Researchers at the Stanford Center for Internet and Society (CIS) filed a petition yesterday seeking to unseal judicial records in San Francisco federal district court. Their goal is to reveal how the federal government uses U.S. law to obligate smartphone manufacturers and Internet companies to decrypt private user data, turn over encryption keys, or otherwise assist law enforcement with digital surveillance.
In the wake of the FBI’s efforts earlier this year to force Apple Inc. to decrypt data on a mobile phone used by one of the San Bernardino shooters, Americans are hotly debating whether the U.S. government can or should require companies to design their systems to ensure government access to unencrypted private data. CIS’s Cryptography Policy Project, founded in 2015, explores the impact of these encryption policy choices on communications security, free expression, political engagement, and economic competitiveness. While this policy question is openly debated, the public is actually ignorant of current obligations imposed under U.S. law on Internet companies, social networks, and smartphone manufacturers. That is because government investigators use sealed proceedings to petition courts to command companies to provide technical assistance under existing surveillance statutes. Government agents may secretly be forcing providers to ensure that law enforcement can access email, instant messages, and other private data despite encryption.
The petition filed today asks the federal district court for the Northern District of California to unseal government applications seeking technical assistance, as well as judicial opinions interpreting technical-assistance statutes and court orders obligating companies to decrypt data, to turn over encryption keys, or otherwise ensure investigator access to private data.
Cryptography Fellow Riana Pfefferkorn, who is funded by Stanford University’s Cyber Initiative, and CIS Director of Civil Liberties Jennifer Granick filed the petition in their individual capacity as Stanford-based researchers. They plan to ensure that any documents the court unseals are published, in the interest of informing the public about this important policy debate.
“Because surveillance orders are usually sealed and often remain so, people do not know what kind of technical assistance the government is entitled to obtain from communications companies under current law,” said Granick. “We want to know whether the FBI has asked for or successfully obtained court orders to turn on microphones or cameras in cars, laptops, and mobile phones, or to use smart TVs or other audio- and video-enabled Internet-connected devices for wiretapping. This knowledge will inform public debate at a time when the FBI is pushing for even greater surveillance powers.”
“Our Crypto Policy Project investigates how governments manage encryption and surveillance, and what role the judiciary plays in those efforts. The public needs to know whether investigators have successfully used current U.S. law to force data encryption, seize encryption keys, or mandate surveillance-capable system design. Our petition seeks answers to those questions,” said Pfefferkorn.
The case is In re Petition of Jennifer Granick and Riana Pfefferkorn to Unseal Technical-Assistance Orders and Materials, Case No. 16-mc-80206, in the Northern District of California.
About the Center for Internet and Society
Led by faculty director Barbara van Schewick, the Center for Internet and Society (CIS) is a public interest technology law and policy program at Stanford Law School and part of the Law, Science and Technology Program. CIS studies the interaction of new technologies and the law and strives to improve both technology and law, encouraging decision makers to design both as a means to further democratic values. Along with conducting research and policy analysis, the Center sponsors legal fellowships, organizes events to foster discussion of critical policy issues, and provides educational opportunities for law students to conduct applicable research and policy analysis in this field.
More information about CIS can be found at https://cyberlaw.stanford.edu/.
About the Crypto Policy Project
Encryption helps human rights workers, activists, journalists, financial institutions, innovative businesses, and governments protect the confidentiality, integrity, and economic value of their activities. However, strong encryption may mean that governments cannot make sense of data they would otherwise be able to lawfully access in a criminal or intelligence investigation.
CIS’s Crypto Policy Project investigates and analyzes the policy and practices of the U.S. and foreign governments for forcing decryption and/or influencing crypto-related design of online platforms and services, devices, and products, both via technical means and through the courts. The project’s interdisciplinary approach includes technical analysis of policy proposals for encryption design, contributed by cryptography researchers in the Stanford Computer Science Department’s Applied Cryptography Group. The project also researches the benefits and detriments of strong encryption on free expression, political engagement, economic development, and other public interests.
More information about the Crypto Policy Project can be found at https://cyberlaw.stanford.edu/our-work/projects/crypto-policy-project.
About Petitioners Jennifer Granick and Riana Pfefferkorn
Jennifer Granick is the Director of Civil Liberties at the Stanford Center for Internet and Society. From 2001 to 2007, Jennifer was Executive Director of CIS and taught Cyberlaw, Computer Crime Law, Internet intermediary liability, and Internet law and policy. Jennifer returned to Stanford in 2011 after working with the Internet boutique firm of Zwillgen PLLC and as Civil Liberties Director at the Electronic Frontier Foundation. Jennifer practices, speaks and writes about computer crime and security, electronic surveillance, consumer privacy, data protection, copyright, trademark and the Digital Millennium Copyright Act. Before teaching at Stanford, Jennifer spent almost a decade practicing criminal defense law in California.
Riana Pfefferkorn is the Cryptography Fellow at the Stanford Center for Internet and Society. Her work focuses on investigating and analyzing the U.S. government's policy and practices for forcing decryption and/or influencing crypto-related design of online platforms and services, devices, and products, both via technical means and through the courts and legislatures. Riana also researches the benefits and detriments of strong encryption on free expression, political engagement, economic development, and other public interests. Before joining CIS, Riana was the law clerk for a federal magistrate judge and spent several years as an associate at a major Bay Area law firm, where she litigated cases involving Internet law, online privacy, and intellectual property.