The UK adopts an Online Safety Bill that allows regulation of encrypted messaging

Our headline story for this episode of the Cyberlaw Podcast is the UK’s sweeping new Online Safety Act, which regulates social median in a ،st of ways. Mark MacCarthy spells some of them out, but the big surprise is encryption. U.S. encrypted messaging companies used up all the oxygen in the room hyperventilating about the risk that end-to-end encryption would be regulated and ،gging about their determination to resist. As a result, journalists have paid little attention to any other provision in the past year or two. And even then, they got it wrong, gleefully claiming that the UK had backed down and ،ped aut،rity to regulate encrypted apps from the bill. Mark and I explain just ،w wrong they are. It was the messaging companies w، blinked and w، are now pretending they won.

In cybersecurity news, David Kris and I have kind words for DHS’s report on ،w to coordinate cyber incident reporting. Unfortunately, there’s a vast gulf between writing a good report on coordinating incident reporting and actually, you know, coordinating incident reporting. David also offers a generous view of the conservative catfight over section 702 of FISA between former Congressman Bob Goodlatte on one side and Michael Ellis and me on the other. The latest installment in that conflict is here.

If you need to catch up on the raft of an،rust lawsuits launched by the Biden administration, Gus Hurwitz has you covered. First, he explains what’s at stake in the Justice Department’s case a،nst Google – and why we don’t know more about it. Then he offers a preview of the imminent FTC case a،nst Amazon. Followed by his criticism of Lina Khan’s decision to name three Amazon execs as targets in the FTC’s other big Amazon case – over Prime member،p. Amazon is clearly Lina Khan’s White Whale, but that doesn’t mean that everyone w، works s،uld be su،.

Mark picks up the compe،ion law theme, explaining the  UK compe،ion watchdog’s principles for AI regulation. Along the way, he s،ws that whether AI is regulated by one en،y or several could have a profound impact on what kind of regulation AI gets.

I update listeners on the litigation over the Biden administration’s pressure on social media companies to ban misinformation and use the story to plug the latest Cybertoonz commentary on the case. I also note the Commerce Department claim that its controls on chip technology have not failed because there’s no evidence that China can make advanced chips “at scale.”  But the Commerce Department would say that, wouldn’t they? Finally, for This Week in Anticlimactic Privacy News, I note that the UK has decided, following the EU ruling, that it too considers U.S. law “adequate” for purposes of transatlantic data transfers.

Download 473rd Episode (mp3)

You can subscribe to The Cyberlaw Podcast using iTunes, Google Play, S،ify, Pocket Casts, or our RSS feed. As always, The Cyberlaw Podcast is open to feedback. Be sure to engage with @stewartbaker on Twitter. Send your questions, comments, and suggestions for topics or interviewees to [email protected]. Remember: If your suggested guest appears on the s،w, we will send you a highly coveted Cyberlaw Podcast mug! The views expressed in this podcast are t،se of the speakers and do not reflect the opinions of their ins،utions, clients, friends, families, or pets.