High Res Photo of Jennifer Granick
Photo credit: Michael Sugrue
The Librarian of Congress recently decided in their triennial DMCA exemption rule-making process to remove the existing exemption that allowed individuals to unlock their own mobile phones to use on the compatible network of their choice. As a result of this decision, individuals no longer have clear immunity to unlock new phones - thereby putting them in potential legal jeopardy.
In the face of efforts to reform the Computer Fraud and Abuse Act (CFAA), some buinesses have told lawmakers that the CFAA should be used to punish breach of contract where the breacher acted "for purposes of commercial advantage or private financial gain". Such a proposal does not fix the ability of prosecutors to go after people for disregarding terms of service.
Worse, the idea is unprecedented, dangerous and unacceptable.
The Hacker Manifesto lauds the world of the electron and the switch, where the talented are treated equally and the values of curiosity and exploration reign supreme. Yet studying computers, network security, and programming flaws can be a crime or civil offense. Just two examples: In Sony v. Hotz (2011), a case that eventually settled, Sony claimed that researchers who studied the way their own game consoles worked violated the CFAA.
Law professor and cybercrime expert Orin Kerr published a proposal to amend the Computer Fraud and Abuse Act (CFAA) to address the overcriminalization that he has been at the forefront of identifying and combatting. His current proposal, which very simply but comprehensively addresses a number of problems with the CFAA, is here.
By focusing purely on whether the service operator implements technological access barriers, the proposal risks a similar problem to the one that the current statute has, giving server owners plenary authority to criminalize the way members of the public interact with information made available online, but through “technological access barriers” rather than merely terms of service and employee agreements.
Yesterday, Representative Zoe Lofgren introduced on Reddit a bill to improve the Computer Fraud and Abuse Act in the wake of Aaron Swartz's suicide during the pendency of his prosecution for violating various provisions of that law and of the Wire Fraud Act. I've attached
Encryption helps human rights workers, activists, journalists, financial institutions, innovative businesses, and governments protect the confidentiality, integrity, and economic value of their activities. However, strong encryption may mean that governments cannot make sense of data they would otherwise be able to lawfully access in a criminal or intelligence investigation.
Arguing that a defendant’s conviction for website hacking should be overturned because legitimate, highly valuable security and privacy research commonly employs techniques that are essentially identical to what the defendant did and that such independent research is of great value to academics, government regulators and the public even when – often especially when — conducted without a website owner’s permission.
Arguing that if the court should not compel Apple to create software to enable unlocking and search of the San Bernardino shooter’s iPhone, it will jeopardize digital and personal security more generally.
After the Estate of James Joyce refused to allow a scholar to quote Joyce in her book, we successfully defended her right under the fair use doctrine to use the quotes she needed to illustrate her scholarship. After we prevailed in the case, the Estate paid $240,000 of our client’s legal fees.
Reply brief of Movants-Appellants EFF, ACLU, and Riana Pfefferkorn to the Ninth Circuit in our appeal from the district court's denial of our motion to unseal filings in a sealed case wherein the Department of Justice allegedly sought to compel Facebook to comply with a wiretap order for Facebook's end-to-end encrypted voice calling app, Messenger.
Opening brief of Movants-Appellants EFF, ACLU, and Riana Pfefferkorn to the Ninth Circuit in our appeal from the district court's denial of our motion to unseal filings in a sealed case wherein the Department of Justice allegedly sought to compel Facebook to comply with a wiretap order for Facebook's end-to-end encrypted voice calling app, Messenger.
Brief of amici curiae ACLU, ACLU of Georgia, and Riana Pfefferkorn in support of appellant Victor Mobley in Mobley v. State, a Georgia Supreme Court case presenting the question of whether the Fourth Amendment requires a warrant for the seizure of digital data stored by a vehicle -- specifically, a car's event data recorder (EDR).
Reply brief in support of January 2019 objections to magistrate judge's report and recommendation.
"Jennifer Granick, surveillance and cybersecurity counsel at the American Civil Liberties Union (ACLU), noted that “increasingly, modern surveillance is mass surveillance” which can be facilitated by new technologies and the internet.
Secretive large scale surveillance differs from warrant-directed searches by the volume and depth of data and could be abetted by the ease of converting in-home appliances with microphones and cameras into “surveillance machines”, she said."
"Even Hutchins’s defenders say if he’s guilty some punishment is in order, but his prosecution also sends a mixed message. Hutchins had been a model of public-private cooperation at a time when the government was having difficulty recruiting cybersecurity talent. (James Comey irritated the community in 2014 when he said the FBI struggled to hire people because “some of those kids want to smoke weed on the way to the interview.”) Some security researchers said they would stop sharing information with the government in protest.
"“The law is clearly targeted at economic activity and is being applied to an entirely different category to suppress speech,” said Jennifer Granick, an attorney with the American Civil Liberties Union."
"“This sanctions law, which was written for one purpose,” said Jennifer Stisa Granick, a staff attorney with the American Civil Liberties Union’s Speech, Privacy and Technology project, “is being used to suppress speech with little consideration of the free expression values and the special risks of blocking speech, as opposed to blocking commerce or funds as the sanctions was designed to do. That’s really problematic.”"
"Jennifer Granick, a lawyer with the ACLU’s technology division, said that abuses of power will become unavoidable if companies continue to face pressure to moderate their content.
“It's not a surprise that Twitter employees have this capability,” Granick said. “The public and Congress have been demanding that the platform companies create the ability to ban people from the platform or delete particular messages.”"
Come meet CIS and hear about our exciting work and ways to get involved.
On January 19, 2012, Kim DotCom was arrested in a dramatic raid after being indicted on federal criminal charges that he knew that his website, MegaUpload, was a haven of piracy and counterfeiting. In the days that followed, the media commented on the presumed guilt of MegaUpload. In this debate, Jim argues that the law and evidence clearly point to MegaUpload's officers being found guilty, while Jennifer will argue that the MegaUpload case is built on unprecedented and wrongheaded interpretations of copyright law, and thus the principles should be found not guilty.
Prompted by the Google Street View WiFi sniffing scandal, the question of whether and how the law regulates interception of unencrypted wireless communications has become a hot topic in the courts, in the halls of the FCC, on Capitol Hill, and in the security community. Are open WiFi communications protected by federal wiretap law, unprotected, or some strange mix of the two? (Surprise: it may be the last one, so you'll want to come learn the line between what's probably illegal sniffing and what's probably not.)
Has it really been 15 years? Time really flies when keeping up with Moore's law is the measure. In 1997, Jeff Moss held the very first Black Hat. He gathered together some of the best hackers and security minds of the time to discuss the current state of the hack. A unique and neutral field was created in which the security community--private, public, and independent practitioners alike—could come together and exchange research, theories, and experiences with no vendor influences. That idea seems to have caught on. Jeff knew that Black Hat could serve the community best if it concentrated on finding research by some of the brightest minds of the day, and he had an uncanny knack for finding them.
Three dimensional printing turns bits into atoms. The technology is simply amazing. These machines draw on programming, art and engineering to enable people to design and build intricate, beautiful, functional jewelry, machine parts, toys and even shoes. In the commercial sector, 3D printing can revolutionize supply chains as well. As the public interest group Public Knowledge wrote once, "It will be awesome if they don't screw it up."
Jennifer Granick appears at 46:44.
Ask Americans what the Constitution’s most important feature is, and most will say it’s the guarantees of liberty enshrined in the Bill of Rights, the first ten amendments of the Constitution.
Americans are fiercely proud of their freedoms but they continue to argue about what those basic rights are and how they can be sustained in a changing world. Are our rights unchangeable, or should they evolve over time? What is the proper role for the courts in interpreting rights?