Cryptos Want Direct Access To Worthless Thing They Wish To Destroy

As we’ve discussed here, in order to disrupt and destroy the oppressive system of fiat money and other old-fashioned stores of value, such as gold, cryptocurrencies need a hell of a lot of the stuff they seek to replace. And to expedite their revolution, it would be awfully convenient if they could have direct, ready access to it as quickly and seamlessly as possible.

Fourth Circuit Airs Its Dirty Laundry In Public, And I, For One, Am Here For It

Earlier this week, the Fourth Circuit denied an en banc hearing in Jane Doe v. Fairfax County School Board. That’s… probably not something that would *normally* garner much attention, but, well here we are. In the case, the full court held in a 9-6 decision it would not to reconsider its decision that plaintiff, a student who sued their school board after being sexually assaulted, should get a new trial after the court found the jury used the wrong standard in determining the school’s knowledge of the assault.

In a concurring opinion, Judge James Wynn decided to call out his colleagues that opted to write dissents in the case. He wrote that there are “serious drawbacks” to his colleagues’ “advisory opinions that read like editorials.” He went on:

“To the extent some ‘members of the Supreme Court’ have indicated ‘they find the[se] dissents useful in deciding whether to take cases on certiorari,’ … this appears to extend an invitation for individual judges to freely submit advisory opinions to the Supreme Court,” Wynn wrote in a concurring opinion attached to the order denying en banc review, adding that such dissents provide “one judge’s blueprint for how the favored party ought to frame the case before the Supreme Court.”

And Marin Levy, a law professor at Duke Law School, told Law.com, these dissents impact court legitimacy by airing out the court’s “dirty laundry”:

“From a legitimacy perspective, the concern is that these dissents can read as the court airing out its dirty laundry. And from a substantive perspective, the concern is that there are now advisory opinions—with no force of law—that might muddy the legal waters,” she said. “Because the court of appeals has voted not to rehear the case, the opinion of the original panel stands. As such, a dissenting opinion from the denial to rehear the case amounts to the view of one, or more, judges about what the holding should have been, but that interpretation of law is nonbinding. It is not the law of the circuit.”

I don’t want to spoil it for Professor Levy, but the entire Federal judiciary is kinda experiencing a crisis of legitimacy right now. Maybe my outrage-o-meter has been recalibrated with ever more constitutional freedoms now on the chopping block, but I just can’t get too worked up over this one. Yes, the dissenters, Republican-appointed jurists J. Harvie Wilkinson and Paul Niemeyer, are basically asking the right-leaning Supreme Court to review the case. But honestly none of that is particularly surprising given the abject politicization of the judiciary.

Judge Wynn’s calling out of his colleagues? Now, that is noteworthy. And I’m here for it anytime a federal judge wants to point fingers.


Kathryn Rubino is a Senior Editor at Above the Law, host of The Jabot podcast, and co-host of Thinking Like A Lawyer. AtL tipsters are the best, so please connect with her. Feel free to email her with any tips, questions, or comments and follow her on Twitter (@Kathryn1).

South Dakota’s Actual Law Enforcement Peeved With AG’s Slap On The Wrist

As a general rule, cops always want defendants punished far more harshly than what courts are willing to go… or what basic prudence demands. So it’s always taken with a grain of salt when police issue statements lambasting some reasonably lenient sentence. But the South Dakota Department of Public Safety just wrote a letter to the state House of Representatives in an effort to jumpstart impeachment proceedings against Jason Ravnsborg, the state attorney general that you might remember from when he killed a guy and was only fined $1000 for it.

In a letter attaching a hard drive of investigative materials (available on the next page), Department of Public Safety Secretary Craig Price laid out the investigation’s conclusions:

In my opinion as a 24-year law enforcement officer, and in the opinion of the highly trained highway patrol officers involved in this investigation, Mr. Ravnsborg should have been charged with 2nd Degree Manslaughter. The prosecution team was well aware of that position. The South Dakota Highway Patrol stood ready and willing to provide expert testimony regarding the crash the facts of this investigation at trial, a position that was also made clear to the prosecutor.

Alas, the prosecutors had other ideas, like nerfing the charges down to misdemeanors and letting the AG go on his merry way. Which he happily did… while speeding.

Speaking of his speeding, the body cam footage from his most recent stop has been released. For a guy who’s gotten 7 tickets in 7 years he seems wildly ill-prepared to deal with a stop. And that’s before you find out he didn’t bring his driver’s license with him on this “57 in a 35 zone” joy ride. I flip out if I don’t have my driver’s license on me to walk places.

The ticket was for $177.50. Or just under a fifth of the fine for killing someone.

Watch body cam footage of South Dakota Attorney General Jason Ravnsborg’s latest traffic stop [Argus Leader]

EarlierState AG Killed A Guy… Judge Fines Him $1,000.
State AG Who Killed A Pedestrian Suggests It Was Suicide As Opposed To His Scrolling The Internet While Driving
State Attorney General Told Officers He’d Hit A Deer… In Reality, A Man Is Now Dead
State AG Killed A Man And Told Cops He’d Hit A Deer, Will Only Face Misdemeanor Charges
Dead Man’s Glasses Found INSIDE South Dakota AG’s Car
South Dakota AG Is Going To Keep Driving Dangerously Until He Kills Someone… Again


HeadshotJoe Patrice is a senior editor at Above the Law and co-host of Thinking Like A Lawyer. Feel free to email any tips, questions, or comments. Follow him on Twitter if you’re interested in law, politics, and a healthy dose of college sports news. Joe also serves as a Managing Director at RPN Executive Search.

Pump Up The Volume

(Image via Getty)

Taking the time to develop a personal professional brand is something all professionals should consider doing, and lawyers should be no different. In my experience, lawyers who work in private practice generally understand the importance of building a personal professional brand because it is so closely tied to business development and growing a successful law practice.

Lawyers who work in-house, however, generally do not spend much time building a personal professional brand because they do not feel the same pressure as those lawyers in private practice. To the extent in-house lawyers put any energy into developing a brand, they often focus that energy on building the company brand. In-house lawyers who take this approach do so at their own peril. When the in-house employment ends, the in-house lawyer who has not taken the time to build a personal professional brand may struggle to find a new role because their identity has been tied only to a company for which they no longer work.

Nothing says that in-house lawyers cannot develop a personal professional brand while also developing the company brand. Done correctly, it can be a win-win proposition for both the in-house lawyer and the company for which they are working. If you are one of those in-house lawyers, it is never too late to reconsider developing a personal professional brand. It is not an all-or-nothing proposition.

What Is A Personal Professional Branding Anyway?

Personal professional branding is the process by which you showcase your unique skills, abilities, experience, and personality for all professionals in your chosen industry to see. When personal professional branding is done well, industry leaders will come to know who you are, what you stand for, and what you are capable of accomplishing.

Why Is Creating A Personal Professional Brand Important?

When you take the time to develop and cultivate your own brand, you are giving yourself greater control over your career. With a well thought out and carefully considered brand, you will also invite opportunities to come your way because you will:

  • make yourself known to influential people within your industry
  • assume control over your own personal career narrative by showing your skills, abilities, and strengths
  • be better able to stand out from the crowd
  • have a greater opportunity to build relationships with like-minded people who value your skills and who will see you as an industry expert

How Do You Create A Personal Professional Brand?

Shine a spotlight on what you do. When I landed my first in-house role, I believed that my work would speak for itself and that there was no need to do anything else. I still believe that to be true — to a point. Many of the job offers that came my way came because I worked hard to build a reputation based on results. The employers that hired me wanted to hire someone with known skills and abilities rather than take a risk on someone that they believed may have them. Once you reach a certain level of career success, however, you need to start shining a spotlight on your work to get noticed outside of your immediate circle.

Become recognizable. Once you make the decision to shine a spotlight on who you are, what you do, and who it is you serve, take the time and effort to become recognizable. Some of the things you may want to consider include using a single headshot across social media platforms so that the brand you are presenting is consistent. You can also create a personalized hashtag or logo.

There is no question that the work that you do and the content that you share is of paramount importance to your brand, but, if no one sees it, your energy is wasted. The most effective way to capture the attention of those people who can send opportunities your way is by using visual elements to build brand recognition.

Leverage the power of social media. Shining a spotlight on the work that you do does not just mean winning cases and receiving awards. You can also shine a light on what you do by learning to effectively use social media platforms like LinkedIn, Instagram, Twitter, and Tik Tok. You can blog. You can publish newsletters. You can host a podcast or you can be guest on one. You are limited only by your imagination.

For all the talented in-house lawyers out there with their heads down working hard and fighting the good fight, I want to leave you with this. Pump up the volume. Get this party started. You have no idea the opportunities that will come your way when you make building a personal professional brand a priority.


Lisa Lang is an in-house lawyer and thought leader who is passionate about all things in-house.  She has recently launched a website and blog Why This, Not That™ to serve as a resource for in-house lawyers.  You can e-mail her at lisa@lawyerlisalang.com, connect with her on LinkedIn, or follow her on Twitter.

Fourth Circuit Says WV GOP Can Give Itself Top Billing On Ballots Forever

Even before SCOTUS gutted Roe at midnight on the shadow docket, it was a lousy day for democracy in the federal judiciary with the Fourth Circuit allowing West Virginia to institutionalize a 1-3 percent Republican advantage on every ballot printed.

The case, which was flagged by Law & Crime, involved a challenge to West Virginia’s Ballot Order Statute, which mandates that “the party whose candidate for president received the highest number of votes at the last preceding presidential election is to be placed in the left, or first column, row or page, as is appropriate to the voting system.”

In plain English, whichever party wins the presidential election get top billing up and down the ticket for the next four years. And in a state where Trump beat Biden 69-30, it’s not hard to figure out which party that will be.

Candidates whose name appears first net an advantage of 1-3 points on average. It’s called the “primacy effect,” and it’s been documented for decades. It’s why responsible jurisdictions print candidates’ names in either alphabetical or random order on the ballot.

Indeed, the state defendants’ own expert witness testified that being placed first on the ballot was likely to result in a 1.6 percent advantage for the candidate. The trial judge found the plaintiff’s estimate of a 2.94 percent windfall to be more credible, but a majority of the panel shrugged it off, ignoring testimony that this would have affected the outcome in at least 105 races since 1960 — a fact remarked on by Judge James Wynn in a pointed dissent.

Judges Barbara M. Keenan and Stephanie Thacker insist that (more than a few) flipped elections is but a “modest” burden, far outweighed by the state’s interest in not having to flip a coin to decide who goes first:

While we have concluded for standing purposes that the plaintiffs alleged a substantial risk of injury based on the primacy effect, any burden imposed by the statute is not elevated from a “modest” to a “significant” burden even under [plaintiffs’ expert] Dr. Krosnick’s quantification of the primacy effect. As noted above, according to Dr. Krosnick, the primacy effect usually generates windfall votes for the first-listed candidate. However, the ballot-order statute allocates this positional bias on a neutral basis.

As for the law’s neutrality, the court chirps that “the statute affords the major political parties an equal ability to access the benefit of the windfall vote … both Democrats and Republicans have an equal opportunity every four years to obtain the most votes in West Virginia for their presidential candidates.” Pointing out that Democrats routinely won presidential elections in West Virginia until 1996, the court reasons that it all averages out — not that the law was partisan from its inception, and remains so, even if the beneficiary party has flipped.

Reasoning that the state’s interest in “the efficient administration of elections and a reduction in voter confusion and errors made by voters” outweighed the statistically significant disadvantage it will impose on every Democratic candidate up and down the ticket:

Although West Virginia could have devised a different ballot-order regime that also achieved these benefits, the state was not required to do so or to show that its chosen method was the least burdensome means of allocating the primacy effect because any modest burden imposed by the ballot-order statute was justified by the state’s important regulatory interests.

Thank goodness we can rely on that Supreme Court to call balls and strikes and sort this whole mess out.

HA HA.

Nelson v. Warner [Docket via Court Listener]


Elizabeth Dye lives in Baltimore where she writes about law and politics.

LawNext: PacerPro Founder and CEO Gavin McGrane On Process Automation and Court Data

Gavin McGrane was a litigation attorney in San Francisco when he saw an opportunity to improve how legal professionals interface with the federal courts electronic records system, PACER, and to enable them to better tap into the data and knowledge contained within that system. 

In 2012, he founded PacerPro, originally focusing on providing an enhanced interface to the PACER system, but, in the years since, developing it beyond that, into a system that also enables law firms to automate the process of collecting and distributing court documents and properly filing them within a DMS or knowledge system.

Now, with a recent Series C investment, PacerPro is working to further develop its product and expand its coverage from federal courts into state courts. 

On this episode of LawNext, McGrane joins host Bob Ambrogi to share the history and evolution of the company and discuss where he sees it going next. 

Thank You To Our Sponsors

This episode of LawNext is generously made possible by our sponsors. We appreciate their support and hope you will check them out. 

A reminder that we are on Patreon. Subscribe to our page to be able to access show transcripts, or to submit a question for our guests.

The Trial Team Member You Might Be Overlooking: A Travel Agent

There was an episode of 30 Rock a whole decade ago where, faced with an increasingly vapid entertainment industry, intrepid writer Liz Lemon worried that her job was disappearing. At this point she was met by three almost mystical figures: an American auto worker, a guy who played dynamite saxophone solos in rock and roll songs, and… a travel agent. They were the “people whose professions are no longer a thing” and they lived under the subways with the CEO of Friendster.

But the thing is, travel agents hadn’t really disappeared. While forfeiting some of their old market share to online booking outlets, travel agents regrouped around the tasks that they’re uniquely suited to take on. And Hotels for Trial is one such agency focused on the sort of complex and specialized travel scenario that calls out for dedicated professionals.

This wasn’t the meeting I’d expected to have at the International Legal Technology Association Conference last week, but after chatting with Ryan Spear, president of Spear Travel Group, a travel agent fit into the conference perfectly. “Because it’s the IT people who feel the pain when lawyers get there and the hotel has the wrong internet.”

Because sending a trial team across the country for weeks at a time is as much a technology question as the choice of eDiscovery platform. Sure, anyone could call up and book rooms and flights, but who is going to have the conversations with the hotel about the unique demands of modern litigation? Going to trial isn’t just about retiring to the room with some laptops. A successful team is going to negotiate a contract with the hotel to provide not just rooms, but dedicated wi-fi, security protocols, war rooms, food & beverage, transportation, etc.

And that’s in normal times. Over the last several months, firms have needed to know about testing requirements and PPE policies in public or semi-public areas of the hotel.

Getting all of this right is why Spear set up Hotels for Trial as a dedicated branch of his agency to serve the needs of modern trial travel and eliminating pain points that could crop up along the way. The group has been working with major Biglaw mainstays like Kirkland & Ellis, Skadden, and Weil and Spear said he’s happy to report the group has a 100 percent retention rate.

The best meetings at these conferences are the ones where you hear something you never expected. I didn’t go to ILTA expecting to talk to a travel agent, and yet I can’t imagine traveling for a major trial without one at this point.


HeadshotJoe Patrice is a senior editor at Above the Law and co-host of Thinking Like A Lawyer. Feel free to email any tips, questions, or comments. Follow him on Twitter if you’re interested in law, politics, and a healthy dose of college sports news. Joe also serves as a Managing Director at RPN Executive Search.

Do We All Need A Refresher Course In Ethics?

There are plenty of opinions that law students read and hopefully understand, although language in those opinions can be obscure at best. Even lengthy opinions can be instructive and mince no words. Just like the court’s opinion in King v. Witmer (the “Kraken” lawsuit).

All law students and lawyers should pay close attention to this opinion, for even though it’s a district court opinion in Michigan arising out of a 2020  election lawsuit, there is language in the opinion that all should grasp, not just in the realm of civil procedure (full disclosure: I hated that course and my D showed that), but in legal ethics, the way we in the profession are supposed to conduct ourselves in court proceedings and our responsibilities as officers of the court. Sanctions are the death penalty for lawyers in terms of our ability to practice law. If the sanctions are sufficiently severe and the particular state bar’s disciplinary process is sufficiently on the ball, the legal career can go down in flames, not a particularly desirous scenario.

Here’s just some of what the district court judge said in her opinion about the plaintiff lawyers’ legal ethics or lack thereof. (The court’s comments on civil procedure would take me way over my word count, and I wonder whether some would say that “civil procedure” is just as much an oxymoron as is “legal ethics.”) District Court Judge Linda Parker’s comments are just as important for dinosaur lawyers as for the newbies.

I would not want to be Sidney Powell, Lin Wood, or any of the other attorneys who took part in this Marx Brothers legal farce. (The lawsuit and its characters remind me of my favorite Marx Brothers movie, “A Night at the Opera,” which, if you watch nothing more than the stateroom scene, is worth three minutes of your time.)

Sanctions and referrals to bar disciplinary panels are not ever the way that you want to have your name in the media. You may be a publicity hound, but this is not the kind of publicity any lawyer, or in fact, any person, should ever crave.

The court’s opinion ripped plaintiffs’ lawyers a new one. The court said that the attorneys who filed the case “abused the well-established rules applicable to the litigation process in several respects.” The court said that they proffered claims not backed by law, claims not backed by evidence. (Speculation, conjecture, and suspicion don’t count as evidence; how about that?) They also didn’t do the necessary investigation and due diligence before filing the lawsuit. And, in contravention of the theory held by some lawyers that “delay is good,” the court said the proceedings were dragged out “even after they acknowledged that it was too late to attain the relief sought.”

The court’s language reminds us of our duties as lawyers as we are not just counsel but also officers of the court. Some lawyers either don’t remember that or choose not to.

“Indeed, attorneys take an oath to uphold and honor our legal system. The sanctity of both the courtroom and the litigation process are preserved only when attorneys adhere to this oath and follow the rules.” Courts, Judge Parker added, only impose sanctions when attorneys do not. “And despite the haze of confusion, commotion, and chaos counsel intentionally attempted to create by filing this lawsuit, one thing is perfectly clear: Plaintiffs’ attorneys have scorned their oath, flouted the rules, and attempted to undermine the integrity of the judiciary along the way.” A well-deserved and complete benchslap. As an aside, it might be a good idea for all attorneys to review Rule 11.

So, the court sanctioned the attorneys, found them to be in violation of the Michigan Rules of Professional Conduct and referred each of them to the disciplinary panels in every state in which each attorney is barred for disciplinary action. Plaintiffs’ lawyers also must pay the attorneys fees of the City of Detroit and others who defended the lawsuit, plus they must take 12 hours of CLE, including courses on election law and pleading standards. Appeals? Of course.

Traveling from Michigan to SoCal, a very prominent disgraced attorney here is in a world of hurt. Assets of Tom Girardi’s law firm, Girardi Keese, are up for auction. Items include a framed receipt from PG&E’s $236 million payout for the Hinkley water lawsuit, made famous by the film “Erin Brockovich,” a Los Angeles Lakers championship ring and several other pieces of Los Angeles sports memorabilia, a 2011 Cadillac GTS, over 100 bottles of wine, a signed 1960 photo with the Supreme Court justices (I assume California), and a signed Beach Boys album. What do you think is the value of these firm assets?

The mansion that the Girardis lived in, which was originally for sale at $13 million, has had several very impressive price cuts, now lists at just under $9 million.

And, if that’s not enough, the bankruptcy trustee in the Girardi Keese bankruptcy has filed a statement of assets and liabilities, and no surprise, it’s  not pretty. The firm owes more than $100 million and has less than $5 million in assets. Clawback time? Will the clients bilked out of their settlement funds recover anything at all?

I saw Tom Girardi at a Zoom bar event honoring the California Chief Justice, Tani Cantil-Sakauye, in December 2020. He was ebullient, talking up the profession and how great it was to be an attorney. Note that I say “was.” Just like the attorneys in the Kraken lawsuit, Girardi scorned his oath and flouted the rules. Shame on them; shame on him.


Jill Switzer has been an active member of the State Bar of California for over 40 years. She remembers practicing law in a kinder, gentler time. She’s had a diverse legal career, including stints as a deputy district attorney, a solo practice, and several senior in-house gigs. She now mediates full-time, which gives her the opportunity to see dinosaurs, millennials, and those in-between interact — it’s not always civil. You can reach her by email at oldladylawyer@gmail.com.

China’s New Data Security Law Will Provide It Early Notice Of Exploitable Zero Days – Breaking Defense

Chinese President Xi Jinping (Kevin Frayer/Getty Images)

WASHINGTON: China’s new Data Security Law, which takes effect today, includes cyber vulnerability disclosure provisions that will provide its government with nearly exclusive early access to a steady stream of zero-day vulnerabilities — potentially to include those discovered in technologies used by the Defense Department and Intelligence Community.

Armed with that information, experts fear, China could exploit cyber vulnerabilities in tech used broadly across the US public and private sectors.

The DSL’s vulnerability disclosure provisions are a concern given both China’s recent behavior and its activities in cyberspace over the past two decades. The Microsoft Exchange hacking campaign earlier this year entailed exploiting four zero-day vulnerabilities in the Redmond, Wash., tech giant’s widely used email server software. Zero-day vulnerabilities are security flaws that are not publicly known and therefore have no available patch.

Microsoft was eventually alerted to the Exchange vulnerabilities, issued patches, and attributed the campaign to a Chinese threat actor dubbed HAFNIUM, but not before 140,000 US organizations were exposed — and some percentage of those compromised by multiple threat actors, prior to and after the vulnerabilities’ disclosure. The Pentagon’s networks were reportedly not affected.

The Exchange campaign — which the US officially attributed to China in July — is just the latest known in a multi-decade Chinese cyberespionage initiative against the US government and American companies, which a congressional commission estimated to cost hundreds of billions of dollars annually and has been characterized by a former National Security Agency chief as “the greatest transfer of wealth in history.”

Now, with the enactment of the DSL, China is poised to collect information on zero days that it can use for both defensive and offensive purposes, with no obligation to share that information with other governments or companies.

DSL’s Vulnerability Disclosure Provisions

The DSL’s provisions require all Chinese security researchers, Chinese businesses, and — most notably — foreign companies with a footprint inside China to report any zero-day vulnerability to the Chinese Ministry of Industry and Information Technology (MIIT) within two days of a vulnerability’s discovery. The DSL also prohibits affected entities from “collect[ing], sell[ing], or publish[ing] information on network product security vulnerabilities” and outlaws sharing vulnerabilities with any “overseas organizations or individuals other than network product providers.”

To spell that out, according to experts: Under this law, China will compel certain security researchers and companies to disclose zero-day vulnerabilities to MIIT, while the sources of those flaws will be severely limited in who else they can share the information with. Meanwhile, China could exploit the vulnerabilities present in US government and American corporate networks.

The law’s provisions are backed by stiff financial penalties for noncompliance and the possibility of further legal actions by the Chinese government against offending entities. China’s DSL follows other data privacy laws, most notably Europe’s 2016 General Data Protection Regulation, commonly known as GDPR. Like DSL, non-European companies that operate in Europe are subject to GDPR’s data restrictions and penalties. However, one goal of GDPR, unlike the DSL, is transparency in how data is used.

Some of the businesses that are affected by the DSL’s disclosure provision — such as Amazon Web Services and Microsoft, to name just two — have a business presence in mainland China while also providing IT to the US public and private sectors. This means that American companies, whose tech is currently used in China and the US, will be required to notify China’s MIIT of any zero-day vulnerability present in their tech.

In addition, any third-party Chinese security researchers and companies in China or that do business in China will be required to report discovered zero-day vulnerabilities in, say, Microsoft’s Azure or AWS’s cloud platforms — both of which are widely expected to be selected as part of DoD’s new Joint Warfighting Cloud Capability. Such disclosures will give the Chinese government a head start on remediating — and potentially exploiting — zero days.

The Pentagon does not publicly disclose its security patch management practices, but the average time it takes companies to patch — a metric security researchers track as the mean time to patch, or MTTP — ranges from 60 days to over 200 days, depending on the source. That metric is calculated from the time a patch is issued.

However, it takes companies time from initial disclosure of a bug to issuing a patch. Approximately 60 days passed between the initial discovery of the Exchange zero days on Jan. 6 and Microsoft issuing patches on March 2, during which exploits increased significantly. Microsoft moved faster than a lot of companies in that case. Even after Exchange patches were released, some companies did not apply the fixes for weeks, prompting the FBI to take the extraordinary action of secretly and proactively patching the servers of some private entities.

To be sure, the DSL is written to be broad and vague, and it’s unclear right now how the Chinese government will enforce the vulnerability disclosure provisions and related penalties. But the mere prospect of the MIIT learning of zero days that are present in US government and private sector tech before practically everyone else knows about or can remediate them has raised concerns among some experts.

US Cyber Command and the NSA — which work with the Pentagon and the Defense Information Systems Agency on securing DoD networks — did not reply to a request for comment.

“Part of this is rooted in the concept of legal warfare, or lawfare,” Dean Cheng, a leading China expert at the Heritage Foundation, told Breaking Defense. “The Chinese concept of legal warfare is much broader” than the Western notion, he said. “It is using all the instruments of legal institutions — some laws, regulations, courts, law enforcement agencies — to help achieve political ends.”

And, in this case, the political ends entail China’s own cybersecurity and its offensive cyber operations. “It puts [China’s] Ministry of State Security, which conducts nation-state hacking and espionage, in a position to evaluate software vulnerabilities and turn those into operational tools so that they can hack other nations,” Dakota Cary, a research analyst at Georgetown University’s Center for Security and Emerging Technology, told Breaking Defense. “That creates a window of opportunity for state hackers to exploit what they know is vulnerable software before that software can be repaired.”

Zero Day Dual Use: Defensive Capability and Offensive Weapon

The cybersecurity community — both good guy “white hats” and bad guy “black hats” — has long valued the discovery of zero days. Through bug bounty programs and hacking competitions, white-hat security researchers find, validate, and often get paid to disclose zero days to governments and companies. Indeed, many US companies pay handsomely for such discoveries and even the US government runs such events, including Hack the Army, which uncovered 238 vulnerabilities this year.

Bug bounties and competitions are meant to incentivize “responsible disclosure” of zero days, so that tech companies can patch security bugs before bad guys can learn about and exploit them. Once patches are developed and released for widespread use, the vulnerabilities are announced to the public. In this way, responsible disclosure is viewed as a way to improve cyber defenses.

Some aspects of the DSL encourage using zero days for defensive purposes in the tradition of bug bounties. In addition to calling for the Chinese private sector to establish financial incentives for bug reports, the DSL holds security researchers and companies to responsible disclosure, forbids “exaggerating” a bug’s severity, and prevents researchers and companies from creating tools to exploit the vulnerabilities. But the law does not place any such prohibitions on the Chinese government exploiting the vulnerabilities in offensive operations.

Chinese military officials on parade. (File)

The National Institute for Standards and Technology maintains a US National Vulnerability Database, while China runs its own, the China National Vulnerabilities Database (CNNVD).

Cary told Breaking Defense his research has revealed that some Chinese authors and academics, who are influential with the Chinese Communist Party, have become suspicious of the US NVD program.

These influential Chinese authors “have misconstrued the US NVD as an NSA run program,” which could be shaping China’s perception of the way the US operates and may be influencing the DSL’s vulnerability disclosure provisions, Cary said. “In their minds, what they put in place doesn’t feel different than how they think we are using our vulnerability database, even though that’s not the case.”

In addition to bolstering defense, zero days can, of course, be potent offensive cyber weapons. Some have suggested China has, in the past, concealed or delayed disclosure of zero days. US cybersecurity company Recorded Future published research showing a pattern of delay in the Chinese government’s disclosure of vulnerabilities, and a separate report found that China manipulates its CNNVD. The DSL provides additional opportunities for China to conceal, delay disclosure, and obfuscate vulnerabilities reported to it.

The NSA has been accused in the past of similar behavior. In April 2017, a mysterious group calling itself the Shadow Brokers leaked vulnerabilities that it allegedly stole from the NSA. One of those vulnerabilities, Eternal Blue, was later exploited by non-NSA threat actors as part of the widespread WannaCry and NotPetya cyberattacks in May and June of 2017, respectively.

Still earlier, the computer worm Stuxnet exploited four zero days in Microsoft Windows as part of a multi-stage hack of the industrial control systems in Iran’s Natanz nuclear enrichment facility. Stuxnet, often called the first cyberwarfare weapon, is widely believed to have been a US-Israeli collaboration, but neither government has ever admitted involvement.

Asked how likely it is that China will use zero days disclosed to it for offensive operations, Cheng called it “100 percent.”

“There’s no evidence that I’ve come up with for some version of Chinese cyber no first use,” Cheng added. “We have seen them do a lot of things. Nobody else really does [economic cyberespionage] on the scale China does, which virtually no one in the world can withstand when you bring that scale of resources. So, why would we assume that, somehow, when it comes to zero-day exploits, the Chinese won’t do that?”

Cary recently characterized China’s approach to vulnerability disclosure in the DSL as “weaponiz[ing] cybersecurity research.” The Chinese, he told Breaking Defense, are “taking resources from labor and capital out of American markets, or foreign markets generally speaking, and using that against other nations to facilitate operations. So, they’ve effectively co-opted a pipeline of research, which costs a great deal of money to do, in order to increase their own offensive and defensive hacking capabilities.”

The DSL is just the most recent in a flurry of cyber-related and other laws meant to counter what China perceives to be “aggressions” by other nations against it. The DSL fits within this broader Chinese legal framework and its underlying themes.

“The problem is that Chinese behavior at play is what I termed informational mercantilism,” Cheng said. “By that I mean, ‘I have a right to know what you know, [but] I am under no obligation to share’.”

Cheng also sees the DSL as fitting within the broader Chinese concepts of “informationization” (xinxihua) and “informationized warfare” (xinxihua zhanzheng). “Why do [the Chinese] care about any of this? Because, if you’re the Chinese, this is part of creating the networked, interlinked, cross-wired society that China wants to be for the 21st Century. And an informationized society, an informationized CCP, has to protect itself from informationized threats, including cyberattacks.”

It also has to provide offensive countermeasures. Cheng added: “The Chinese see themselves as surrounded by enemies, and they’re not necessarily wrong.”

The Gift, The Anchor, The Rock

(Image via Getty)

Ed. note: This is the latest installment in a series of posts on motherhood in the legal profession, in partnership with our friends at MothersEsquire. Welcome Kristen M. Sinclair to our pages. Click here if you’d like to donate to MothersEsquire.

On the snowy February 2019 night of my first mammogram, I cried for myself, my two young sons, my husband, and my mom. We would be the most affected by a cancer diagnosis.

My tears were centered around my fears of abandonment. My self-worth has always been tied to my perception of my usefulness to those around me. If I lose that ability to produce at home and at work, how will I know my value? If I am useless, everyone will leave, therefore I should leave first. I should die and make room for someone else to take my roles as mother, wife, and employee.

Facing the leap into a bottomless pit, and, for a moment, you too might think death was a more viable option. Envision yourself facing a potential death sentence, and serve it bald, scarred, burned, ugly, medicated into heart, liver and lung complications, unable to care for your children, to work … why live?

I wallowed in fears of the reaction I would encounter in each segment of my life. How would my boss handle the news? I worked for nearly 10 years at the same firm. We had built a solid relationship on trust and respect, founded upon mutual confidence in my management capabilities. I never rested upon prior accomplishments. So if I stopped adding value to the firm, how could my boss stand by me? How would I withstand the brutal treatment without losing my seat at the table?

As I cruised online support groups, I grew more horrified at all the physical ravages I had in my future. The world would know: I was a defective product.

Many cancer patients take leaves of absence during these phases of treatment. I refused. My boss, a father of two daughters and owner of his practice, urged me to rest. I saw him wince as I dragged my limp body into the office just five days after my first round of chemotherapy. I can still envision how he ran out of the office at lunchtime, returning with the best matzo ball soup in town, his way of showing comfort.

My coworkers assumed one of the largest roles in my “Boob Army,” bearing the brunt of my days off and my chemo-brain fog. The entire office family huddled around me. No one wanted me to step aside for someone unbroken. I felt anchored in the storm by the commitment of my office family.

To a cancer patient, that kind of reassurance is everything. When you feel lost in a sea of medicines, side effects, and depressing statistics, hope should anchor you through the storm.

Have you met many hopeful lawyers? Or, even a slightly optimistic lawyer? We don’t deal in hope. We live in the worst-case scenarios. When you practice law, it’s your job to see the worst-case scenario.

Hence why I immediately wanted to order a dumpster on the night of my first mammogram. Because I was already dead. If I had to accept cancer, fine, I’ll accept it at its worst. I couldn’t see fighting any other way. Still, even if I wouldn’t allow myself to hope, I would keep going for my sons.

We received an outpouring of support. A special gift came in the form of a bracelet with a hidden motto on its inside: “Keep f*cking going.” The gift was more than the bracelet; it became my mantra, my battle cry.

And so I did keep f*cking going. I survived six rounds of intense chemotherapy, lost my hair, underwent countless scans, exams, and bloodwork. Following two lumpectomies, I faced 32 rounds of radiation, concurrently with 14 triweekly Kadcyla rounds, and eventually five to 10 years of medically induced menopause.

Once I lost my hair and half my eyebrows, I truly felt ugly. I had to push myself to still be in pictures with my boys and to continue making memories. I made peace with my baldness and shed the feelings of ugliness gradually.

Regardless, the experience of baldness heightened my awareness of my own tendency to judge others based upon their outward appearance. Cancer opened me to seeing the beauty inside of others’ hearts, eyes, and smiles before I look at their physical presence.

I worried about losing my place with the firm, yet the opposite occurred. For the first time in my 10 years there, clients were encouraging my boss to bring me to the annual fall conference, scheduled to occur at the tail end of my radiation schedule. On a leap of faith, my boss asked me to join him. His vote of confidence cannot be understated. The man was not afraid to bring the defective product, nor was he embarrassed by my physical presence. It spoke volumes about his character that he committed more deeply to my professional development.

I prepared for the three-day whirlwind conference in D.C., packing clothes for a month-long trip. I included a few wigs, just in case I was too afraid to be the bald lady lawyer. Upon arrival, I elected to leave the wigs aside. No one knew me there with long hair, so I chose to wear a big smile, come what may.

On the first evening of the conference, I attended a new member dinner event by invitation from the association’s incoming president. The president introduced me to a few other new members. One of the women, “H,” became a friend. She overheard me mention cancer. She too had very short hair. H shared that she had recently lost her beloved mother to cancer.

We talked about our shared experiences, and also our differences. H later told me that when she first saw me, she said to herself, “Who is that other bald bitch? I have to meet her.” She had expected to be the only bald woman in the room at that dinner, but she was relieved to find another “bald bitch.” She too had packed her wigs, but challenged herself to leave them behind that evening. Being bald allies gave us both an extra boost of confidence that weekend.

Radiation concluded October 25, 2019. Many hurdles lay ahead. Still, the boost of professional confidence I gained from the trust of my boss to participate gave me reassurance that no doctor could offer.

Working through cancer in a supportive environment provided me with the distraction I needed to keep going. I remain employed with my current firm, anchored to the loyalty and support I received in the darkest months most people could ever experience.


Kristen M. Sinclair is a wife, mother of two sons, Brody & Carson, and breast cancer survivor. After serving as Law Clerk to the Honorable Michael J. Kassel, J.S.C. from September 2008-August 2009 in the Camden County Superior Court of New Jersey, she began a career in a civil, commercial, and retail collections practice. Cancer interrupted her plans in 2019, but she did not allow treatment and survivorship to dull her desire to grow her personal practice of law into political and social advocacy. She is presently serving as a County Committee member in Burlington County, NJ. 

Kristen is the founder of Freedom Speaking LLC and Shielding Liberty LLC, entities focused on free speech advocacy. She has co-founded the Child Advocate Coalition LLC with her partner, Nik Stouffer, a medical biostatistician of 25 years experience. They work together to advance parental rights in school advocacy efforts. To learn more about their organizations, they can be found on social media and maintain newsletters through chaosandcontrol.substack.com with a readership of over 3,000. Her personal author page can be found at Kristen20.substack.com.

Kristen credits the support of her work family as an anchor she needed to weather the storm of active cancer treatment. For anyone in a similar situation, let her story remind you: Keep going.