Position / Title:
jennifer at law dot stanford dot edu
High Res Photo of Jennifer Granick
Photo credit: Michael Sugrue
High Res Photo of Jennifer Granick
Photo credit: Michael Sugrue
Over at Just Security, I have a post about the latest iteration of the USA Freedom Act. Basically, civil liberties groups are withdrawing support for the bill because it no longer clearly ends bulk collection of metadata and other information under Section 215 of the Patriot Act, the NSL statutes, and the intelligence pen/trap statute as the bill was supposed to do. I explain the language changes that gutted the bill, and lament the state of Congress. Read more here.
Yesterday I attended a conference at the Hoover Institution on “Intelligence Challenges.” I also spoke on a panel in the morning about Civil Liberties. A version of my prepared remarks is below. Ben Wittes has an interesting post on the event.
Over at Just Security I have an analysis of the USA Freedom Act as changed by a recent Manager's Amendment. Basically, I conclude that the Manager's Amendment fails to prohibit "back door searches" for US person information caught up in the NSA dragnet, which was supposedly one of the mail goals of the original bill.
Yesterday afternoon, the White House put out a statement describing its view of vulnerability disclosure: the contentious issue of whether and when government agencies should disclose their knowledge of computer vulnerabilities. Over at Just Security, I highlight some parts of the announcement for further thought.
Encryption helps human rights workers, activists, journalists, financial institutions, innovative businesses, and governments protect the confidentiality, integrity, and economic value of their activities. However, strong encryption may mean that governments cannot make sense of data they would otherwise be able to lawfully access in a criminal or intelligence investigation.
Arguing that a defendant’s conviction for website hacking should be overturned because legitimate, highly valuable security and privacy research commonly employs techniques that are essentially identical to what the defendant did and that such independent research is of great value to academics, government regulators and the public even when – often especially when — conducted without a website owner’s permission.
Arguing that if the court should not compel Apple to create software to enable unlocking and search of the San Bernardino shooter’s iPhone, it will jeopardize digital and personal security more generally.
After the Estate of James Joyce refused to allow a scholar to quote Joyce in her book, we successfully defended her right under the fair use doctrine to use the quotes she needed to illustrate her scholarship. After we prevailed in the case, the Estate paid $240,000 of our client’s legal fees.
Right now, a battle is underway to reform the Computer Fraud and Abuse Act, a statute that can transform innocuous workplace behavior into a federal crime, simply because a computer is involved. The CFAA is a bludgeon that Big Business and the Department of Justice have willingly used against the American worker, and its time for that to stop.
The first part of this article outlined the mechanics of the Megaupload website, and the novel questions of criminal inducement on which the government's indictment is premised. Here, we explore two more extensions of existing law on which the indictment is based, and the impact this prosecution is likely to have on Internet innovators and users alike.
Days after anti-piracy legislation stalled in Congress, the U.S. Department of Justice coordinated an unprecedented raid on the Hong Kong-based website Megaupload.com. New Zealand law enforcement agents swooped in by helicopter to arrest founder Kim Dotcom at his home outside of Auckland, and seized millions of dollars worth of art, vehicles and real estate. Six other Megaupload employees were also arrested. Meanwhile, the Justice Department seized Megaupload's domain names and the data of at least 50 million users worldwide.
"How long have you operated with that assumption?
Probably 20 years. I had an incident occur in my hotel room at Black Hat. My room was broken into, and my tech was compromised. They pulled the hard drive out of the wall safe, plugged it into my Linux laptop, booted it up off of a different drive, and then accessed files and copied it. Then they put the drive back in the safe.
"“There’s a secretive process with no real appeal where people are making extremely difficult subjective calls that have to do with politics, culture and religion,” said Jennifer Granick, an attorney with the American Civil Liberties Union. “This example shows why it is dangerous. If I want to find good information about vaccines, I can’t find it.”"
"Jen King, director of consumer privacy at Stanford’s Center for Internet and Society, thinks it's a sign Facebook may be ready to actually take privacy seriously. "It's possible that Facebook has finally gotten the memo and is really trying to make change," King told WIRED.
"Some cyberlaw experts fear a ruling against Grindr will put the creativity of the internet as we know it at risk. They say that requiring platforms to more closely monitor users would give an advantage to tech giants like Facebook, Twitter, and Google while hindering smaller startups with niche audiences, including Grindr. It would be more expensive to start new businesses online because of the cost of hiring watchdogs, said Jennifer Granick, surveillance and cybersecurity counsel at the American Civil Liberties Union.
""So far, we've likely only seen the tip of the iceberg when it comes to the government’s use of hacking in criminal and immigration investigations,” Jennifer Granick, the ACLU's surveillance and cybersecurity counsel, said in a statement after the suit was filed."
Jennifer Granick, Director of Civil Liberties, will speaking at the ISSA-LA Summitt.
More information: https://issalasummit9.wpengine.com/?page_id=285/#Granick
Title: American Spies, Modern Surveillance, and You
Jennifer Granick talks about how notions of privacy have changed over the years and where she thinks things are headed in the future. She is a professor at the Stanford School of Law and Director of Civil Liberties at the Center for Internet and Society, where she specializes in the intersection of engineering, privacy and the law.
What kind of surveillance assistance can the U.S. government force companies to provide? This issue has entered the public consciousness due to the FBI's demand in February that Apple write software to help it access the San Bernardino shooter's encrypted iPhone. Technical assistance orders can go beyond the usual government requests for user data, requiring a company to actively participate in the government's monitoring of the targeted user(s).
In this week's feature interview we're chatting with Stanford's very own Jennifer Granick about a recent ruling in a Virginia court that appears to give the FBI permission to hack into any computer it wants, sans warrant. Well that's what the headlines are screaming, anyway. But as you'll hear, it's not quite that black and white.
""What was remarkable was that the public hadn't seen the argument surfaced," says Jennifer Granick at the Stanford Center for Internet and Society. She says Judge Orenstein was trying to stoke a public debate. "Judge Orenstein had concerns about whether the government's legal argument was a valid legal argument."