High Res Photo of Jennifer Granick
Photo credit: Michael Sugrue
In September 2016, we filed a Petition in the Northern District of California (the federal district court for the Bay Area and much of Northern California) asking the court to unseal years’ worth of surveillance matters filed there. We had our first hearing before the court on May 4.
Senator Chris Coons, Democrat from Delaware, offered a bill today that would delay implementation of proposed changes to Federal Rule of Criminal Procedure 41 for six months. Stanford’s Center for Internet and Society and Mozilla have been studying issues related to government hacking including the Rule 41 changes.
Researchers at the Stanford Center for Internet and Society (CIS) filed a petition yesterday seeking to unseal judicial records in San Francisco federal district court. Their goal is to reveal how the federal government uses U.S. law to obligate smartphone manufacturers and Internet companies to decrypt private user data, turn over encryption keys, or otherwise assist law enforcement with digital surveillance.
On Monday, I wrote a post for Just Security where I reflected on last week's news concerning the FBI's attempts to coerce Apple into creating a forensic bypass to the iPhone passcode lockout. I wrote that we live in a software-defined world. In 2000, Lawrence Lessig wrote that Code is Law — the software and hardware that comprise cyberspace are powerful regulators that can either protect or threaten liberty. A few years ago, Mark Andreessen wrote that software was eating the world, pointing to a trend that is hockey sticking today. Software is redefining everything, even national defense.
Encryption helps human rights workers, activists, journalists, financial institutions, innovative businesses, and governments protect the confidentiality, integrity, and economic value of their activities. However, strong encryption may mean that governments cannot make sense of data they would otherwise be able to lawfully access in a criminal or intelligence investigation.
Arguing that a defendant’s conviction for website hacking should be overturned because legitimate, highly valuable security and privacy research commonly employs techniques that are essentially identical to what the defendant did and that such independent research is of great value to academics, government regulators and the public even when – often especially when — conducted without a website owner’s permission.
Arguing that if the court should not compel Apple to create software to enable unlocking and search of the San Bernardino shooter’s iPhone, it will jeopardize digital and personal security more generally.
After the Estate of James Joyce refused to allow a scholar to quote Joyce in her book, we successfully defended her right under the fair use doctrine to use the quotes she needed to illustrate her scholarship. After we prevailed in the case, the Estate paid $240,000 of our client’s legal fees.
Last week’s big cybersecurity news was that the FBI obtained a court order to force Apple to develop new software that would bypass several iPhone security features so the FBI can attempt to unlock the work phone of one of the San Bernardino shooters. Apple plans to challenge that order. (Full disclosure: I am planning on writing a technologists’ amicus brief on Apple’s side in that challenge.)
On Friday, Congress will vote on a mutated version of security threat sharing legislation that had previously passed through the House and Senate. These earlier versions would have permitted private companies to share with the federal government categories of data related to computer security threat signatures. Companies that did so would also receive legal immunity from liability under the Electronic Communications Privacy Act (ECPA) and other privacy laws.
Here’s the latest in the encryption case we’ve been writing about in which the Justice Department is asking Magistrate Judge James Orenstein to order Apple to unlock a criminal defendant’s passcode-protected iPhone. The government seized and has authority to search the phone pursuant to a search warrant.
Pending before federal magistrate judge James Orenstein is the government’s request for an order obligating Apple, Inc. to unlock an iPhone and thereby assist prosecutors in decrypting data the government has seized and is authorized to search pursuant to a warrant.
Last week, we wrote about an order from a federal magistrate judge in New York that questioned the government’s ability, under an ancient federal law called the All Writs Act, to compel Apple to decrypt a locked device which the government had seized and is authorized to search pursuant to a warrant.
"“The lawsuit is asking for two things,” said Jennifer Granick, the director of civil liberties at Stanford’s Center for Internet and Society.
“That people be notified eventually, if they are spied on, and, two, it’s asking for a much more scrupulous and discriminating use of gag orders, which are now seemingly routine when they are supposed to be extraordinary.”"
"n addition, defense counsel would undoubtedly demand the right for their own third-party experts to have access not only to the source code, but to further demand the right to simulate the testing environment and run this code on their own systems in order to confirm the veracity of evidence.
"While some proponents of both have laudable goals–protecting the intellectual property of innovators and building intelligence that can save lives–the dangers posed by each are significant.
Technologists have warned about both at length. Jennifer Granick, for example, described in excellent detail the risk of creating a world in which black boxes make life-and-death decisions that cannot be reliably audited. Apple and others have described the risk of backdoor exploits being obtained and abused by criminals.
""The justices had phones [by 1967], and they knew that they talked about their most private stuff on those phones," says Jennifer Stisa Granick, director of civil liberties at the Stanford Center for Internet and Society. "So a case that considered warrantless wiretapping looks a lot different. ... And I think that same exact dynamic is happening here.""
Eight years ago, Barack Obama arrived in Washington pledging to reverse the dramatic expansion of state surveillance his predecessor had presided over in the name of fighting terrorism. Instead, the Obama administration saw the Bush era’s “collect it all” approach to surveillance become still more firmly entrenched. Meanwhile, the advanced spying technologies once limited to intelligence agencies have been gradually trickling down to local police departments.
Join Mozilla and Stanford CIS for the second installment in a series of conversations about government hacking. Information from our first event, discussing the upcoming changes to Federal Rule of Criminal Procedure 41, are available at that event’s page here.
On December 1, 2016, significant and controversial changes to Federal Rule of Criminal Procedure 41 are scheduled go into effect. Today, Rule 41 prohibits a federal judge from issuing a search warrant outside of the judge’s district, with some exceptions.Traditionally, federal judges may only issue warrants that will be executed within their own districts. The revised Rule 41 would permit judges to issue search and seizure warrants for computers outside their jurisdictions, in two circumstances: if the computer’s true location has been hidden through technological means (such as Tor), or, in a computer-hacking investigation under the CFAA, if the affected computers are located in five or more districts.
Stanford CIS brings together scholars, academics, legislators, students, programmers, security researchers, and scientists to study the interaction of new technologies and the law and to examine how the synergy between the two can either promote or harm public goods like free speech, innovation, privacy, public commons, diversity, and scientific inquiry. Come hear CIS Directors Jennifer Granick + Daphne Keller and Resident Fellows Riana Pfefferkorn + Luiz Fernando Marrey Moncau talk about our work, and the assistance CIS provides to students in learning about these issues, selecting courses, identifying job opportunities, and making professional connections.
If you attended a recent march to protest, wrote a check to the ACLU, or recently visited a politically leaning website, consider yourself an activist, says Stanford legal scholar Granick. Not only might the government be watching you, but your digital footprint could end up being visible to people and organizations you never imagined would care. Know your risks and take safety precautions, advises Granick, or don’t be surprised at the troubling outcome.
In the post-Snowden era, we don't have to tell you how important it is to stay engaged with (and vigilant about) the surveillance state in America. Jennifer Granick is the Director of Civil Liberties at the Stanford Center for Internet and Society, and author of the new book American Spies — and this week she joins us for an in-depth discussion about the surveillance sta
Intelligence agencies in the U.S. (aka the American Spies) are exceedingly aggressive, pushing and sometimes bursting through the technological, legal and political boundaries of lawful surveillance.
The Snowden revelations, while dramatic, have done little to amp up public concern about personal surveillance.
After all, thanks to technology, electronic spying is cheap — so cheap the government can’t afford not to do it.
The internet makes access to information incredibly easy, and we normally see that as a good thing. But what if the information being accessed is details of our private lives? And what if the person accessing them is a government intelligence agency? This week we speak with Jennifer Granick, author of "American Spies" and director of civil liberties at the Stanford Center for Internet and Society, about the quest for privacy in the age of surveillance.