Hello What's Next readers! This week, I'm bringing you a look ahead at drone regulation, the latest on litigation over crypto, and insight into a legal battle involving major tech firms over the Stored Communications Act – no, not that one. Plus, a sneak peek of my upcoming podcast all about hacking and the law.

News tips? Nominations for the next “Dose of Dystopia”? Reach me at [email protected] or tweet to me @benghancock.

➤➤ Want to receive What's Next straight to your inbox? Sign up here

.

|

Watch This Space: Unidentified Flying Objects

The Federal Aviation Administration's Unmanned Aerial Systems (UAS) Symposium kicked off in Baltimore today, and one of the major questions hovering over the event is: When will the agency move forward with a rule allowing authorities to remotely identify a drone's pilot?

The so-called “remote ID” rule is seen by lawyers who follow this space as a critical first step to more permissive regulations for commercial drone flights down the road. That's because law enforcement and national security officials want to be able to know who's operating all those quadcopters before the FAA green-lights drone flights over people and beyond visual line of sight — things that are generally prohibited by current FAA regulations.

“The FAA is not going to create future rules for expanded operation of drones until the remote identification framework is in place,” Brendan Schulman, vice president of policy and legal affairs at drone manufacturer DJI, told me. Schulman participated in an advisory group that last year gave FAA recommendations for how remote ID could work.

But in addition to the technical challenges facing the FAA, it's also confronting thorny policy and legal questions about what types of drones flown by hobbyists should be captured by the rule, and how to navigate the privacy fears expressed by journalists and others who might use drones for information-gathering. After losing a legal battle last year over the scope of its authority to regulate drones, the FAA now appears to be treading carefully.

Sara Baxenberg and Josh Turner of Wiley Rein (who I mentioned in a recent briefing about autonomous drone regulation) tell me they expect the FAA will move forward with its formal rulemaking process for remote ID in pretty short order, and that the agency might use the Baltimore symposium to at least shed some light on the approach it wants to take.

There was no big news Tuesday morning on this front, but there's a panel session Wednesday featuring the head of the FAA's UAS Integration Office focused squarely on the remote-ID issue. The FAA has done a pretty solid job of tweeting out what its officials are saying at the conference; follow #UAS2018if you're keen on getting updates.

>> Think Ahead: This could easily become a new front in the privacy-vs-security debate. It makes sense that the government wants to know who's flying, especially as the airspace becomes more crowded. But when does that start to impinge on the rights of drone pilots?

Protocol: Coinbase in the Crosshairs

Coinbase is one of the biggest cryptocurrency exchange out there, and now it appears to have a major target on its back. The company was hit with two proposed class actions in as many days last week. The first revolves around Bitcoin Cash, or BCH, and alleges that employees and other insiders got rich trading BCH based on early information that Coinbase would support transactions in the Bitcoin offshoot — to the detriment of other crypto investors.

My story about the case case drew a handful of messages from readers who wanted to know more. “I need to get in on this lawsuit,” one reader told me, asking for the attorneys' contact information. “Please. I lost a lot of money on this.” (Coinbase didn't respond to a request for comment. Here's the full complaint.)

David Silver, an investor attorney in Florida who focuses on crypto litigation, told me in an email he thinks the plaintiffs will probably get a very quick motion to compel arbitration. “I'd like to see [the plaintiffs] win,” he added, “as I have spoken to hundreds of potential clients with Coinbase accounts that aren't economically viable in arbitration.”

The second lawsuit is much different, and aims to represent plaintiffs who were emailed fractions of Bitcoin as far back as 2013. When they later went to open those emails — you know, when the value of Bitcoin was going absolutely nuts — the links were dead, the suit alleges. How does “unclaimed property” law apply to cryptocurrency? We shall see.

>> Takeaway: Crypto entrepreneurs have spent a fair amount of time figuring out out to navigate government regulation. Now, they're getting acquainted with the plaintiffs bar.

On the Radar: Privacy Settings

For Facebook, Instagram, and Twitter, “private” means private. At least, that's what lawyers for the social media giants argued before the California Supreme Court Tuesday morning. They contend that the Stored Communications Act bars them from turning over user posts marked private – even in a criminal case. It's a separate issue from the one now before the U.S. Supreme Court in the Microsoft Ireland case. But both involve the SCA, and raise gnarly legal questions.

The case centers on whether two criminal defendants indicted on murder and gang-related charges should be able to access to private social media postings by their alleged victims for evidence that might aid their defense. It's similar to another case taken up by the court earlier this year.

My colleague Ross Todd tuned into the livestream of the arguments at the California high court and said that both sides took some hits. “The criminal defense lawyer, Susan Kaplan, seemed to be frustrating the justices by largely sticking to her primary argument: Namely, that the Stored Communications Act is unconstitutional,” Ross told me. “The justices seemed hesitant” to go that far, he added; Chief Justice Tani Cantil-Sakauye noted no other court has done so.

“That said, the justices seemed equally troubled that the social media companies' lawyer, Joshua Lipshutz of Gibson, Dunn & Crutcher, insisted that even Facebook posts that are visible to all 2 billion Facebook users wouldn't be considered 'public' under the SCA,” Ross said.

>> Think Ahead: There's probably some middle ground here. But if user information within Facebook's walled garden is considered “public” under the law, could that open the door to other parties grabbing that information with web scrapers? Tell me your thoughts on this.

IRL: Hacking and the Blockchain

The next episode of “Unprecedented,” my podcast about technology and the law, is a conversation with hacker-turned-lawyer Alexander Urbelis of the Blackstone Law Group. In a far-ranging conversation, Alex talks with me about how he got involved with 2600: The Hacker Quarterly, later became a lawyer at the CIA and went on to Steptoe & Johnson, and how he applies his background in his legal practice. The episode will be up soon; subscribe to the podcast on Apple Podcasts or Google Play to make sure you get it.

One fascinating item from the conversation: Alex's firm has been tracking the registrations of blockchain-related domain names and will be putting out white paper on trends they've spotted. Look for more info on that in the future. And if you happen to be in Washington this week, you can also see Alex speak at Breaking the Blockchain on Friday. The event is focused on the security challenges facing Bitcoin, Ethereum, and other cryptocurrencies, as well as other proposed uses for blockchain technology such as secure voting.

That's it for this week. Keep plugged in with What's Next!

Correction: An earlier version of this news briefing sent to What's Next subscribers referenced the wrong criminal case before the California Supreme Court on Tuesday. The case argued Tuesday is Facebook et. al. v. Hunter et. al., not Facebook v. Touchstone.