he teaches courses on electronic surveillance and the Fourth Amendment.
Schedule: Wednesdays
Creator: CyberWire, Inc.
ADVERTISEMENT
Sponsored by Kolide
Sponsored by Kolide

Kolide sends employees important, timely, and relevant security recommendations for their Linux, Mac, and Windows devices, right inside Slack. Kolide is perfect for organizations that want to move beyond a traditional lock-down model. Learn more.