High Res Photo of Jennifer Granick
Photo credit: Michael Sugrue
The Internet is under threat, mostly from governments. We need companies to help people stand up to government threats, but companies cannot solve the problems for us. This is what I told the audience on Thursday, at an event co-hosted by CIS and the Program on Liberation Technology.
Tomorrow, all five members of the Privacy and Civil Liberties Oversight Board (PCLOB) will testify before the Senate Judiciary Committee about their recent report concluding that the National Security Agency’s (NSA) bulk collection of phone records under section 215 is illegal and ill-advised. Meanwhile, the PCLOB is gearing up to report in a few months its conclusions regarding mass surveillance of the content of Internet transactions under section 702 of the FISA Amendments Act
Today, Stanford’s Center for Internet and Society joins Greenpeace, Mozilla, Electronic Frontier Foundation, the Libertarian Party, and an array of ideologically diverse groups in The Day We Fight Back against mass surveillance.
Yesterday, I wrote generally about the problems with section 702 of the FISA Amendments Act (FAA). Today I focus on categories of information—including content—that NSA collects under section 702 but maybe never minimizes—meaning one of the few safeguards for U.S. person privacy is non-existent. In short, since the thirteen-page 702 minimization procedures only apply to communications, and since today's NSA probably excludes unshared cloud-stored data from the definition of communications, it's possible no minimization rules apply to protect American privacy.
I've written a lot about the problems with the FISA Amendments Act and section 702, which is the legal basis for the PRISM surveillance program and involves warrantless collection of communications contents via targeting non-U.S. individuals or entities reasonably believed to be located abroad.
Encryption helps human rights workers, activists, journalists, financial institutions, innovative businesses, and governments protect the confidentiality, integrity, and economic value of their activities. However, strong encryption may mean that governments cannot make sense of data they would otherwise be able to lawfully access in a criminal or intelligence investigation.
Arguing that a defendant’s conviction for website hacking should be overturned because legitimate, highly valuable security and privacy research commonly employs techniques that are essentially identical to what the defendant did and that such independent research is of great value to academics, government regulators and the public even when – often especially when — conducted without a website owner’s permission.
Arguing that if the court should not compel Apple to create software to enable unlocking and search of the San Bernardino shooter’s iPhone, it will jeopardize digital and personal security more generally.
After the Estate of James Joyce refused to allow a scholar to quote Joyce in her book, we successfully defended her right under the fair use doctrine to use the quotes she needed to illustrate her scholarship. After we prevailed in the case, the Estate paid $240,000 of our client’s legal fees.
Last week’s big cybersecurity news was that the FBI obtained a court order to force Apple to develop new software that would bypass several iPhone security features so the FBI can attempt to unlock the work phone of one of the San Bernardino shooters. Apple plans to challenge that order. (Full disclosure: I am planning on writing a technologists’ amicus brief on Apple’s side in that challenge.)
On Friday, Congress will vote on a mutated version of security threat sharing legislation that had previously passed through the House and Senate. These earlier versions would have permitted private companies to share with the federal government categories of data related to computer security threat signatures. Companies that did so would also receive legal immunity from liability under the Electronic Communications Privacy Act (ECPA) and other privacy laws.
Here’s the latest in the encryption case we’ve been writing about in which the Justice Department is asking Magistrate Judge James Orenstein to order Apple to unlock a criminal defendant’s passcode-protected iPhone. The government seized and has authority to search the phone pursuant to a search warrant.
Pending before federal magistrate judge James Orenstein is the government’s request for an order obligating Apple, Inc. to unlock an iPhone and thereby assist prosecutors in decrypting data the government has seized and is authorized to search pursuant to a warrant.
Last week, we wrote about an order from a federal magistrate judge in New York that questioned the government’s ability, under an ancient federal law called the All Writs Act, to compel Apple to decrypt a locked device which the government had seized and is authorized to search pursuant to a warrant.
"Not only will it likely reveal more about the secret NSA surveillance program, but it could also potentially end such surveillance, explained Jennifer Granick, director of civil liberties at Stanford Law School’s Center for Internet and Society. “This is a chance for a real challenge to the programmatic nature of the surveillance.”"
"Cyber law professor Jennifer Granick of Stanford University suggests auto-industry style liability is not appropriate for software.
"While it is true that companies need to start to prioritize security in coding, it is unreasonable to ask Microsoft to be liable for anything that can be done with the 50 million lines of code in Windows 10," Granick told Fortune by email."
"In re: Petition of Jennifer Granick and Riana Pfefferkorn to unseal technical-assistance orders and materials began last year, when the two Stanford University-affiliated lawyers sought to shed light on how the government conducts domestic snooping and exerts pressure on companies to aid federal efforts to thwart cryptography.
"That right also applies to acts that are "testimonial" and have communicative aspects, according to Jennifer Granick, director of civil liberties at the Stanford Center for Internet and Society.
"And as Jennifer Granick notes in her excellent new book American Spies, executive-branch claims that Section 702 has been vital to preventing terrorist attacks on America are just as specious as previous such claims about the warrantless telephone metadata program that Snowden exposed in 2013.
Jennifer Granick, Director of Civil Liberties, will speaking at the ISSA-LA Summitt.
More information: https://issalasummit9.wpengine.com/?page_id=285/#Granick
Title: American Spies, Modern Surveillance, and You
Join Just Security for a fireside chat on the current state of U.S. surveillance and a celebration of Jennifer Granick‘s new book, American Spies: Modern Surveillance, Why You Should Care, And What to Do About It. Opening remarks by Senator Ron Wyden.
US intelligence agencies - the eponymous American spies - are exceedingly aggressive, pushing and sometimes bursting through the technological, legal and political boundaries of lawful surveillance. Written for a general audience by a surveillance law expert, this book educates readers about how the reality of modern surveillance differs from popular understanding.
Jennifer Granick, Director of Civil Liberties, is in this episode discussing Stingray technology.
"Truth and Power" highlights Daniel Rigmaiden, the young tech-genius who exposed STINGRAY - a secret government surveillance technology that hacks into your cell phones. All New Episodes - Fridays at 10 p.m. ET / PT on Pivot. Learn more at http://bit.ly/TruthAndPowerPivot.
ABOUT THE SHOW
""The phone companies may already have data retention obligations under the Communications Act, but there's no additional obligation as a result of USA Freedom having passed," says Jennifer Granick, director of civil liberties at Stanford University's Center for Internet and Society.
"A year ago, a European Court said people had a right to demand Google take down certain search results about them. Theright to be forgotten was born.
“That idea is spreading in some areas,” says Jennifer Granick, Director of Civil Liberties for the Stanford Center for Internet and Society.
Jennifer Granick, Director of Civil Liberties, presented her work with the Stanford Center for Internet and Society, and the impacts of Edward Snowden.