Riana Pfefferkorn is the Cryptography Fellow at the Stanford Center for Internet and Society. Her work, made possible through funding from the Stanford Cyber Initiative, focuses on investigating and analyzing the U.S. government's policy and practices for forcing decryption and/or influencing crypto-related design of online platforms and services, devices, and products, both via technical means and through the courts and legislatures. Riana also researches the benefits and detriments of strong encryption on free expression, political engagement, economic development, and other public interests.
Prior to joining Stanford, Riana was an associate in the Internet Strategy & Litigation group at the law firm of Wilson Sonsini Goodrich & Rosati, where she worked on litigation and counseling matters involving online privacy, Internet intermediary liability, consumer protection, copyright, trademark, and trade secrets and was actively involved in the firm's pro bono program. Before that, Riana clerked for the Honorable Bruce J. McGiverin of the U.S. District Court for the District of Puerto Rico. She also interned during law school for the Honorable Stephen Reinhardt of the U.S. Court of Appeals for the Ninth Circuit. Riana earned her law degree from the University of Washington School of Law and her undergraduate degree from Whitman College.
High Res Photo of Riana Pfefferkorn
On January 17, the Minnesota Supreme Court issued its opinion in State v. Diamond. It affirmed the appellate court’s holding that compelling a defendant to provide a fingerprint to unlock a seized cellphone (for which police had a warrant) did not violate the Fifth Amendment privilege against self-incrimination.
My article Everything Radiates: Does the Fourth Amendment Regulate Side-Channel Cryptanalysis?, 49 Conn. L. Rev. 1393 (2017), has recently been published by the Connecticut Law Review. You can download it from SSRN here. I contributed this piece as part of my participation in the law review's 2017 Symposium last January.
The following are my opening remarks for the encryption panel during the IGF 2017 main session, "Local interventions, global impacts: How can international, multistakeholder cooperation address Internet disruptions, encryption, and data flows?"
On October 10, Deputy Attorney General Rod Rosenstein gave a speech at the U.S. Naval Academy about encryption. I have a lot to say about his remarks, so this will be a long post. Much of Rosenstein’s speech recycled the same old chestnuts that law enforcement’s been repeating about crypto for years. I’m happy to roast those chestnuts.
Arguing that if the court should not compel Apple to create software to enable unlocking and search of the San Bernardino shooter’s iPhone, it will jeopardize digital and personal security more generally.
Slides from the BlackHat 2016 presentation by Jennifer Granick and Riana Pfefferkorn titled "When the Cops Come A-Knocking: Handling Technical Assistance Demands from Law Enforcement."
In the name of saving cybersecurity, a new bill before Congress would kill cybersecurity. On April 13, Senators Richard Burr (R-NC) and Dianne Feinstein (D-CA) released an official draft of their long-awaited anti-encryption bill. The sponsors of the “Compliance with Court Orders Act of 2016” (CCOA) call it an innocuous law-and-order measure to ensure that American companies comply with court orders. In truth, it is a technologically tone-deaf and downright dangerous piece of legislation.
"Another paper has been released, adding to the current encryption discussion. The FBI and DOJ want access to the contents of locked devices. They call encryption that can be bypassed by law enforcement "responsible encryption." It isn't.
"The 'responsible encryption' demanded by law enforcement and some politicians will not prevent criminals 'going dark'; will weaken cyber security for innocent Americans; and will have a hit on the U.S. economy. At the same time, there are existing legal methods for law enforcement to gain access to devices without requiring new legislation.
"IT CAN’T BE DONE — Senior Trump administration officials are wrong to suggest that encrypted platforms can be engineered to provide access for government investigators without seriously compromising their security, according to a new paper by a Stanford University cryptography expert."
"Riana Pfefferkorn, the cryptography fellow at the Stanford Center for Internet and Society, told Motherboard in an email, “Officers should not be buying malware on their own dime for use at work—and using their official email address in the process.
Cryptography Fellow Riana Pfefferkorn will be speaking at the 2018 InfoSec Southwest.
Encryption shields private information from malicious eavesdroppers. After years of slow adoption, encryption is finally becoming widespread in consumer-oriented electronic devices and communications services. Consumer-oriented encryption software is now more user-friendly, and much of it turns on encryption by default. These advances enhance privacy and security for millions of people.
Registration is required for this free event.
With the DOJ recently bringing back the "Going Dark" debate, and now calling for "responsible encryption," what does the Trump administration have to say about strong crypto? Do we know yet? Do they?
If there's anyone who might be able to figure that out, it's Riana Pfefferkorn.
"While the battle against encryption has been going on within federal law enforcement circles (dubbed "going dark") since at least the early 1990s, Rosenstein has now called for "responsible encryption."
Lecture held during the First International Congress of Fundamental Rights and Criminal Procedure in the Digital Age, organized by InternetLab in partnership with the Faculty of Law of the University of São Paulo.
Cryptography Fellow Riana Pfefferkorn gave a lecture titled "The American debate on surveillance and encryption".
In this digital day and age we’re grappling with questions like:
- What are the key digital policy issues that matter to nonprofits in 2017?
- What are the most pressing challenges to nonprofits and activists?
- What should nonprofits, foundations and community activists know about? How can they get involved? And what should they be doing to keep themselves and their communities safe?
This event will help inform and open a conversation on this topic with our audience of foundation and nonprofit leaders, students, philanthropists and more.