Category: Uncategorized

February 26th, 2015

Department of Justice Warrant Requirement Proposed Amendment Concerning Electronic Surveillance in Anonymous Computer Sources Raises Serious Fourth Amendment Concerns

By: Breta Olsen

http://www.slate.com/blogs/future_tense/2015/02/19/google_says_proposed_doj_rule_41_revision_is_monumental_fourth_amendment.html

http://justsecurity.org/15018/justice-department-proposal-massive-expand-fbi-extraterritorial-surveillance/

https://www.aclu.org/blog/national-security/government-pursuit-less-secure-internet

The DOJ has proposed an amendment to Rule 41 of Federal Criminal Procedure on a proposed amendment that would allow magistrate judges to issue search warrants outside of their jurisdiction that authorize the “use [of] remote access to search electronic storage media and to seize or copy electronically stored information” when the location of the computer source is unknown. According to the DOJ, this amendment will ensure that FBI searches of digital data do not have their warrants precluded due to lack of venue when technology is used to disguise a computer’s geographic location.

While the Department of Justice insists that this is a small tweak to an existing rule that does not expand the power of the FBI to search, organizations as varied as Google, the ACLU, Reporter Committee on Freedom of the Press and the Electronic Frontier Freedom all cautioned the Judicial Conference Advisory Committee on Criminal Rules to reject the proposal and advised that, if this change should be made, Congress is the appropriate venue rather than the rule-making process due to fourth amendment concerns.

According to the ACLU, the sample search warrants submitted to the committee indicate that the warrants would be used to implement network investigative techniques (NIT), which involves the hacking of a device and the installation of malware on the targeted computers. These searches may well constitute an unreasonable search under the fourth amendment given their destructive nature, unpredictability, and ability to affect countless non-targeted computers.

Google points out that the wording of the amendment is sufficiently vague to raise further fourth amendment concerns. For example, the sample warrants make no attempt to describe what “storage media” will be searched, giving seemingly unlimited access, which is disturbing because NIT makes it possible for the government to take control of targeted computers and access data stored locally, on a network drive, or in the cloud. This raises serious particularity concerns under the fourth amendment. With respect to the scope of the warrants, Google points out that there are no statements on the sample warrants about what type of “storage media” will be searched or how the government will avoid implicating non-targeted computers in the search as it tracks an anonymous actor. Finally, Google points out that NIT techniques have the ability to access a computer’s microphone and camera remotely. To the extent that any of these searches employ this method, and either activate these devices or collect information in real time from them, the heightened protections of Title III would apply, and the government has not addressed these concerns in their proposal.

Public comments before the Committee closed on February 17 and in the next few weeks, the Judicial Conference Advisory Committee on Criminal Rules will make a decision about the preliminary proposal.

February 26th, 2015

U.S. v. Winn

By: Siyuan Wang

https://s3.amazonaws.com/s3.documentcloud.org/documents/1667465/sd-illinois-cellphone-20150209.pdf

http://www.washingtonpost.com/news/volokh-conspiracy/wp/2015/02/23/court-invalidates-cell-phone-warrant-as-overbroad/

In this case, a man named Winn (the defendant) had been seen using his cell phone to photograph or videotape a group of minors in their swimsuits while rubbing his genitals. The government asked for and obtained a warrant to search Winn’s phone for all evidence of public indecency stored inside it. The officer used the Cellebrite UFED Touch machine to extract data from the cell phone, which included “two calendar events, a forty-four item call log, twenty-three contacts, eighty text messages, 312 images, and twenty-five videos.” No evidence of public indecency was obtained, but some of the data was evidence of child pornography. Winn seeks to suppress the evidence, claiming that the warrant was overbroad. The court agreed with defendant on this issue and reasoned:

The warrant authorized the seizure of “any or all files” contained on the cell phone and its memory card that “constitute[d] evidence of the offense of [Public Indecency 720 ILCS 5/11–30],” including, but not limited to, the calendar, phonebook, contacts, SMS messages, MMS messages, emails, pictures, videos, images, ringtones, audio files, all call logs, installed application data, GPS information, WIFI information, internet history and usage, any system files, and any delated data (Docs.22–2, 22–3).

The major, overriding problem with the description of the object of the search—“any or all files”—is that the police did not have probable cause to believe that everything on the phone was evidence of the crime of public indecency. The description was a template used by the St. Clair County State’s Attorney’s Office for all cell phone searches. Templates are, of course, fine to use as a starting point. But they must be tailored to the facts of each case. This particular template authorized the seizure of virtually every piece of data that could conceivably be found on the phone. The Supreme Court put the scope of such a wholesale seizure in perspective by explaining that it “would typically expose the government to far more than the most exhaustive search of a house.” Riley v. California, 134 S.Ct. 2473, 2491 (2014) (emphasis in original). Obviously, the police will not have probable cause to search through and seize such an expansive array of data every time they search a cell phone.

The court went on to explain what a specific warrant looks like:

the warrant could have described the location of the incident as well as the subjects of the images—children at a swimming pool, or more specifically young girls in swimsuits at the Mascoutah Public Pool. See, e.g., Mann, 592 F.3d at 780–81 (where warrant authorized police to search for “images of women in locker rooms or other private areas” for evidence of voyeurism).

This reasoning demonstrates court’s concerns of aggregating data stored in cell phones and how it influences the scope of warrant. As recognized in Riley, cell phone is different in the sense of type and range of data contained. The rationale is that due to the large storage capacity, the expectation of privacy is heightened in such context.

This is an easy case because the law enforcement used a template warrant, which was “patently” overbroad by nature. The court took a very restricted approach by saying that only photos and videos related to public indecency crime should be searched since only these two types of data were relevant. Along this line of reasoning, we need to first match the possible form of evidence with the crime feature in order to determine the scope of a warrant. Then problem of how extensive the search need to be in accordance with the suspected crime will arise.

Panel 9

February 23rd, 2015

By: Alexia J Boyarsky

Proposed Congressional Reform to Government Access to Emails

http://thehill.com/policy/technology/230974-leahy-lee-ready-email-privacy-bill

http://ivn.us/2015/02/16/240-u-s-reps-sign-bill-protecting-private-online-communications/

http://www.zdnet.com/article/ecpa-reform-will-kill-warrantless-email-searches/

New bi-partisan Congressional bill was introduced this week, resembling a similar bill from last year, that would require the government to get a warrant prior to obtaining access to any emails. As current law stands under the Electronic Communications Privacy Act from 1986, the government only needs a subpoena for old emails (older than 180 days) or for read emails. These provisions made some limited sense when the bill was enacted because storage space was expensive and most people did not keep their emails for that long. However, in the modern day, the Congressmen argue that emails have become so pervasive and so private that more protections are vital.

Currently, 240 cosponsors have signed onto the deal, which makes it possible that it will pass Congress. After the Patriot Act, the most vocal opposition to government searches of emails was silenced, however, in the wake of news of the National Security Agency surveillance leaks, there has been more support throughout Congress for laws that limit the government’s abilities to search citizens’ emails. These reintroduced bills will be voted on either this month or next, and barring a comparable bureaucratic stalemate such as what killed the bill last year, they are likely to pass.

Major Tech Companies Take Sides in Battle Over Update To ECPA

By: Matthew Shore

Panel 9

Link: http://www.law360.com/articles/614439/google-others-renew-push-for-digital-privacy-law-reform

From industry to civil rights groups, many sides are now lining up against the government in the fight to bolster the Electronic Communications Privacy Act. Google, Twitter and other tech companies recently sent a letter to House Judiciary Committee Chairman Robert Goodlatte and Ranking Member John Conyers, asking that Congress give consideration to the Email Privacy Act. The act, which would be an update to the Electronic Communications Privacy Act, “would make it clear that, excepting emergencies, the government needs a warrant to compel a service provider to disclose the content of emails, texts or other private user material stored in the cloud by the service provider.”

In the Sixth Circuit opinion United States v. Warshak, Judge Boggs stated that “[t]he government may not compel a commercial ISP to turn over the contents of a subscriber’s emails without first obtaining a warrant based on probable cause.” This seems to line up with the goal of the Email Privacy Act. However, supporters note that there have also been conflicting rulings, which has left both the government and service providers in an uncertain position.

While service providers may be looking for guidance in how to act, and protection of their customers, the government’s interest is in protecting its citizens. Advocates for digital privacy, in pushing for the Act, can point to the extent of our lives that now exist in our emails, texts and information in the cloud. Government actors have an argument that this is the very reason that the government needs the ability to access this information easily. Much of the planning by terrorists occurs outside of the old methods of surveillance and the government must be able to act quickly, if need be.

By: Rose Dorvel

February 19, 2015

http://www.huffingtonpost.com/2015/02/13/david-carr-edward-snowden-death-interview_n_6677790.html

Has media coverage of Snowden’s NSA leaks conditioned Americans to have no subjective expectation of privacy in their virtual lives?

Earlier this week, New York Times columnist David Carr dropped dead mysteriously following a panel interview with Snowden discussing the film Citizenfour, which tracks the former-NSA-contractor-turned-whistleblower’s decision to leak National Security Agency’s documents on widespread, unchecked governmental spying on citizens to the media. Conspicuously absent from the article is mention of any privacy protection measures underway that were prompted by Snowden’s leaks.

With each article that exposes the sweeping surveillance of American citizens—without mention of mitigation measures underway by public or private actors, the notion that one’s virtual life is always being watched and retained for potential future use, misuse or abuse is drilled into the public’s brain. After an avalanche of articles exposing relentless NSA spying on U.S. citizens, Americans are aware and on notice that the government is relentlessly capturing their personal data (via phones, computers, social media, etc.). Repetition of this idea, without consequential public or political backlash, has not accomplished protection against pervasive privacy invasion, presumably the objective of Snowden’s decision to leak NSA documents.

Instead, Americans are told and again that the NSA tracks and records their every move, which is likely and, often necessarily, an electronic one in the modern day.

An insidious consequence of the media’s Snowden coverage is that the people have been conditioned to accept the pervasive spying as normal, perhaps per a regime to protect American freedoms from threats of terror. This result is antithetical to Snowden’s pledged objective to curb widespread unchecked spying, and one that could actually lead to an acceptance of total surveillance, and consequent erosion of Fourth and First Amendment protections. After hearing Snowden’s story, many Americans may no longer subjectively expect any privacy when they use their smartphones, computers, and other ubiquitous digital devices.

With the all the media coverage and a film in the public domain publicizing pervasive NSA surveillance, would an American citizen subjectively expect his electronic communications to be kept private? Would society consider such an expectation reasonable? What about in the name of national security?

Carnivore, an FBI program capable of recording, searching and storing all contents of electronic communication, was the hotly debated subject of governmental initiatives to establish more stringent privacy protection measures. Then 9/11 promptly snuffed out the debate.

Hitler, in Mein Kampf, said “The best way to take control over a people and control them utterly is to take a little of their freedom at a time, to erode rights by a thousand tiny and almost imperceptible reductions. In this way, the people will not see those rights and freedoms being removed until past the point at which these changes cannot be reversed.” Let’s examine whether Americans have exchanged some of their civil liberties for a promise of security from an external terror threat, how we can balance homeland security measures with the Fourth Amendment’s “right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches,” and initiate means to protect information privacy until privacy as we know—or knew—it is gone for good.

Jewel v. National Security Agency: Mass Surveillance

By: Nireeti Gupta

Panel 9

Link 1: http://www.huffingtonpost.com/2015/02/10/nsa-warrantless-searches_n_6656314.html

Link 2: http://www.theregister.co.uk/2015/02/11/eff_loses_nsa_wiretap_appeal_again/

The case before the District Court of California, was filed in 2008 by Electronic Front Frontier on behalf of AT&T customer Carolyn Jewel. The case took on renewed importance in the wake of the Snowden leaks which exposed top-secret information about the National Security Agency’s (‘NSA’) surveillance of Internet communications.

Judge Jeffrey White on February 10, 2015 ruled in favor of NSA in a lawsuit challenging the interception of Internet communications without a warrant.

The Plaintiff had alleged that as part of a system of mass surveillance, the Government receives copies of their Internet communications, then filters the collected communications in an attempt to remove wholly domestic communications, and then search the remaining communications for potentially terrorist-related foreign intelligence information. Plaintiff contended that NSA taps into the fiber cables that make up the backbone of the Internet and gathers information about people’s online and phone communications (‘Upstream Program’).

The Plaintiffs argued that the copying and searching of their private internet communications is conducted without a warrant or any individualized suspicion and, therefore, violates the Fourth Amendment. The Fourth Amendment prohibits the Government from intercepting, copying, or searching through communications without first obtaining a warrant based on probable cause, particularly describing the place to be searched and the things to be seized.

The Government described the collection of communications pursuant to Section 702 of the Foreign Intelligence Surveillance Act. Upon approval by the Foreign Intelligence Surveillance Court, NSA analysts identify non-U.S. persons located outside the United States who are reasonably believed to possess or receive, or are likely to communicate, foreign intelligence information.

Once designated by the NSA as a target, the NSA tries to identify a specific means by which the target communicates, such as an e-mail address or telephone number. That identifier is referred to a “selector.” Selectors are only specific communications accounts, addresses, or identifiers. According to the Government’s admissions, an electronic communications service provider may then be compelled to provide the Government with all information necessary to acquire communications associated with the selector. However, it claimed that the information necessary to litigate Plaintiff’s claims is subject to and excluded from use by the “state secret privilege” and other related privileges and that their cases should be dismissed.

Judge White found that Plaintiff had not established sufficient standing to sue under the Fourth Amendment, that is, they did not present enough evidence to prove that they had been directly harmed by NSA’s actions, and so had no grounds on which to sue. Judge White further added that a potential Fourth Amendment claim would have to be dismissed on the basis that any possible defenses would require impermissible disclosure of state secret information.

February 19

By: Colin Johnson, Panel 9

California Lawmaker Proposes Warrant Requirement for Digital Data Access

Article: http://arstechnica.com/tech-policy/2015/02/california-lawmaker-proposes-warrant-requirement-for-digital-data-access/

Last Monday, a California state senator introduced the California Electronic Communications Privacy Act, a bill that would establish new requirements for law enforcement officials to access suspects’ digital information. If passed, this bill would be the most comprehensive state provision for the protection of digital privacy in the country.

CalECPA, as the bill is known, would provide significantly greater digital privacy rights to individuals than the current federal requirements. While courts have issued rulings clarifying and strengthening the protections of the federal ECPA, the law itself has remained largely unchanged since its implementation in 1986. Until Congress successfully passes a bill to update existing ECPA, citizens must rely on state courts to protect their digital information.

CalECPA would establish a warrant requirement not only for email but for all electronic communications, including contacts, GPS information, and metadata. However, the most interesting provision under the proposed law would allow for the appointment of special masters to ensure that the warrants are narrow and that any legally gathered information that turns out to be beyond the scope of the investigation is destroyed immediately.

If passed, CalECPA would provide a significant victory for digital privacy advocates. The passage of this expansive bill would send a clear message to federal lawmakers that the outmoded ECPA needs to be updated immediately in order to reflect the rapidly changing digital landscape of the twenty-first century.

These ILI Student Blog x Dress Head Womens Jean Shorts – Adorable Camouflage include a slight fray rip in the thigh, showing a cute peek of what’s underneath. You won’t be able to hide in the jungle wearing these shorts! The shorts are cut super short showing off those sexy summer legs. Let the tomboy in you come out! Wear with a bikini top on the beach or in the water to stay trendy and sexy! The perfect fit hugging your figure and readying you for some great summer fun! You are sure to turn the heads of everyone who sees you in these sexy short shorts. For these ILI Student Blog x Dress Head Womens Jean Shorts – Adorable Camouflage, the measurements for the small (S) size are:the waist circumference is 34 centimeters; the hip circumference is 36 centimeters; and the hem circumference is 22 centimeters.

February 12th- Panel 10

By: Joseph Gracely

Sneaking Past Kyllo

Link to article: http://www.usatoday.com/story/news/2015/01/19/police-radar-see-through-walls/22007615/

In 2001 the Supreme Court held in Kyllo v. United States that police use of thermal imaging technology to detect heat signatures within a person’s home was unconstitutional.  In doing so, the Court noted that the device in that case was “not in general public use.”  The Court also indicated that radar-based systems then being developed would be covered by its ruling in Kyllo.

Now those radar-based systems are here.  And contrary to the apparently clear holding in Kyllo, they are out on the streets providing officers with data about the presence and movements of suspects behind closed doors.

As USA Today reports, the Range-R handheld radar sensor is currently being used by at least 50 U.S. law enforcement agencies, among them the FBI and U.S. Marshals Service.  While the detectors don’t display images of what’s behind a wall, they are highly sensitive and can pick up on movements as slight as breathing from more than 50 feet away.

Until December 2014, when the use of the devices came to broader attention, police used the radar sensors secretly, without search warrants, presenting potentially great Fourth Amendment concerns.  This is particularly so given the difference in technology between radar and thermal imaging.  While thermal imaging arguably involves only the detection from outside the home of heat penetrating out through the walls – as the government actually argued in Kyllo – radar is something different.  With radar, there is – at some level – a penetration of the home by radar waves from the device.  Given the holding in Kyllo, it’s unclear how such warrantless radar use could survive constitutional scrutiny.

February 12th

By: Bo Wang

Smart TVs May Redefine Privacy in Our Home

http://www.bbc.com/news/technology-31296188

TV is getting smarter. Nowadays many smart TVs have voice activation feature. One could basically control the TV by giving oral command, without going through the pain of reaching for the remote. But the TV listens to more than what people would have expected. As Samsung is warning its customers, when the feature is on, whatever you say including “personal or other sensitive information” may be transmitted by the TV to Samsung or a third party.

Putting aside the shock that this sounds similar to George Orwell’s book 1984, there are some interesting legal issues that concern privacy law. Take the reasonable expectation of privacy test as an example, do people who own smart TVs automatically fail the first prong because they have no actual expectation of privacy when they talk before the TV?

After all, customers choose to buy these TVs. One could argue that people are not expecting to surrender their privacy in the living room because they don’t know their smart TV would “snitch”. But the counter argument could point to the Samsung warning or its privacy policy in the manual that comes with the TV and say “well, now you know it and it is your decision to turn on the voice feature.”

Should the little button on the remote that controls the voice activation also control how much privacy I have in my home? I don’t think it should. But the reasonable expectation of privacy test seems to be of no help here. It is also hard to argue physical trespass since I bought the TV. So the traditional doctrine of physical trespass doesn’t help either. I would love to see how courts will reconcile the new technology with the privacy concerns here because surely I want my privacy protected and I don’t want to reach for my remote.