Riana Pfefferkorn is the Cryptography Fellow at the Stanford Center for Internet and Society. Her work, made possible through funding from the Stanford Cyber Initiative, focuses on investigating and analyzing the U.S. government's policy and practices for forcing decryption and/or influencing crypto-related design of online platforms and services, devices, and products, both via technical means and through the courts and legislatures. Riana also researches the benefits and detriments of strong encryption on free expression, political engagement, economic development, and other public interests.
Prior to joining Stanford, Riana was an associate in the Internet Strategy & Litigation group at the law firm of Wilson Sonsini Goodrich & Rosati, where she worked on litigation and counseling matters involving online privacy, Internet intermediary liability, consumer protection, copyright, trademark, and trade secrets and was actively involved in the firm's pro bono program. Before that, Riana clerked for the Honorable Bruce J. McGiverin of the U.S. District Court for the District of Puerto Rico. She also interned during law school for the Honorable Stephen Reinhardt of the U.S. Court of Appeals for the Ninth Circuit. Riana earned her law degree from the University of Washington School of Law and her undergraduate degree from Whitman College.
High Res Photo of Riana Pfefferkorn
On October 10, Deputy Attorney General Rod Rosenstein gave a speech at the U.S. Naval Academy about encryption. I have a lot to say about his remarks, so this will be a long post. Much of Rosenstein’s speech recycled the same old chestnuts that law enforcement’s been repeating about crypto for years. I’m happy to roast those chestnuts.
On September 18, the Department of Homeland Security (DHS) revealed a new policy for collecting immigrants’ social media information.
In September 2016, we filed a Petition in the Northern District of California (the federal district court for the Bay Area and much of Northern California) asking the court to unseal years’ worth of surveillance matters filed there. We had our first hearing before the court on May 4.
Arguing that if the court should not compel Apple to create software to enable unlocking and search of the San Bernardino shooter’s iPhone, it will jeopardize digital and personal security more generally.
Last week, Deputy Attorney General Rod Rosenstein gave a speech about encryption that prompted a considerable amount of well-deserved blowback. His speech rehashed a number of long-discredited technical proposals for “solving” the “going dark” problem, and it also misstated the law.
"The researchers are members of the Center for Internet and Society at Stanford Law School and part of the organization’s Crypto Policy Project, a group established in 2015 to investigate the government policies “forcing decryption and/or influencing crypto-related design of online platforms and services, devices, and products, both via technical means and through the courts.”
"Riana Pfefferkorn, cryptography fellow at the Stanford Center for Internet and Society, said the issue could be resolved by Congress first with the decision on "a pending change to Rule 41 of the Federal Rules of Criminal Procedure, which governs the issuance of search and seizure warrants by federal judges."
""Building secure software is a highly challenging task, even for a world-class team such as Apple's," Riana Pfefferkorn, Cryptography Fellow at the Stanford Center for Internet and Society, told CPJ via Twitter. Government attempts to undermine security for law enforcement purposes only make the problem worse., she said.
"The Stanford Center for Internet and Society's Jennifer Granick, director of civil liberties, and Riana Pfefferkorn, cryptography fellow, said at Black Hat 2016 that companies are often under no legal obligation to comply with law enforcement data requests, because data requests are not orders and even court orders are not the law.
"“If you’re ever asked to do something like this, you have a lot of strong legal arguments to say no,” said Jennifer Granick, the Director of Civil Liberties at the Stanford Center for Internet and Society in a Black Hat talk on Thursday. Granick and her Stanford colleague Riana Pfefferkorn, a Cryptography Fellow, ran down relevant laws and what’s currently known about their parameters and limits. They suggested that companies should plan ahead and assume that law enforcement agencies will eventually send them some kind of technical request—if they haven’t already.
Registration is required for this free event.
With the DOJ recently bringing back the "Going Dark" debate, and now calling for "responsible encryption," what does the Trump administration have to say about strong crypto? Do we know yet? Do they?
If there's anyone who might be able to figure that out, it's Riana Pfefferkorn.
The EastWest Institute’s Global Cooperation in Cyberspace program anticipates future security risks, defines the outlines of potential conflict and brings together the people who can do something about it.
Lecture held during the First International Congress of Fundamental Rights and Criminal Procedure in the Digital Age, organized by InternetLab in partnership with the Faculty of Law of the University of São Paulo.
Cryptography Fellow Riana Pfefferkorn gave a lecture titled "The American debate on surveillance and encryption".
In this digital day and age we’re grappling with questions like:
- What are the key digital policy issues that matter to nonprofits in 2017?
- What are the most pressing challenges to nonprofits and activists?
- What should nonprofits, foundations and community activists know about? How can they get involved? And what should they be doing to keep themselves and their communities safe?
This event will help inform and open a conversation on this topic with our audience of foundation and nonprofit leaders, students, philanthropists and more.
What kind of surveillance assistance can the U.S. government force companies to provide? This issue has entered the public consciousness due to the FBI's demand in February that Apple write software to help it access the San Bernardino shooter's encrypted iPhone. Technical assistance orders can go beyond the usual government requests for user data, requiring a company to actively participate in the government's monitoring of the targeted user(s).