Riana Pfefferkorn is the Cryptography Fellow at the Stanford Center for Internet and Society. Her work, made possible through funding from the Stanford Cyber Initiative, focuses on investigating and analyzing the U.S. government's policy and practices for forcing decryption and/or influencing crypto-related design of online platforms and services, devices, and products, both via technical means and through the courts and legislatures. Riana also researches the benefits and detriments of strong encryption on free expression, political engagement, economic development, and other public interests.
Prior to joining Stanford, Riana was an associate in the Internet Strategy & Litigation group at the law firm of Wilson Sonsini Goodrich & Rosati, where she worked on litigation and counseling matters involving online privacy, Internet intermediary liability, consumer protection, copyright, trademark, and trade secrets and was actively involved in the firm's pro bono program. Before that, Riana clerked for the Honorable Bruce J. McGiverin of the U.S. District Court for the District of Puerto Rico. She also interned during law school for the Honorable Stephen Reinhardt of the U.S. Court of Appeals for the Ninth Circuit. Riana earned her law degree from the University of Washington School of Law and her undergraduate degree from Whitman College.
High Res Photo of Riana Pfefferkorn
Researchers at the Stanford Center for Internet and Society (CIS) filed a petition yesterday seeking to unseal judicial records in San Francisco federal district court. Their goal is to reveal how the federal government uses U.S. law to obligate smartphone manufacturers and Internet companies to decrypt private user data, turn over encryption keys, or otherwise assist law enforcement with digital surveillance.
Yesterday, the Center for Internet and Society filed a new Freedom of Information Act (FOIA) request to uncover the U.S. government’s legal strategies for defeating encryption in law enforcement investigations.
Right now, all eyes are on Riverside, California, where a federal magistrate judge issued an unprecedented and dangerous order to Apple on February 16 compelling the company to create and cryptographically sign a special, crippled version of its iOS software that disables certain iPhone security features.
The Berklett Cybersecurity Project of the Berkman Center for Internet and Society at Harvard University has just released a new report on the so-called “going dark problem” that is fueling law enforcement demands for access to encrypted information. The report, “Don’t Panic: Making Progress on the ‘Going Dark’ Debate,” concludes that new consumer technologies will increasingly provide a wealth of data to governments about individual movements and activities.
Arguing that if the court should not compel Apple to create software to enable unlocking and search of the San Bernardino shooter’s iPhone, it will jeopardize digital and personal security more generally.
Slides from the BlackHat 2016 presentation by Jennifer Granick and Riana Pfefferkorn titled "When the Cops Come A-Knocking: Handling Technical Assistance Demands from Law Enforcement."
In the name of saving cybersecurity, a new bill before Congress would kill cybersecurity. On April 13, Senators Richard Burr (R-NC) and Dianne Feinstein (D-CA) released an official draft of their long-awaited anti-encryption bill. The sponsors of the “Compliance with Court Orders Act of 2016” (CCOA) call it an innocuous law-and-order measure to ensure that American companies comply with court orders. In truth, it is a technologically tone-deaf and downright dangerous piece of legislation.
"In United States v. Jay Michaud the indictment will be dismissed without prejudice, meaning that the DoJ can pick the case up again within the statute of limitations (five yearsin this case) if it chooses.
"Riana Pfefferkorn, one of the lawyers who first found this judicial opinion and publicized it on Twitter, told Ars that part of the problem with these types of cases is that this cutting edge of judicial analysis is largely happening "outside the public eye."
"In an opinion found by Stanford cryptography fellow Riana Pfefferkorn, from magistrate Judge M. David Weisman (published below), the court denied the government's application for that request, even though the police sought to search devices as part of an investigation into child pornography."
"Riana Pfefferkorn -- who helped write an amicus brief on Apple's behalf (along with several other security researchers and professors) -- pointed out on Twitter that Cellebrite's hacking is exactly the sort of risk the government refused to seriously contemplate during its pursuit of an All Writs Order forcing Apple to open up the phone for the FBI."
"Jennifer Granick, director of Civil Liberties at the Stanford Center for Internet and Society, explained that separating the needs of law enforcement from the public’s rights under the Constitution is not as simple as it might seem. She calls this policy battle the third “crypto war.”
The EastWest Institute’s Global Cooperation in Cyberspace program anticipates future security risks, defines the outlines of potential conflict and brings together the people who can do something about it.
January 17, 2017
5:30 pm – 7:00 pm
In this digital day and age we’re grappling with questions like:
On December 1, 2016, significant and controversial changes to Federal Rule of Criminal Procedure 41 are scheduled go into effect. Today, Rule 41 prohibits a federal judge from issuing a search warrant outside of the judge’s district, with some exceptions.Traditionally, federal judges may only issue warrants that will be executed within their own districts. The revised Rule 41 would permit judges to issue search and seizure warrants for computers outside their jurisdictions, in two circumstances: if the computer’s true location has been hidden through technological means (such as Tor), or, in a computer-hacking investigation under the CFAA, if the affected computers are located in five or more districts.
In this digital day and age we’re grappling with questions like:
- What are the key digital policy issues that matter to nonprofits in 2017?
- What are the most pressing challenges to nonprofits and activists?
- What should nonprofits, foundations and community activists know about? How can they get involved? And what should they be doing to keep themselves and their communities safe?
This event will help inform and open a conversation on this topic with our audience of foundation and nonprofit leaders, students, philanthropists and more.
What kind of surveillance assistance can the U.S. government force companies to provide? This issue has entered the public consciousness due to the FBI's demand in February that Apple write software to help it access the San Bernardino shooter's encrypted iPhone. Technical assistance orders can go beyond the usual government requests for user data, requiring a company to actively participate in the government's monitoring of the targeted user(s).