The 21st Century Cures Act Will Be Implemented Piecemeal

fdaBy Jason Liu

As technology and medicine advance, the need to streamline and regulate medicine will increase. One can visit a virtual doctor, connect medical devices to the internet, and access cutting-edge gene therapy precision medicine. However, government agencies work with laws that never considered these innovations. To update these laws, the House passed the 21st Century Cures Act in 2015. The Act currently sits in the Health, Education, Labor and Pensions Senate (HELP) committee. Congress may also break the bill into smaller pieces of legislation.

Lamar Alexander (R-Tenn.), the leader of the HELP committee, recently stated that the panel will divide the 21st Century Cures Act into smaller pieces of legislation. The Act has stalled in the Senate because Democrats and Republicans disagree on how to fund the bill. Beginning Feb. 9, the committee will vote on at least seven bipartisan bills ranging from expediting therapies for rare diseases to improving electronic health records. Continue reading

If At First You Don’t Succeed (at passing a cybersecurity intelligence sharing law), Try, Try Again.

UntitledBy Brennen Johnson

Lawmakers in the U.S. Senate just passed CISA (the “Cybersecurity Information Sharing Act”) on Tuesday, October 27. If the White House does not veto it, CISA will allow tech companies to share internet traffic information with the government without fear of liability for the disclosure of private or sensitive data. Not only would the law potentially allow companies to violate their own privacy statements with users, but also it would allow them to hide the fact that they are sharing information with the government.

So what is CISA, where did it come from, and why does it matter? This is not the first time that lawmakers have brought this type of information-sharing scheme before Congress. Back in 2011, lawmakers introduced CISPA (the “Cyber Intelligence Sharing and Protection Act”) in an attempt to help prevent cyber attacks. The basic premise behind the bill was that quickly sharing information about threats and vulnerabilities could help prevent attacks. The House of Representatives passed CISPA, but it failed in the Senate, due to a lack of confidentiality and civil liberties safeguards. The White House even proclaimed that it would veto the bill should it be passed. CISPA was reintroduced by the House in 2013, where it again failed to pass the Senate. Continue reading

The Continuing Saga of Cell Phone Tracking

cell phone, blog post

By Kelsey O’Neal

We count on our cell phones to be fast. We hate waiting for a call or a text. Our cell phones constantly emit signals to the closest cell tower. These fast signals instantly gratify us. But as you carry your phone, it creates a mass of data called cell site location information (CSLI). You don’t even have to use your phone; just having it on creates the cell site location information. U.S. federal law is divided on whether the government needs a warrant to get this information. On July 29th, 2015, U.S. District Court Judge Lucy Koh issued an opinion which requires that a government agency get a warrant before it requests 60 days of cell site location information.

Judge Koh wrote that tracking cell phones with historical cell site location information is particularly dangerous because law enforcement can use the cell site information to look into people’s homes and learn detailed information about an individual’s personal life. Judge Koh ruled that the government must obtain a search warrant to access these personal details because: (1) people expect privacy from government intervention when they are at home; (2) people have a higher expectation of privacy when it comes to long-term surveillance, and (3) cell phone location data can reveal a great deal about an individual because everyone turns on their cell phone and carries it with them. Twelve states agree with Judge Koh; six states already have a law that requires the police to get a warrant, and six are trying to get one.

However, not all states or courts agree with Judge Koh. Early this year, an 11th Circuit panel held that the police do NOT have to get a warrant to look at CSLI. Additionally, a 6th Circuit panel in Cincinnati held that you do not have a reasonable expectation of privacy if you accidentally butt-dial, ahem, pocket-dial, somebody. Why? The court compared it to leaving your curtains open; while there is still a privacy interest, it’s not nearly as strong because you are letting people look in your home. It would be simple to protect your privacy by shutting your curtains, or, by password protecting your phone.

It looks like this particular fight could head toward the Supreme Court, and the result could impact all cell phone users. Until that time, you should probably put your phone in airplane mode the next time you rob a bank.

Image source:

The UK Orders Google to Remove Links to “Right to be Forgotten” Stories

google_img By Juliya Ziskina

The United Kingdom’s Information Commissioner’s Office (ICO) has ordered Google to remove search results linking to news stories about the removal of information under the 2014 “right to be forgotten” ruling. Under the “right to be forgotten” ruling, Europeans who feel they are being misrepresented by search results that are no longer accurate or relevant—for instance, information about old financial matters, or misdeeds committed as a minor—can ask search engines like Google to delink the material. If the request is approved, the information will remain online at the original site, but would no longer come up under certain search engine queries.

Google had previously removed links relating to an offense committed by an individual almost 10 years ago. At the time, the individual had requested removal of the links under the “right to be forgotten” ruling. Several publications produced news stories detailing this removal request, and it became a news story in itself. Google retained links to those articles, and they still appeared in the search results for the individual’s name. The individual complained—and now the ICO has ordered Google to remove the newer articles. Google refused to remove links to these later articles, which included details of the original criminal offense. Google argues that these articles are an essential part of a broader news story about the “right to be forgotten,” and that the articles are in the public interest.

Google faces criminal charges and financial sanctions if it does not comply with the ICO’s order. These criminal consequences and fines may have a dire effect on Google’s ability to freely distribute information.

The “right to be forgotten” ruling gives European nations a mechanism to censor legal information and web pages. Not only does the ICO want to invoke the right to be forgotten, but it also wants to erase evidence that it implemented the policy. The EU designed this law to protect privacy, but these new developments are an unsettling new leap into government censorship.

However, Europeans can still use American Google to get uncensored information. European governments cannot force Google to alter results on its American search engine. The “right to be forgotten” ruling restricts, but leaves untouched. European governments may eventually try to patch this hole. But for now, the right to be forgotten disappears at the American border.

Image Source:

“Back Doors” in Encrypted Technology for the Government Will Harm National Security and Privacy

Screen Shot 2015-08-10 at 8.32.43 AMBy Michael Huggins

In the wake of an international controversy over government surveillance, U.S. technology companies have developed end-to-end encryption for users who want to send information. End-to-end encryption gives the sender and the recipient decryption keys for a piece of data or a message. Without these decryption keys, law enforcement officials cannot access the data or the message. Even with lawfully authorized access to the information, end-to-end encryption may allow criminals to keep their communications secret from the government. Additionally, the United States and other nations have expressed concerns that encryption will provide secure communications to terrorist organizations.  Continue reading