ITSPmagazine Podcasts

Are Laws Keeping Pace With Cyber Reality? | The History And Impact Of The Computer Fraud and Abuse Act (CFAA) On Society | A Conversation With Riana Pfefferkorn And Leonard Bailey

Episode Summary

As with most laws, the first question that comes to mind when technology is involved is: are they keeping pace with it? However, there is a fundamental follow-up question: how are these laws interpreted in relation to how new technologies shape business and society?

Episode Notes

As with most laws, the first question that comes to mind when technology is involved is: are they keeping pace with it? However, there is a fundamental follow-up question: how are these laws interpreted in relation to how new technologies shape business and society?

The Computer Fraud and Abuse Act (CFAA), enacted by the United States Congress in 1986, is one such law. A lot has changed since then:

• the technologies used in every aspect of our lives
• access to these same technologies used by criminals to commit cybercrime
• use of these technologies by ethical hackers to help organizations increase their cybersecurity posture
• the boundaries of the act being tested by cybercriminals, hackers, and the lawyers handling their cases

In today's episode, we take a journey into the past, present, and future of the CFAA, discussing a current case — Van Buren v United States — as the backdrop for the scenarios we want to vet out. As we try to understand the impact the CFAA will have on security/safety in society.

Are we enabling researchers (ethical hackers) to do what they do best... finding weaknesses in the ecosystem and supply chain? Or, does the act limits such activity from taking place legally — and, therefore, at all?

In this podcast, we ask ourselves those fundamental questions that will shape the application of the CFAA and how it can keep adapting to the way society has always been adapted to technology-driven changes. 

Who and what are we protecting ourselves from?

Have we put policies in place that mean well but could cause more harm than good?

What do cases related to the CFAA mean for the global researchers and bug bounty communities?

The points made by both of our guests will get you thinking about how well things will be protected in the future.

We are thinking, we would love for you to join us in this regrettably understated activity.

Put your cap on and hit play now. 

Guests
Leonard Bailey, Head of Cybersecurity Unit, U.S. Department of Justice, Computer Crime & Intellectual Property Section

Riana Pfefferkorn, Research Scholar, Stanford Internet Observatory at Stanford University (@Riana_Crypto on Twitter)

This Episode’s Sponsors:

BlackCloak: https://itspm.ag/itspbcweb

RSA Security: https://itspm.ag/itsprsaweb

Resources
DOJ Prosecuting Computer Crime Manual: https://www.justice.gov/sites/default/files/criminal-ccips/legacy/2015/01/14/ccmanual.pdf

Van Buren v United States Write-Up: https://www.eff.org/cases/van-buren-v-united-states

Disclose.io Voatz Response Letter: https://disclose.io/voatz-response-letter/

To see and hear more The Cyber Society content on ITSPmagazine, visit:
https://www.itspmagazine.com/the-cyber-society

Are you interested in sponsoring an ITSPmagazine Channel?
https://www.itspmagazine.com/podcast-series-sponsorships