High Res Photo of Jennifer Granick
Photo credit: Michael Sugrue
Last Friday, a New York federal judge joined in the contentious current debate over whether tech companies should be forced to provide law enforcement the ability to decipher encrypted data stored on smartphones and in the cloud.
In two years, section 702 of the FISA Amendments Act will expire. It is essential the public to have confidence that any reforms to section 702 will actually address problems with PRISM and Upstream surveillance. To get that confidence, we have to know a lot more about how the intelligence community is using section 702. That understanding requires more investigation.
Today we sent a letter to lawmakers expressing security experts' opposition to the Cybersecurity Information Sharing Act (CISA) as well as two other pending bills that purport to be about security information sharing, the Protecting Cyber Networks Act (PCNA), and the National Cybersecurity Protection Advancement Act of 2015. These experts agree that the information sharing bills unnecessarily waive privacy rights because they focus on sharing information beyond that needed for cybersecurity.
Right now, a battle is underway to reform the Computer Fraud and Abuse Act, a statute that can transform innocuous workplace behavior into a federal crime, simply because a computer is involved. The CFAA is a bludgeon that Big Business and the Department of Justice have willingly used against the American worker, and its time for that to stop.
The first part of this article outlined the mechanics of the Megaupload website, and the novel questions of criminal inducement on which the government's indictment is premised. Here, we explore two more extensions of existing law on which the indictment is based, and the impact this prosecution is likely to have on Internet innovators and users alike.
Days after anti-piracy legislation stalled in Congress, the U.S. Department of Justice coordinated an unprecedented raid on the Hong Kong-based website Megaupload.com. New Zealand law enforcement agents swooped in by helicopter to arrest founder Kim Dotcom at his home outside of Auckland, and seized millions of dollars worth of art, vehicles and real estate. Six other Megaupload employees were also arrested. Meanwhile, the Justice Department seized Megaupload's domain names and the data of at least 50 million users worldwide.
"Not only will it likely reveal more about the secret NSA surveillance program, but it could also potentially end such surveillance, explained Jennifer Granick, director of civil liberties at Stanford Law School’s Center for Internet and Society. “This is a chance for a real challenge to the programmatic nature of the surveillance.”"
"Cyber law professor Jennifer Granick of Stanford University suggests auto-industry style liability is not appropriate for software.
"While it is true that companies need to start to prioritize security in coding, it is unreasonable to ask Microsoft to be liable for anything that can be done with the 50 million lines of code in Windows 10," Granick told Fortune by email."
"In re: Petition of Jennifer Granick and Riana Pfefferkorn to unseal technical-assistance orders and materials began last year, when the two Stanford University-affiliated lawyers sought to shed light on how the government conducts domestic snooping and exerts pressure on companies to aid federal efforts to thwart cryptography.
"That right also applies to acts that are "testimonial" and have communicative aspects, according to Jennifer Granick, director of civil liberties at the Stanford Center for Internet and Society.
"And as Jennifer Granick notes in her excellent new book American Spies, executive-branch claims that Section 702 has been vital to preventing terrorist attacks on America are just as specious as previous such claims about the warrantless telephone metadata program that Snowden exposed in 2013.
Eight years ago, Barack Obama arrived in Washington pledging to reverse the dramatic expansion of state surveillance his predecessor had presided over in the name of fighting terrorism. Instead, the Obama administration saw the Bush era’s “collect it all” approach to surveillance become still more firmly entrenched. Meanwhile, the advanced spying technologies once limited to intelligence agencies have been gradually trickling down to local police departments.
Join Mozilla and Stanford CIS for the second installment in a series of conversations about government hacking. Information from our first event, discussing the upcoming changes to Federal Rule of Criminal Procedure 41, are available at that event’s page here.
On December 1, 2016, significant and controversial changes to Federal Rule of Criminal Procedure 41 are scheduled go into effect. Today, Rule 41 prohibits a federal judge from issuing a search warrant outside of the judge’s district, with some exceptions.Traditionally, federal judges may only issue warrants that will be executed within their own districts. The revised Rule 41 would permit judges to issue search and seizure warrants for computers outside their jurisdictions, in two circumstances: if the computer’s true location has been hidden through technological means (such as Tor), or, in a computer-hacking investigation under the CFAA, if the affected computers are located in five or more districts.
Stanford CIS brings together scholars, academics, legislators, students, programmers, security researchers, and scientists to study the interaction of new technologies and the law and to examine how the synergy between the two can either promote or harm public goods like free speech, innovation, privacy, public commons, diversity, and scientific inquiry. Come hear CIS Directors Jennifer Granick + Daphne Keller and Resident Fellows Riana Pfefferkorn + Luiz Fernando Marrey Moncau talk about our work, and the assistance CIS provides to students in learning about these issues, selecting courses, identifying job opportunities, and making professional connections.