High Res Photo of Jennifer Granick
Photo credit: Michael Sugrue
The Internet is under threat, mostly from governments. We need companies to help people stand up to government threats, but companies cannot solve the problems for us. This is what I told the audience on Thursday, at an event co-hosted by CIS and the Program on Liberation Technology.
Tomorrow, all five members of the Privacy and Civil Liberties Oversight Board (PCLOB) will testify before the Senate Judiciary Committee about their recent report concluding that the National Security Agency’s (NSA) bulk collection of phone records under section 215 is illegal and ill-advised. Meanwhile, the PCLOB is gearing up to report in a few months its conclusions regarding mass surveillance of the content of Internet transactions under section 702 of the FISA Amendments Act
Today, Stanford’s Center for Internet and Society joins Greenpeace, Mozilla, Electronic Frontier Foundation, the Libertarian Party, and an array of ideologically diverse groups in The Day We Fight Back against mass surveillance.
Yesterday, I wrote generally about the problems with section 702 of the FISA Amendments Act (FAA). Today I focus on categories of information—including content—that NSA collects under section 702 but maybe never minimizes—meaning one of the few safeguards for U.S. person privacy is non-existent. In short, since the thirteen-page 702 minimization procedures only apply to communications, and since today's NSA probably excludes unshared cloud-stored data from the definition of communications, it's possible no minimization rules apply to protect American privacy.
I've written a lot about the problems with the FISA Amendments Act and section 702, which is the legal basis for the PRISM surveillance program and involves warrantless collection of communications contents via targeting non-U.S. individuals or entities reasonably believed to be located abroad.
Opening brief of Movants-Appellants EFF, ACLU, and Riana Pfefferkorn to the Ninth Circuit in our appeal from the district court's denial of our motion to unseal filings in a sealed case wherein the Department of Justice allegedly sought to compel Facebook to comply with a wiretap order for Facebook's end-to-end encrypted voice calling app, Messenger.
Brief of amici curiae ACLU, ACLU of Georgia, and Riana Pfefferkorn in support of appellant Victor Mobley in Mobley v. State, a Georgia Supreme Court case presenting the question of whether the Fourth Amendment requires a warrant for the seizure of digital data stored by a vehicle -- specifically, a car's event data recorder (EDR).
Reply brief in support of January 2019 objections to magistrate judge's report and recommendation.
Objections to Magistrate Judge's Report and Recommendation to deny the Petition, plus supporting documents (supporting declaration of Jennifer Granick, administrative motion, proposed orders).
"Two lawyers and legal researchers based at Stanford University have formally asked a federal court in San Francisco to unseal numerous records of surveillance-related cases, as a way to better understand how authorities seek such powers from judges. This courthouse is responsible for the entire Northern District of California, which includes the region where tech companies such as Twitter, Apple, and Google, are based.
"The Stanford Center for Internet and Society's Jennifer Granick, director of civil liberties, and Riana Pfefferkorn, cryptography fellow, said at Black Hat 2016 that companies are often under no legal obligation to comply with law enforcement data requests, because data requests are not orders and even court orders are not the law.
"“If you’re ever asked to do something like this, you have a lot of strong legal arguments to say no,” said Jennifer Granick, the Director of Civil Liberties at the Stanford Center for Internet and Society in a Black Hat talk on Thursday. Granick and her Stanford colleague Riana Pfefferkorn, a Cryptography Fellow, ran down relevant laws and what’s currently known about their parameters and limits. They suggested that companies should plan ahead and assume that law enforcement agencies will eventually send them some kind of technical request—if they haven’t already.
"In a session at the Black Hat conference in Las Vegas, Stanford Center for Internet and Society director of Civil Liberties Jennifer Granick and Cryptography Fellow Riana Pfefferkorn, acknowledged that there is more information about us than ever before, with sensors both on and offline. All encryption is doing, they said, is removing a fraction of law enforcement.
"Touching on cases like the Snowden or the Lavabit incidents, the duo strongly emphasized that companies should start asking themselves a couple of questions before law enforcement actually comes knocking at their door. Knowing what they collect, how they store it, for how long, why, what can it access, does it encrypt data and where are keys stored – are only a few of them.
Jennifer Granick, Director of Civil Liberties, will speaking at the ISSA-LA Summitt.
More information: https://issalasummit9.wpengine.com/?page_id=285/#Granick
Title: American Spies, Modern Surveillance, and You
Join Just Security for a fireside chat on the current state of U.S. surveillance and a celebration of Jennifer Granick‘s new book, American Spies: Modern Surveillance, Why You Should Care, And What to Do About It. Opening remarks by Senator Ron Wyden.
US intelligence agencies - the eponymous American spies - are exceedingly aggressive, pushing and sometimes bursting through the technological, legal and political boundaries of lawful surveillance. Written for a general audience by a surveillance law expert, this book educates readers about how the reality of modern surveillance differs from popular understanding.
Jennifer Granick talks about how notions of privacy have changed over the years and where she thinks things are headed in the future. She is a professor at the Stanford School of Law and Director of Civil Liberties at the Center for Internet and Society, where she specializes in the intersection of engineering, privacy and the law.
What kind of surveillance assistance can the U.S. government force companies to provide? This issue has entered the public consciousness due to the FBI's demand in February that Apple write software to help it access the San Bernardino shooter's encrypted iPhone. Technical assistance orders can go beyond the usual government requests for user data, requiring a company to actively participate in the government's monitoring of the targeted user(s).
In this week's feature interview we're chatting with Stanford's very own Jennifer Granick about a recent ruling in a Virginia court that appears to give the FBI permission to hack into any computer it wants, sans warrant. Well that's what the headlines are screaming, anyway. But as you'll hear, it's not quite that black and white.
""What was remarkable was that the public hadn't seen the argument surfaced," says Jennifer Granick at the Stanford Center for Internet and Society. She says Judge Orenstein was trying to stoke a public debate. "Judge Orenstein had concerns about whether the government's legal argument was a valid legal argument."