High Res Photo of Jennifer Granick
Photo credit: Michael Sugrue
Last Friday, a New York federal judge joined in the contentious current debate over whether tech companies should be forced to provide law enforcement the ability to decipher encrypted data stored on smartphones and in the cloud.
In two years, section 702 of the FISA Amendments Act will expire. It is essential the public to have confidence that any reforms to section 702 will actually address problems with PRISM and Upstream surveillance. To get that confidence, we have to know a lot more about how the intelligence community is using section 702. That understanding requires more investigation.
Today we sent a letter to lawmakers expressing security experts' opposition to the Cybersecurity Information Sharing Act (CISA) as well as two other pending bills that purport to be about security information sharing, the Protecting Cyber Networks Act (PCNA), and the National Cybersecurity Protection Advancement Act of 2015. These experts agree that the information sharing bills unnecessarily waive privacy rights because they focus on sharing information beyond that needed for cybersecurity.
Today, the Office of the Director of National Intelligence (ODNI) announced that it would stop some of the surveillance it conducts on the telecommunications backbone under authority granted by section 702 of the FISA Amendments Act.
On Wednesday, the Republican chair of the House Intelligence Committee, Devin Nunes (R-CA), gave a press conference in which he reported that Trump transition team members’ communications were intercepted by US intelligence agencies through “incidental collection.” This follows on Nunes’ concerns, after Michael Flynn stepped down following intelligence reports that he had talked to the Russian ambassador.
Does the House Permanent Select Committee on Intelligence understand intelligence gathering?
After all, that committee is charged with oversight over the United States’ vast surveillance bureaucracy. And yet, comments from the chair of the committee, Rep. Devin Nunes (R-Calif.), suggest that he is unclear on the concept.
"Some people writing on intelligence and surveillance note that close working relations such as this can allow intelligence agencies to evade domestic controls. Jennifer Granick, in her new Cambridge University Press book, American Spies: Modern Surveillance, Why You Should Care, and What To Do About It, notes that Five Eyes countries aren’t supposed to spy on one another’s citizens. However, she says that the NSA has prepared policies that would allow it to spy on Five Eyes citizens without permission. She furthermore suggests that:
"Although it would be “unheard of” for the federal government to prosecute a company for using leaked classified information to improve its products, there “are some issues with the fact that the information is classified,” said Jennifer Granick, director of civil liberties at Stanford Law School’s Center for internet and Society.
Given uncertainty about the views of the Justice Department, “I can see why legal counsel at big companies might hesitate to reach out to Julian Assange to negotiate access to classified information,” she said."
"While WikiLeaks has often been criticized for releasing sensitive data without regard for the consequences, Mr. Assange is acting responsibly this time, said Jennifer Granick, the director of civil liberties at the Stanford Center for Internet and Society. WikiLeaks redacted the actual computer code for C.I.A. exploits from its initial release to avoid spreading such cyberweapons.
“He is trying to do the right thing,” Ms. Granick said."
"“Spying is thriving” because little is understood about how pervasive it is.
To celebrate the one-year anniversary of the Stanford Cryptography Policy Project, we are holding an afternoon event highlighting our research and accomplishments over the past year. As our keynote speakers, it is our pleasure to welcome the Honorable Stephen W. Smith, Magistrate Judge of the Southern District of Texas, and Paul S. Grewal, former Magistrate Judge of the Northern District of California.
What kind of surveillance assistance can the U.S. government force companies to provide? This issue has entered the public consciousness due to the FBI's demand in February that Apple write software to help it access the San Bernardino shooter's encrypted iPhone. Technical assistance orders can go beyond the usual government requests for user data, requiring a company to actively participate in the government's monitoring of the targeted user(s).
On Wednesday, February 17, The Center on Democracy, Development and the Rule of Law at Stanford, The Center for International Governance Innovation, and the Research Advisory Network of the Global Commission on Internet Governance will present an all-day conference entitled "New Alliances in Cybersecurity, Human Rights and Internet Governance." The conference will discuss the challenges of creating a regime of internet governance that pays attention to security and human rights in the digital context.
Over the course of two days in February 2016, the Strauss Center at the University of Texas-Austin will host a unique and timely conference focused on the legal and policy dimensions of cybersecurity.