“Back Doors” in Encrypted Technology for the Government Will Harm National Security and Privacy

August 10, 2015August 10, 2015 / Washington Journal of Law, Technology & Arts / 1 Comment

By Michael Huggins

In the wake of an international controversy over government surveillance, U.S. technology companies have developed end-to-end encryption for users who want to send information. End-to-end encryption gives the sender and the recipient decryption keys for a piece of data or a message. Without these decryption keys, law enforcement officials cannot access the data or the message. Even with lawfully authorized access to the information, end-to-end encryption may allow criminals to keep their communications secret from the government. Additionally, the United States and other nations have expressed concerns that encryption will provide secure communications to terrorist organizations. Continue reading →

Will Congress Allow Consumers More Privacy?

May 25, 2015May 25, 2015 / Washington Journal of Law, Technology & Arts / Leave a comment

By Naazaneen Hodjat

The courts are redefining the hot topic of privacy law in today’s digital age. The most recent ruling, American Civil Liberties Union v. Clapper, came in the wake of a series of disclosures by Edward Snowden, a former National Security Agency (NSA) contractor. The Guardian revealed that the NSA had asked the Foreign Intelligence Surveillance Court to order Verizon to produce the telephone metadata for many of its subscribers. This order covered three months of information and included the numbers of both parties on a call, along with the location, time, and duration of the call. The Patriot Act classifies the contents as metadata, and the NSA can obtain the metadata without a warrant. The NSA network secured the telephone metadata indefinitely for its investigations.

The NSA Bulk Metadata Collection Program began shortly after the September 11th terrorist attacks. Section 215 of the Patriot Act permits the government “to make an application for an order requiring the production of any tangible things…for an investigation to obtain foreign intelligence information not concerning a US person or to protect against international terrorism….” The ACLU sought a preliminary injunction against the Government claiming that the bulk metadata collection program violates consumers’ First and Fourth Amendment rights. In response, the Government argued that bulk collection qualifies as business records and therefore falls within the ambit of Section 215 of the Patriot Act. Continue reading →

“Mobile Justice”? or Risky Vigilante Journalism?

May 20, 2015 / Washington Journal of Law, Technology & Arts / Leave a comment

By Andrew H. Fuller

The American Civil Liberties Union’s (ACLU) Oregon chapter and four other state chapters offer a smartphone app called Mobile Justice, which allows users to easily record interactions with the police. In addition to recording and transmitting footage, the app has a “Witness” button that sends out a user’s location to alert other Mobile Justice users in the area when they have been approached by the police. Once other Mobile Justice users have a user’s location, they can find that user and record their interaction with the police.

While this sort of Sousveillance activity is not unheard of—indeed, there are other apps that provide smartphone users with similar features—there are some serious concerns about these apps. Perhaps the most obvious concern is that a police officer may think that a user pulling out their phone to record is reaching for a weapon. In response to this concern, the ACLU of Oregon’s website for Mobile Justice has a portion of the page warning users on how to safely use the app. Continue reading →

The FTC Reports on the Internet of Things: Things That May Invade Our Privacy

February 9, 2015 / Washington Journal of Law, Technology & Arts / Leave a comment

By Eric Siebert

The Internet of Things arguably makes our lives easier, but in doing so, does it compromise other values we hold dearly? The Internet of Things is a system whereby objects that are commonplace in a normal lifestyle can connect to the Internet, enabling them to send and receive data to optimize or otherwise increase their abilities and functionality. With such increases in functionality, however, comes the ever-present risk that frequently accompanies changes in technology: Will this have a negative impact on our privacy? This is the very question the FTC sought to address in its report on the Internet of Things distributed last week. (We previously reported on the FTC’s preliminary examination of the Internet of Things here.) The new report discusses general ideas regarding the Internet of Things and sets forth best practices for businesses to follow in order to retain adequate consumer confidence in the products and the distributing companies themselves.

The Internet of Things presents many potential benefits to consumers. Among other things, it can be used to encourage and optimize energy efficiency throughout a household through integration with various appliances. It can also protect drivers on the roadway by warning drivers of various dangers, aiding in the development of autonomous vehicles (a topic previously discussed on this blog here and here). Further, the Internet of Things can help patients with medical conditions better communicate with their physicians to better manage their conditions. However, with such benefits, the FTC has also identified several security risks created by integration of the Internet of Things, namely: (1) enabling potential unauthorized access to personal information, (2) facilitating attacks on other systems, and (3) creating risks to personal safety. Continue reading →

AT&T Stops Using Controversial Tracking Codes but Smartphone Carriers Aren’t Done Yet

November 21, 2014 / Washington Journal of Law, Technology & Arts / Leave a comment

By Julie Liu

Several weeks ago, researchers made the disturbing discovery that smartphone carriers AT&T and Verizon have been using hidden codes to track users’ network activity. AT&T has since put this practice on hold, but Verizon does not apparently plan to follow suit.

Use of tracking technology is not itself a new phenomenon. Location tracking, which allows law enforcement agencies to collect information about individuals, has been around for a while. Similarly, Facebook, Google, and other large web companies that compile and sell user data to advertisers have long since adopted the practice of monitoring online activity. Verizon reportedly undertook the tracking program at issue in 2012, but it was not until late last month that this type of tracking activity by carriers received widespread attention.

As a means of collecting user data to offer to advertisers, AT&T and Verizon insert unique tracking codes into users’ Internet activity. The codes, which can be thought of as “supercookies,” operate as temporary IDs which are sent to every unencrypted website that a user visits from his or her mobile device. In this fashion, AT&T and Verizon can monitor each person’s app usage and site visits, which allows advertisers to better tailor ads to individuals. The practice essentially creates a permanent and highly personalized profile for each user. Continue reading →

Share this:

Share this:

Share this:

Share this:

Share this: