High Res Photo of Jennifer Granick
Photo credit: Michael Sugrue
Round Two of my debate with Orin Kerr about whether the bulk collection of phone call records is regulated by the Fourth Amendment is now published on the Just Security blog. In this round, I argue that normative considerations, including those associated with bulk data collection, are explicitly part of existing Fourth Amendment jurisprudence. The 1979 case of Smith v.
A new online platform launches today called Just Security, a forum on law, rights, and U.S. national security. Just Security aims to promote principled and pragmatic solutions to the problems decision-makers face in U.S. national security law and practice. The legal analysis and policy prescriptions proposed by Just Security will provide balanced and broad perspectives currently missing in the national security dialogue.
We here at CIS are delighted to welcome Giancarlo Frosio to our team. Giancarlo is our new Intermediary Liability Fellow, studying the ways that liabilities, immunities and safe harbors for global communications platforms affect freedom of expression and innovation online. Frosio is an Italian lawyer, fluent in several languages, with an S.J.D. and an LL.M. from Duke University Law School and an LL.M. from the University of Strathclyde in the U.K.
On July 30, 2013, I had the pleasure of having dinner with General Keith Alexander, Director of the National Security Agency. Just a few weeks earlier, NYU Law Professor Christopher Sprigman and I had called the NSA’s activities “criminal” in the digital pages of the New York Times, so I thought it was particularly gracious of him to sit with me. [more]
Today, Lavabit, an email service provider that promised its customers better privacy and security than other publicly available services, shut its doors. Reading between the lines of a cryptic message posted on the site’s homepage, about six weeks ago the service was served with some kind of demand for user information, as well as a gag order preventing the company from disclosing both the details of that order as well as its very existence. Rather than cooperate, owner Ladar Levison has decided to close the doors on his 10-year-old company. In his letter
Encryption helps human rights workers, activists, journalists, financial institutions, innovative businesses, and governments protect the confidentiality, integrity, and economic value of their activities. However, strong encryption may mean that governments cannot make sense of data they would otherwise be able to lawfully access in a criminal or intelligence investigation.
Arguing that a defendant’s conviction for website hacking should be overturned because legitimate, highly valuable security and privacy research commonly employs techniques that are essentially identical to what the defendant did and that such independent research is of great value to academics, government regulators and the public even when – often especially when — conducted without a website owner’s permission.
Arguing that if the court should not compel Apple to create software to enable unlocking and search of the San Bernardino shooter’s iPhone, it will jeopardize digital and personal security more generally.
After the Estate of James Joyce refused to allow a scholar to quote Joyce in her book, we successfully defended her right under the fair use doctrine to use the quotes she needed to illustrate her scholarship. After we prevailed in the case, the Estate paid $240,000 of our client’s legal fees.
Last week’s big cybersecurity news was that the FBI obtained a court order to force Apple to develop new software that would bypass several iPhone security features so the FBI can attempt to unlock the work phone of one of the San Bernardino shooters. Apple plans to challenge that order. (Full disclosure: I am planning on writing a technologists’ amicus brief on Apple’s side in that challenge.)
On Friday, Congress will vote on a mutated version of security threat sharing legislation that had previously passed through the House and Senate. These earlier versions would have permitted private companies to share with the federal government categories of data related to computer security threat signatures. Companies that did so would also receive legal immunity from liability under the Electronic Communications Privacy Act (ECPA) and other privacy laws.
Here’s the latest in the encryption case we’ve been writing about in which the Justice Department is asking Magistrate Judge James Orenstein to order Apple to unlock a criminal defendant’s passcode-protected iPhone. The government seized and has authority to search the phone pursuant to a search warrant.
Pending before federal magistrate judge James Orenstein is the government’s request for an order obligating Apple, Inc. to unlock an iPhone and thereby assist prosecutors in decrypting data the government has seized and is authorized to search pursuant to a warrant.
Last week, we wrote about an order from a federal magistrate judge in New York that questioned the government’s ability, under an ancient federal law called the All Writs Act, to compel Apple to decrypt a locked device which the government had seized and is authorized to search pursuant to a warrant.
"Two lawyers and legal researchers based at Stanford University have formally asked a federal court in San Francisco to unseal numerous records of surveillance-related cases, as a way to better understand how authorities seek such powers from judges. This courthouse is responsible for the entire Northern District of California, which includes the region where tech companies such as Twitter, Apple, and Google, are based.
"The Stanford Center for Internet and Society's Jennifer Granick, director of civil liberties, and Riana Pfefferkorn, cryptography fellow, said at Black Hat 2016 that companies are often under no legal obligation to comply with law enforcement data requests, because data requests are not orders and even court orders are not the law.
"“If you’re ever asked to do something like this, you have a lot of strong legal arguments to say no,” said Jennifer Granick, the Director of Civil Liberties at the Stanford Center for Internet and Society in a Black Hat talk on Thursday. Granick and her Stanford colleague Riana Pfefferkorn, a Cryptography Fellow, ran down relevant laws and what’s currently known about their parameters and limits. They suggested that companies should plan ahead and assume that law enforcement agencies will eventually send them some kind of technical request—if they haven’t already.
"In a session at the Black Hat conference in Las Vegas, Stanford Center for Internet and Society director of Civil Liberties Jennifer Granick and Cryptography Fellow Riana Pfefferkorn, acknowledged that there is more information about us than ever before, with sensors both on and offline. All encryption is doing, they said, is removing a fraction of law enforcement.
"Touching on cases like the Snowden or the Lavabit incidents, the duo strongly emphasized that companies should start asking themselves a couple of questions before law enforcement actually comes knocking at their door. Knowing what they collect, how they store it, for how long, why, what can it access, does it encrypt data and where are keys stored – are only a few of them.
Jennifer Granick, Director of Civil Liberties, will speaking at the ISSA-LA Summitt.
More information: https://issalasummit9.wpengine.com/?page_id=285/#Granick
Title: American Spies, Modern Surveillance, and You
Join Just Security for a fireside chat on the current state of U.S. surveillance and a celebration of Jennifer Granick‘s new book, American Spies: Modern Surveillance, Why You Should Care, And What to Do About It. Opening remarks by Senator Ron Wyden.
US intelligence agencies - the eponymous American spies - are exceedingly aggressive, pushing and sometimes bursting through the technological, legal and political boundaries of lawful surveillance. Written for a general audience by a surveillance law expert, this book educates readers about how the reality of modern surveillance differs from popular understanding.
If you attended a recent march to protest, wrote a check to the ACLU, or recently visited a politically leaning website, consider yourself an activist, says Stanford legal scholar Granick. Not only might the government be watching you, but your digital footprint could end up being visible to people and organizations you never imagined would care. Know your risks and take safety precautions, advises Granick, or don’t be surprised at the troubling outcome.
In the post-Snowden era, we don't have to tell you how important it is to stay engaged with (and vigilant about) the surveillance state in America. Jennifer Granick is the Director of Civil Liberties at the Stanford Center for Internet and Society, and author of the new book American Spies — and this week she joins us for an in-depth discussion about the surveillance sta
Intelligence agencies in the U.S. (aka the American Spies) are exceedingly aggressive, pushing and sometimes bursting through the technological, legal and political boundaries of lawful surveillance.
The Snowden revelations, while dramatic, have done little to amp up public concern about personal surveillance.
After all, thanks to technology, electronic spying is cheap — so cheap the government can’t afford not to do it.
The internet makes access to information incredibly easy, and we normally see that as a good thing. But what if the information being accessed is details of our private lives? And what if the person accessing them is a government intelligence agency? This week we speak with Jennifer Granick, author of "American Spies" and director of civil liberties at the Stanford Center for Internet and Society, about the quest for privacy in the age of surveillance.