Cyber Week in Review: September 11, 2015

Here is a quick round-up of this week’s technology headlines and related stories you may have missed:

• The U.S. Federal Court of Appeals for the Second Circuit heard oral arguments in the Microsoft-Ireland data case on Wednesday. Microsoft argued that the court should block a warrant approved by lower courts that compel the software giant to turn over e-mails stored on an Irish server. The U.S. Department of Justice is seeking the e-mails to investigate a drug case. Microsoft’s lawyers argued that acceding to the U.S. government’s request would open the door for other countries to use their companies to obtain Americans’ personal data. Government lawyers countered that the location of the data was largely irrelevant and U.S. law could compel the disclosure of data that Microsoft controlled. One of the judges on the three-panel court lamented that Congress should have done it’s job and clarified the 1980s-era statute that is at issue in the case. Jennifer Daskal over at Just Security argues that whatever the court decides, there are no good outcomes. Orin Kerr thinks that the case is overhyped and that there are two simple fixes: Microsoft could change its legal structure and Congress could pass the LEADS Act. Finally, Andrew Woods at Lawfare argues that the sky won’t come crashing down if Microsoft loses. 
• The New York Times reports that the Department of Justice obtained a court order compelling Apple to turn over communications that took place over iMessage between two suspects. According to the Times, Apple argued it couldn’t comply with the order given that the messages the government sought were encrypted. If true--Apple denied to confirm the account--it would represent one of the few public cases that exemplify law enforcement’s concerns about going dark. In a somewhat related Apple development, Russian newspaper Kommersant reports that the Cupertino company has agreed to store iCloud data in Russia for Russian users to comply with a Russian data localization law that came into force last week.
• If you’ve ever wanted to know how the U.S. government decides which computer security vulnerabilities it will disclose to vendors and which it will keep for offensive purposes, here’s a peek into the process. Following a freedom of information act request, the EFF obtained a heavily redacted copy of the Obama administration’s vulnerabilities equities policy and process that outlines which vulnerabilities it will stockpile and which it will disclose.
• Security pioneer and McAfee Security founder John McAfee announced Tuesday that he intends to run for president as a member of the “Cyber Party.” McAfee said the perceived technological illiteracy of current elected officials compelled him to throw his hat in the ring. In a video introducing his campaign, the self-described “eccentric millionaire” struck a libertarian tone, criticizing government intrusion in citizens’ lives and quoting from the Declaration of Independence. As TechCrunch points out, McAfee is “fresh off a DUI and gun possession arrest” (although those might be the most straightforward incidents McAfee’s been involved in the past few years). His bid is a long shot, to say the least. His concerns about government surveillance mirror those of Rand Paul, and he’s been struggling to gain traction with the Republican base despite having more name recognition.