Skip to content

Category Archives: Privacy: Technology

Homeland Security Committee’s Cyber Bill a Missed Opportunity

By
Tuesday, April 14, 2015 at 5:15 PM

Today, the House Homeland Security Committee marked up a cybersecurity information sharing bill that promised to be “the best of bunch” in terms of civil liberties protections among the cybersecurity information sharing bills that Congress is currently considering. Unfortunately, the bill misses the mark in a key respect. The problem starts with the fact that . . .
Read more »

The Power of Citizenship Bias

By
Monday, March 23, 2015 at 3:00 PM

Following up on my post from last week on the report of the Intelligence and Security Committee (ISC) of the UK Parliament, which inter alia recommended that British law for the first time introduce distinctions between citizens and non-citizens for the purpose of regulating electronic surveillance, I’d like to briefly comment on another relevant development. . . .
Read more »

FREAK: Security Rollback Attack Against SSL

By
Friday, March 6, 2015 at 11:00 AM

This week we learned about an attack called “FREAK”—“Factoring Attack on RSA-EXPORT Keys”—that can break the encryption of many websites. Basically, some sites’ implementations of secure sockets layer technology, or “SSL,” contain both strong encryption algorithms and weak encryption algorithms. Connections are supposed to use the strong algorithms, but in many cases an attacker can . . .
Read more »

Email Privacy, Overseas Jurisdiction, and the 114th Congress

By
Friday, March 6, 2015 at 9:00 AM

Everything old is new again.  Two years ago, I wrote about a bipartisan effort (in which I was and still am participating) to update the Electronic Communications Privacy Act.  That effort, sadly, went nowhere. I am, however, happy to report that progress is being made to revive that effort in the 114th Congress.  This year . . .
Read more »

Bruce Schneier’s Important New Book

By
Wednesday, March 4, 2015 at 2:18 PM

Bruce has just published Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World, a book that will interest many Lawfare readers.  Data and Goliath is deeply informed and accessibly written analysis of mass surveillance by firms and the government.  Part One is a terrific tutorial on big data and data mining, . . .
Read more »

Fishing Expedition

By
Friday, February 27, 2015 at 4:00 PM

Do you worry that the NSA, perhaps in a joint program with the U.S. Fish and Wildlife Service, might be considering a “collect-it-all” program to seize and monitor fish, crocodiles, or antelopes for national security purposes?  If so – and I think I may have read something about this on The Intercept – you can . . .
Read more »

Senate Commerce Committee Hearing on “Preserving the Multistakeholder Model of Internet Governance”

By
Wednesday, February 25, 2015 at 9:55 AM

The Senate panel, led by Chairman John Thune (R-SD), will discuss internet governance matters this morning at 10:00 a.m. A livestream can be found at the Commerce Committee’s website; we’ll post embedded video if it is available. The witnesses (with links to testimony): Mr. Fadi Chehadé CEO, Internet Corporation for Assigned Name and Numbers (ICANN) Ambassador . . .
Read more »

Making Progress on the Encryption Debate

By
Tuesday, February 24, 2015 at 1:24 PM

In a recent debate between NSA director Mike Rogers and Yahoo Chief Information Security Officer Alex Stamos, the topic of law-enforcement restricted access to encrypted communications once again came up. To summarize the debate as it has been expressed to date, one side believes in encryption that only the user can decrypt. Those on this . . .
Read more »

Expanding on the International vs. U.S. Surveillance Law Comparisons

By
Tuesday, February 24, 2015 at 10:00 AM

Following my post from last week  regarding how the debate over the Snowden disclosures has blurred the distinctions between national security surveillance authorities and consumer privacy law, Tim Edgar pointed out yesterday  that U.S. law is probably one of the most, if not the most, protective legal structures concerning government access to data for national . . .
Read more »

Mysterious Discretion: When Journalists Wield Power We Don’t Understand

By
Monday, February 23, 2015 at 2:00 PM

Last night, Laura Poitras’s Citizenfour received an Academy Award for Best Documentary Feature, a win I have been anticipating since Glenn Greenwald won the Pulitzer Prize back in April for breaking the Edward Snowden leaks. In honor of the occasion, let’s reflect on the single most compelling moment in Citizenfour. I am talking about the moment in the . . .
Read more »

Why Should We Buy Into The Notion That The United States Doesn’t Care About Privacy?

By
Monday, February 23, 2015 at 8:23 AM

It is a common perception that Americans care less about privacy than Europeans, especially after the attacks of September 11, and the Snowden revelations only seemed to reinforce that perception. Last week, President Obama argued that European privacy complaints are really about something else. Europeans, he said, may simply be using privacy fears as a . . .
Read more »

The President’s Comments on European Privacy Claims and A Look Back at the LIBE Committee Report on Government Surveillance

By
Thursday, February 19, 2015 at 4:30 PM

President Obama made a refreshing observation during an interview with Re/Code at the White House Summit on Cyber Security and Consumer Protection in Silicon Valley last week. Following an exchange regarding the need for greater privacy for students using the Internet for educational purposes, the discussion turned to European scrutiny of U.S.-based technology companies, and . . .
Read more »

Two Reflections on the White House Cybersecurity Summit

By
Friday, February 13, 2015 at 10:27 PM

As many know, the White House held a summit on cybersecurity and consumer protection at Stanford University today.  In addition to President Obama, a number of CEOs also spoke on privacy and security issues in the context of consumer protection, and of course the backdrop for much of the summit was the Snowden revelations and . . .
Read more »

First Take on Government’s Surveillance Reform Update Report

By
Wednesday, February 4, 2015 at 3:12 PM

As Wells noted yesterday the Administration released its report on the implementation of Presidential Policy Directive (PPD)-28. I am still reading through the documents, which include twelve new agency-specific procedures that implement Section 4 of PPD-28, as well as additional restrictions on the counterterrorism telephone metadata program. For now, this post provides observations on two items contained . . .
Read more »

Data Analytics and Policing

By
Wednesday, February 4, 2015 at 9:25 AM

This interesting article on the NYPD’s use of data analytics came across my desk the other day.  Here is the abstract: The New York City Police Department’s Lower Manhattan Security Coordination Center integrates data from a variety of sources, including sensors (cameras, license plate readers, and environmental detectors) and records (arrests, complaints, summonses, 911 calls, . . .
Read more »

What Happens if We #Sunset215?

By
Tuesday, February 3, 2015 at 2:30 PM

A law the government cites as authority for the bulk collection of millions of Americans’ communications records—Section 215 of the PATRIOT Act—expires unless Congress extends it by Memorial Day weekend. The Center for Democracy & Technology, and other public interest groups, believes that Sec. 215 should sunset unless it is reformed to stop nationwide surveillance . . .
Read more »

Harvard Event with Bruce Schneier and Edward Snowden

By
Monday, January 26, 2015 at 12:20 PM

On Friday, the former spoke by videolink with the latter, about (unsurprisingly enough) surveillance, privacy and data security. Youtube has a video of their discussion:

The NRC’s Bulk Collection Report: a High-Level Overview

By
Tuesday, January 20, 2015 at 3:00 PM

Last week, Wells noted the release of an important, 85-page report by the National Research Council. (Yesterday, Herb Lin added his thoughts about it.) Broadly, Bulk Collection of Signals Intelligence: Technical Options concludes that right now, there are no software-based techniques that could fully replace the bulk collection of data. Below, I offer a high-level, . . .
Read more »

What David Cameron Doesn’t Get

By
Tuesday, January 20, 2015 at 10:30 AM

Last week British Prime Minister David Cameron gave an extraordinary speech in which he urged the the banning of private communications, that is communications to which the government could not listen into when legally authorized to do so. Cameron is not the first government official to do so; GCHQ Director Robert Hannigan urged the same . . .
Read more »

President Obama Comments on Back-doors in Encryption

By
Friday, January 16, 2015 at 5:50 PM

We’ve yet to find a transcript of President Obama’s remarks during today’s press conference with British Prime Minister David Cameron, but according to several news outlets, the President made a number of interesting statements regarding cybersecurity and data encryption. “If we get into a situation which the technologies do not allow us at all to track . . .
Read more »