High Res Photo of Jennifer Granick
Photo credit: Michael Sugrue
Last week, we argued that the public discussion surrounding two of the government’s most controversial mass surveillance programs – PRISM and Upstream – has not sufficiently acknowledged the broad scope of collection under these programs, which take place under section 702 of the Foreign Intelligence Surveillance Act (FISA). In short, hiding behind the counterterrorism justifications for section 702 is a broad surveillance program that sucks up massive amounts of irrelevant private data.
The legal authority behind the controversial PRISM and Upstream surveillance programs used by the NSA to collect large swaths of private communications from leading Internet companies – Section 702 of the Foreign Intelligence Surveillance Act (FISA) – is scheduled to expire on December 31, 2017. In recent months, Congress began to review these programs to assess whether to renew, reform, or retire section 702. Unfortunately, it appears the debate has already been skewed by misconceptions about the true scope of surveillance conducted under the contentious provision.
"In a session at the Black Hat conference in Las Vegas, Stanford Center for Internet and Society director of Civil Liberties Jennifer Granick and Cryptography Fellow Riana Pfefferkorn, acknowledged that there is more information about us than ever before, with sensors both on and offline. All encryption is doing, they said, is removing a fraction of law enforcement.
"Touching on cases like the Snowden or the Lavabit incidents, the duo strongly emphasized that companies should start asking themselves a couple of questions before law enforcement actually comes knocking at their door. Knowing what they collect, how they store it, for how long, why, what can it access, does it encrypt data and where are keys stored – are only a few of them.
"3. How to push back against law enforcement requests
"“The lawsuit is asking for two things,” said Jennifer Granick, the director of civil liberties at Stanford’s Center for Internet and Society.
“That people be notified eventually, if they are spied on, and, two, it’s asking for a much more scrupulous and discriminating use of gag orders, which are now seemingly routine when they are supposed to be extraordinary.”"
"However, it's unclear how Microsoft's lawsuit will fare. It would be "premature to guess" how successful Microsoft is likely to be, Jennifer Granick, the director of civil liberties at the Stanford Center for Internet and Society, said in an email."
Jennifer Granick will be presenting her paper Principles for Regulation of Government Surveillance in the Age of Big Data.
For more information visit: http://law.scu.edu/hightech/2013-internet-law-wip.cfm
Solutions to many pressing economic and societal challenges lie in better understanding data. New tools for analyzing disparate information sets, called Big Data, have revolutionized our ability to find signals amongst the noise. Big Data techniques hold promise for breakthroughs ranging from better health care, a cleaner environment, safer cities, and more effective marketing. Yet, privacy advocates are concerned that the same advances will upend the power relationships between government, business and individuals, and lead to prosecutorial abuse, racial or other profiling, discrimination, redlining, overcriminalization, and other restricted freedoms.
Have you ever borrowed a smartphone without asking? Modified a URL? Scraped a website? Called an undocumented API? Congratulations: you might have violated federal law! A 1986 statute, the Computer Fraud and Abuse Act (CFAA), provides both civil and criminal remedies for mere "unauthorized" access to a computer.
The Journal of National Security Law & Policy and The Georgetown Center on National Security and the Law proudly present "Swimming in the Ocean of Big Data: National Security in an Age of Unlimited Information".