Taking a Bite Out of the Big Apple: Law Enforcement and the Apple iPhone

November 2, 2015 / Washington Journal of Law, Technology & Arts / 1 Comment

By Michael Huggins

On October 26, 2015, the United States government argued before a federal magistrate judge in New York that it should be able to force Apple to unlock an iPhone as part of a criminal investigation. The federal government filed a request for a court order to compel Apple to comply pursuant to the All Writs Act— an 18^th Century law that allows federal courts to issue orders to effectuate otherwise valid court orders. The government argues that the federal courts can use the All Writs Act to force Apple to assist the government in investigating users of the software. Apple refuses to comply with the order.

Apple argues that the situation would not be any different than if the government used the All Writs Act to force a safe manufacturer to travel around the country, unlock safes, and give the contents of those safes to the government. Apple argues that the government wants Apple to do the investigative work for them. Judge James Orenstein, the federal magistrate judge in the United States District Court for the Eastern District of New York, agreed with Apple’s logic. Assistant U.S. Attorney Saritha Komatireddy believes that Apple’s refusal to unlock the phone represents a surprising reversal from Apple’s previous willingness to unlock phones for the government. When Judge Orenstein asked Apple why it did not challenge the previous search warrants, Apple’s attorney Marc Zwillinger replied that the company had only recently become more cognizant of the harms to high-profile data breaches and that the company has had a change of heart. But even if Apple was willing to unlock the phone, it cannot do so because each individual contains a very specific password/key to unlock the phone. Continue reading →

If At First You Don’t Succeed (at passing a cybersecurity intelligence sharing law), Try, Try Again.

October 30, 2015 / Washington Journal of Law, Technology & Arts / Leave a comment

By Brennen Johnson

Lawmakers in the U.S. Senate just passed CISA (the “Cybersecurity Information Sharing Act”) on Tuesday, October 27. If the White House does not veto it, CISA will allow tech companies to share internet traffic information with the government without fear of liability for the disclosure of private or sensitive data. Not only would the law potentially allow companies to violate their own privacy statements with users, but also it would allow them to hide the fact that they are sharing information with the government.

So what is CISA, where did it come from, and why does it matter? This is not the first time that lawmakers have brought this type of information-sharing scheme before Congress. Back in 2011, lawmakers introduced CISPA (the “Cyber Intelligence Sharing and Protection Act”) in an attempt to help prevent cyber attacks. The basic premise behind the bill was that quickly sharing information about threats and vulnerabilities could help prevent attacks. The House of Representatives passed CISPA, but it failed in the Senate, due to a lack of confidentiality and civil liberties safeguards. The White House even proclaimed that it would veto the bill should it be passed. CISPA was reintroduced by the House in 2013, where it again failed to pass the Senate. Continue reading →

New StingRay Policies for both Washington State and the Department of Justice

October 14, 2015 / Washington Journal of Law, Technology & Arts / Leave a comment

By Matthew McCoy

Both the State of Washington and the United States Department of Justice (DOJ) have recently issued new policies regarding law enforcement’s use of cell site simulators. Colloquially known as StingRays, cell site simulators spoof cell towers and trick mobile devices in close proximity to the simulator into connecting with it and unveiling their unique location information. While it is possible to initiate more sophisticated attacks, such as deception and logging of message contents, the DOJ asserts in its new policy that its Stingrays are not configured with such capabilities in accordance with the pen register and trap and trace definitions in 18 U.S.C. §3127(3).

Previous use of StingRays, unveiled by research by privacy advocates, show that both federal, state, and local law enforcement entities have been previously approved under traditional pen register/trap and trace orders. While the DOJ argues that obtaining authorization pursuant to the Pen Register Statute is appropriate for these devices, critics say pen registers, which record the numbers dialed to and from a phone, are different than cell site simulator technology, which record a phone’s location and manipulate how a phone connects with its cellular network. Continue reading →

The FTC Reports on the Internet of Things: Things That May Invade Our Privacy

February 9, 2015 / Washington Journal of Law, Technology & Arts / Leave a comment

By Eric Siebert

The Internet of Things arguably makes our lives easier, but in doing so, does it compromise other values we hold dearly? The Internet of Things is a system whereby objects that are commonplace in a normal lifestyle can connect to the Internet, enabling them to send and receive data to optimize or otherwise increase their abilities and functionality. With such increases in functionality, however, comes the ever-present risk that frequently accompanies changes in technology: Will this have a negative impact on our privacy? This is the very question the FTC sought to address in its report on the Internet of Things distributed last week. (We previously reported on the FTC’s preliminary examination of the Internet of Things here.) The new report discusses general ideas regarding the Internet of Things and sets forth best practices for businesses to follow in order to retain adequate consumer confidence in the products and the distributing companies themselves.

The Internet of Things presents many potential benefits to consumers. Among other things, it can be used to encourage and optimize energy efficiency throughout a household through integration with various appliances. It can also protect drivers on the roadway by warning drivers of various dangers, aiding in the development of autonomous vehicles (a topic previously discussed on this blog here and here). Further, the Internet of Things can help patients with medical conditions better communicate with their physicians to better manage their conditions. However, with such benefits, the FTC has also identified several security risks created by integration of the Internet of Things, namely: (1) enabling potential unauthorized access to personal information, (2) facilitating attacks on other systems, and (3) creating risks to personal safety. Continue reading →

Is High-Frequency Trading The Future, Or Will It Soon Be History?

May 12, 2014May 12, 2014 / Washington Journal of Law, Technology & Arts / Leave a comment

By Stephen Anson

Equipped with some of the most powerful super-computers in the world, high-frequency traders anticipate millisecond changes in the market, allowing them to score immediate gains and affect the market index. These trading practices have been used for years, and though there are many federal rules criminalizing insider trading and securities fraud, no one has used these rules to go after high-frequency traders until recently. Whether or not these trades are illegal remains an open question. In the interim, growing public discontent will likely lead to more lawsuits and perhaps eventual securities reform.

Public interest in high-frequency trading has grown lately, spurred in part by Michael Lewis’s new book “Flash Boys.” In his book, Lewis described the market as being “rigged” by “high-frequency traders armed with fiber-optic lines and computer servers located next to, or even inside, the exchanges.” This advanced technology gives high-frequency traders an advantage over other traders. The technology provides faster access to information about the flow of the market, and the traders then use advanced algorithms to purchase as many of the “in demand” securities as possible. Their computer programs will then, nearly instantaneously, sell those same securities back out in the market, often for a nice little margin. High-frequency traders can still turn a profit, even if they are buying large volumes of stock and selling them for the same price, because they receive a liquidity rebate for each transaction from the relevant exchange. The exchanges, such as the New York Stock Exchange (“NYSE”), pay these liquidity rebates, which typically amount to a fraction of a penny per share, because it increases the overall liquidity in that marketplace.

Continue reading →

Share this:

Share this:

Share this:

Share this:

Share this: