Riana Pfefferkorn is the Cryptography Fellow at the Stanford Center for Internet and Society. Her work, made possible through funding from the Stanford Cyber Initiative, focuses on investigating and analyzing the U.S. government's policy and practices for forcing decryption and/or influencing crypto-related design of online platforms and services, devices, and products, both via technical means and through the courts and legislatures. Riana also researches the benefits and detriments of strong encryption on free expression, political engagement, economic development, and other public interests.
Prior to joining Stanford, Riana was an associate in the Internet Strategy & Litigation group at the law firm of Wilson Sonsini Goodrich & Rosati, where she worked on litigation and counseling matters involving online privacy, Internet intermediary liability, consumer protection, copyright, trademark, and trade secrets and was actively involved in the firm's pro bono program. Before that, Riana clerked for the Honorable Bruce J. McGiverin of the U.S. District Court for the District of Puerto Rico. She also interned during law school for the Honorable Stephen Reinhardt of the U.S. Court of Appeals for the Ninth Circuit. Riana earned her law degree from the University of Washington School of Law and her undergraduate degree from Whitman College.
High Res Photo of Riana Pfefferkorn
On October 10, Deputy Attorney General Rod Rosenstein gave a speech at the U.S. Naval Academy about encryption. I have a lot to say about his remarks, so this will be a long post. Much of Rosenstein’s speech recycled the same old chestnuts that law enforcement’s been repeating about crypto for years. I’m happy to roast those chestnuts.
On September 18, the Department of Homeland Security (DHS) revealed a new policy for collecting immigrants’ social media information.
In September 2016, we filed a Petition in the Northern District of California (the federal district court for the Bay Area and much of Northern California) asking the court to unseal years’ worth of surveillance matters filed there. We had our first hearing before the court on May 4.
Arguing that if the court should not compel Apple to create software to enable unlocking and search of the San Bernardino shooter’s iPhone, it will jeopardize digital and personal security more generally.
Last week, Deputy Attorney General Rod Rosenstein gave a speech about encryption that prompted a considerable amount of well-deserved blowback. His speech rehashed a number of long-discredited technical proposals for “solving” the “going dark” problem, and it also misstated the law.
"Rather than contempt, Riana Pfefferkorn, a cryptography fellow at the Stanford Center for Internet and Society, said Apple could incur daily penalties if a judge thought it was delaying compliance.
"n addition, defense counsel would undoubtedly demand the right for their own third-party experts to have access not only to the source code, but to further demand the right to simulate the testing environment and run this code on their own systems in order to confirm the veracity of evidence.
""Judge Orenstein ruled the FBI’s request would 'thoroughly undermine fundamental principles of the Constitution’ and we agree," an Apple spokesman told Ars in a statement. "We share the judge’s concern that misuse of the All Writs Act would start us down a slippery slope that threatens everyone’s safety and privacy."
The New York case, however, marks the first time that a federal judge has ruled in favor of a more privacy-minded Apple. More recent amicus, or friend of the court briefs, supporting Apple, have cited Judge Orenstein’s ruling.
"However, the most interesting filing of all may be the one filed by a group of iPhone Security and Applied Cryptography Experts, and put together by Jennifer Granick and Riana Pfefferkorn from Stanford's Center for Internet and Society. That brief is super educational in getting down into the weeds of just how dangerous it would be for Apple to create this code.
"On Thursday, a group of those iPhone hackers and other security researchers filed an amicus brief siding with Apple in its intensifying legal battle over the FBI’s court order to assist in cracking an encrypted iPhone that belonged to San Bernadino killer Syed Rizwan Farook.
Registration is required for this free event.
With the DOJ recently bringing back the "Going Dark" debate, and now calling for "responsible encryption," what does the Trump administration have to say about strong crypto? Do we know yet? Do they?
If there's anyone who might be able to figure that out, it's Riana Pfefferkorn.
The EastWest Institute’s Global Cooperation in Cyberspace program anticipates future security risks, defines the outlines of potential conflict and brings together the people who can do something about it.
Lecture held during the First International Congress of Fundamental Rights and Criminal Procedure in the Digital Age, organized by InternetLab in partnership with the Faculty of Law of the University of São Paulo.
Cryptography Fellow Riana Pfefferkorn gave a lecture titled "The American debate on surveillance and encryption".
In this digital day and age we’re grappling with questions like:
- What are the key digital policy issues that matter to nonprofits in 2017?
- What are the most pressing challenges to nonprofits and activists?
- What should nonprofits, foundations and community activists know about? How can they get involved? And what should they be doing to keep themselves and their communities safe?
This event will help inform and open a conversation on this topic with our audience of foundation and nonprofit leaders, students, philanthropists and more.
What kind of surveillance assistance can the U.S. government force companies to provide? This issue has entered the public consciousness due to the FBI's demand in February that Apple write software to help it access the San Bernardino shooter's encrypted iPhone. Technical assistance orders can go beyond the usual government requests for user data, requiring a company to actively participate in the government's monitoring of the targeted user(s).