High Res Photo of Jennifer Granick
Photo credit: Michael Sugrue
Today’s reporting by the Intercept calls into question whether the NSA minimizes so-called metadata relating to Americans’ digital communications and telephone calls. This is one of the questions I implored the Privacy and Civil Liberties Oversight Board (PCLOB) to get to the bottom of. It is a question that PCLOB Chairman David Medine thought the Board had a definitive—affirmative--answer to. But today’s story shows doubt still plagues our understanding of how the NSA’s information collection affects American privacy.
TL;DR: A little bit, but not enough.
Yesterday, the Privacy and Civil Liberties Oversight Board (PCLOB) issued a massive report about the legally and technologically complicated government surveillance program operating under section 702 of the FISA Amendments Act
Today, the Eleventh Circuit rejected the exceedingly common law enforcement practice of warrantlessly tracking suspects’ physical location using cell phone tower data. The opinion, United States v. Davis, is both welcome and overdue. Defendants who have and will be physically tracked without a warrant have new legal support to challenge that surveillance.
Does the House Permanent Select Committee on Intelligence understand intelligence gathering?
After all, that committee is charged with oversight over the United States’ vast surveillance bureaucracy. And yet, comments from the chair of the committee, Rep. Devin Nunes (R-Calif.), suggest that he is unclear on the concept.
In our previous posts, we’ve argued that the NSA is collecting massive amounts of data about US citizens under conditions that have nothing to do with terrorism or national security, thanks to the authorities granted to the US government by section 702 of the Foreign Intelligence Surveillance Act.
"Storing passwords in an encrypted format is “not just best practice, it’s something that industry should always do,” said Jennifer Granick, a lawyer with the American Civil Liberties Union. “Facebook’s failure to do that will really upset the FTC,” she said"
"Jennifer Granick, attorney with ACLU, points out that the arguments, or those engaging in them, are often paradoxical. The same people who don’t want Facebook to restrict job searches to people of certain age or housing by ethnicity may want Facebook to remove what they consider hateful speech. The social media companies also talk from both sides of their mouth, arguing like media companies that they need to cover both sides of, say, political issues, but then pooh-poohing calls for the kind of regulation media companies have.
"How long have you operated with that assumption?
Probably 20 years. I had an incident occur in my hotel room at Black Hat. My room was broken into, and my tech was compromised. They pulled the hard drive out of the wall safe, plugged it into my Linux laptop, booted it up off of a different drive, and then accessed files and copied it. Then they put the drive back in the safe.
"“There’s a secretive process with no real appeal where people are making extremely difficult subjective calls that have to do with politics, culture and religion,” said Jennifer Granick, an attorney with the American Civil Liberties Union. “This example shows why it is dangerous. If I want to find good information about vaccines, I can’t find it.”"
"Jen King, director of consumer privacy at Stanford’s Center for Internet and Society, thinks it's a sign Facebook may be ready to actually take privacy seriously. "It's possible that Facebook has finally gotten the memo and is really trying to make change," King told WIRED.
To celebrate the one-year anniversary of the Stanford Cryptography Policy Project, we are holding an afternoon event highlighting our research and accomplishments over the past year. As our keynote speakers, it is our pleasure to welcome the Honorable Stephen W. Smith, Magistrate Judge of the Southern District of Texas, and Paul S. Grewal, former Magistrate Judge of the Northern District of California.
What kind of surveillance assistance can the U.S. government force companies to provide? This issue has entered the public consciousness due to the FBI's demand in February that Apple write software to help it access the San Bernardino shooter's encrypted iPhone. Technical assistance orders can go beyond the usual government requests for user data, requiring a company to actively participate in the government's monitoring of the targeted user(s).
On Wednesday, February 17, The Center on Democracy, Development and the Rule of Law at Stanford, The Center for International Governance Innovation, and the Research Advisory Network of the Global Commission on Internet Governance will present an all-day conference entitled "New Alliances in Cybersecurity, Human Rights and Internet Governance." The conference will discuss the challenges of creating a regime of internet governance that pays attention to security and human rights in the digital context.
Over the course of two days in February 2016, the Strauss Center at the University of Texas-Austin will host a unique and timely conference focused on the legal and policy dimensions of cybersecurity.