Congress is on recess through Labor Day.
SCMagazine published an article recapping two separate milestones revealed last week in Google’s warrant cases in the Northern District of California and the District Court in Washington D.C. In particular, the piece analyses the case before the District Court in Washington D.C., in which District Chief Judge Beryl Howell ruled that the Second Circuit erred in Microsoft’s warrant case. The article highlights how judges in both cases have “put little stock” in the precedent set by the Second Circuit.
George Washington University professor of law Orin Kerr published a series of tweets analyzing the recent Northern District of California ruling ordering Google to comply with a search warrant for data located overseas. Kerr reasons that because of the ruling,the DOJ will now just get warrants for foreign stored info held by Google, Facebook, and Yahoo in the Northern District court, regardless of the location of its cases. He also tweeted that the ruling further supports the DOJ’s petition for cert in Microsoft’s warrant case, noting the need for consistency across circuits.
US President Donald Trump earlier this week directed his trade office to look into allegations against China of IP and technology theft and its impact on American business. This was followed by the White House Chief Strategist Steve Bannon’s remarks in an interview published Wednesday by US news site prospect.org that the US would use Section 301 of the 1974 Trade Act against Chinese coercion of technology transfers from US corporations doing business in China. “We’re at economic war with China,” Bannon said.
FOURTEEN OF THE biggest US tech companies filed a brief with the Supreme Court on Monday supporting more rigorous warrant requirements for law enforcement seeking certain cell phone data, such as location information. In the statement, the signatories—Google, Apple, Facebook, and Microsoft among them—argue that the government leans on outdated laws from the 1970s to justify Fourth Amendment overreach. One perhaps surprising voice in the chorus of protesters? Verizon.
President Donald Trump has asked the U.S trade representative to explore whether China has stolen American intellectual property. It’s about time that China was taken to task, not just for intellectual property violations, but for making it difficult for American companies to operate within China. America has a competitive advantage and consistently outperforms the world in intellectual property. People seek to imitate America in many ways, including music, software, pharmaceuticals and technology.
U.S. Sen. Ron Johnson, R-Wis., is questioning whether Wisconsin should bear the full $3 billion in financial incentives being considered to lure electronics giant Foxconn Technology Group to the state. Johnson raised the question since Illinois workers would also benefit from the plant, which is expected to be built in southeast Wisconsin near the border.
In the wake of the Charlottesville protests, technology companies are aggressively cracking down on hateful content that violates their terms of service. GoDaddy pulled the plug on a neo-Nazi website after the group posted an article mocking Heather Heyer, the paralegal who died after a white nationalist protester plowed his car into the crowd in Charlottesville. When the group moved to Google, the technology giant was quick to boot it off its own servers.
The Los Angeles Times Los Angeles Plans to Launch a Cybersecurity Threat-Sharing Group With City Businesses
Los Angeles officials plan to launch an unprecedented initiative Tuesday to share information about cybersecurity threats with businesses in the city. Federal agencies and industry organizations have developed several threat-sharing partnerships in recent years, but city leaders say they haven’t seen one emerge that addressed an entire region or small- and medium-sized companies.
A new law proposed to protect the privacy of British internet users could end up criminalising the only people working to uncover abuses of personal data, a leading privacy researcher has warned. The new data protection bill will contain a clause making it a criminal offence to “intentionally or recklessly re-identify individuals from anonymised or pseudonymised data”. The maximum penalty under the new law would be an unlimited fine.
New York Post Every Campaign Is Now a Cyberwar Target
Long before 2016, foreign governments were targeting Republican and Democratic campaigns, trying to influence the way our government operates. This is a serious problem, and it threatens our nation’s sovereignty. It’s something we didn’t even think about when I started working on presidential politics in 2000. As Mitt Romney’s campaign manager in 2012, I experienced cyberattacks firsthand when China tried to infiltrate our servers, forcing us to spend precious campaign dollars on increased cybersecurity. Every cent spent on protection could have been used addressing voters’ concerns, and that meant even unsuccessful cyberattacks weakened the campaign.
The Washington Post Tech firm is fighting a federal order for data on visitors to an anti-Trump website
The Washington Post, reported that DreamHost, a Los Angeles based hosting company, refused to comply with a federal warrant seeking IP data on the 1.3 million visitors of Disruptj20.org, a website used to organize Inauguration Day protests earlier this year. DreamHost, with support from EFF, is challenging the warrant in the Superior Court for the District of Columbia. The Washington Post published an opinion piece by Orin Kerr analyzing the warrant’s legality and scope. Kerr does not initially find anything problematic with the warrant as it is part of the “widely accepted two-stage warrant practice.” However, he also notes that the DreamHost’s challenge raises questions about the extent of electronic records that can be sought with a search warrant.
The New York Times Sundar Pichai Should Resign as Google’s C.E.O.
There are many actors in the whole Google/diversity drama, but I’d say the one who’s behaved the worst is the C.E.O., Sundar Pichai. The first actor is James Damore, who wrote the memo. In it, he was trying to explain why 80 percent of Google’s tech employees are male. He agreed that there are large cultural biases but also pointed to a genetic component. Then he described some of the ways the distribution of qualities differs across male and female populations.
Last week, a software engineer at Google, James Damore, posted a ten-page memo, titled “Google’s Ideological Echo Chamber,” to an internal company network. Citing a range of psychological studies, Wikipedia entries, and media articles on “our culture of shaming and misrepresentation,” Damore argued that women are underrepresented in the tech industry largely because of their innate biological differences from men—their “stronger interest in people rather than things,” their propensity for “neuroticism,” their “higher levels of anxiety.” Damore criticized the company’s diversity initiatives, which focus on recruitment, hiring, and professional development, as discriminatory, and advanced “concrete suggestions” for improving them: “de-moralize diversity,” “de-emphasize empathy,” “stop alienating conservatives,” and “be open about the science of human nature.” On Monday, Google’s C.E.O., Sundar Pichai, sent a note to his employees decrying the memo’s “harmful gender stereotypes” and noting that portions of it violated the company’s code of conduct. Damore was fired, and promptly filed a charge with the National Labor Relations Board.
The New York Times The Alt-Right Finds a New Enemy in Silicon Valley
Minutes after Mr. Damore’s firing was announced, a flurry of right-wing websites, message boards and social media cliques sprang into action, eager to paint the episode as another example of liberal political correctness run amok. A headline on Breitbart, the conservative news site, screamed in capital letters about “blacklists.” Users on Twitter and 4chan, the message board beloved by pro-Trump types, began to organize a boycott of Google’s services. Milo Yiannopoulos, the alt-right provocateur, called Mr. Damore’s firing “disgusting” in a Facebook post, and offered to help him land on his feet.
Reuters Microsoft Unveils Technology to Speed Up Blockchain and Its Adoption
Microsoft Corp (MSFT.O) is working on technology that it believes can make blockchain-based systems faster and more private, as it looks to speed up use of the distributed database software by enterprises. The company said on Thursday that it had developed a system called Coco Framework, which connects to different blockchain networks to solve some of the issues that have slowed down their adoption, including speed and privacy concerns.
Fortune Scarce Tech Talent Even Harder to Find in Tumultuous U.S. Political Climate
Uncertainty around immigration policy leading up to the presidential election and in the first months of the Trump administration has set off concerns throughout the tech industry, which has used foreign workers to address a shortage of workers in the U.S. Search data from Indeed already shows fewer job seekers based outside the country are searching for U.S. positions. Now an analysis of 175,000 interview requests from Hired shows that U.S. companies are reaching out to foreign talent less frequently.
“For a company that prides itself on search engines, we’re talking about well over a year and they cannot even figure out what was and wasn’t in the U.S. They can’t tell us if they’ve produced everything in the U.S.… The government’s investigation suffers in the meantime… In the government’s view, this has been Google saying, ‘We’re going to replace the wisdom of the court with our own wisdom. We’re going to make up the rules as we go along and the court and government can take a back seat.’”
“For the reasons that follow, the Microsoft court erred: [a] SCA warrant that seeks records or the content of electronic communications from a U.S.-based service provider does not amount to an extraterritorial application of the SCA, even when the targeted information, in whole or in part, may be stored on servers abroad.’”
“The Carpenter case deals with information about a person’s location for more than 100 days, and yet the government claims that no privacy is violated when it seizes and searches that data. The Court should return to the text of the Fourth Amendment and recognize that data and digital communication are property that are protected by the papers and effects part of the Fourth Amendment, as it did in Riley v. California—the 2014 case where the justices unanimously required a warrant for searching a phone seized during an arrest.”
“Part of what made the Internet always great and the reason why it’s blossomed is because it was always decentralized and not subject to heavy-handed regulations… The concern is that the Internet will be splintered into islands.”
- –Omer Tene, vice president of research and education at International Association of Privacy Professionals
“Even if the Government claims to be targeting someone else who lacks Fourth Amendment rights, it is not entitled to ignore the rights of a U.S. person who is entitled to that protection.”
“Thanks to a sort of ‘degraded’ legal status for data, the government is currently able to access huge amounts of often highly sensitive information about us without our say-so.”
“Courts have broadly allowed the government to follow this two-step procedure, in which they get all the stuff in the initial stage of electronic evidence warrants so that they can search it for the relevant evidence. Given that, Dreamhost’s objection is slightly off. As I read it, Dreamhost is essentially challenging the widely accepted two-stage warrant practice. Some federal magistrate judges in the “magistrate’s revolt” have made that argument, but they generally have been overruled at the district court level.”
“I see this as prosecutorial overreach by the DOJ. Regardless of your political affiliation, you should be concerned that anyone can be targeted for merely visiting a website legally disseminating political news. The only thing this will achieve is to cause fear of exposure when participating in protected associational rights.”
“That information could be used to identify any individuals who used this site to exercise and express political speech protected under the Constitution’s First Amendment. That should be enough to set alarm bells off in anyone’s mind.”
“There is no agreement on where to draw the line between data protection based restrictions on data flows that are protectionist and against trade and liberalisation, and those that are necessary to guarantee the rights of citizens. Privacy experts have argued that data protection is qualitatively different from forced localization and the issue of data localization for data protection would disappear if nations implement stronger privacy laws or adopted baseline best practices. Nevertheless countries continue to pursue carving exemptions for data protection in trade agreements.”
“ Verizon stands out because they actually hold the specific kind of location records that are directly at issue. The telecoms have a long history in general of cooperating with law enforcement surveillance demands, but I think Verizon’s participation reflects a growing understanding of the importance of standing up for customers’ privacy rights.”
“[There is a] growing consensus [among courts in SCA cases] that the location of the data being requested is less important than the location of the cloud provider or the location where the retrieval of data will take place.”
“I’ve never seen anything on this scale, where we’re talking about millions of users and there’s no attempt whatsoever to narrow the scope (either by date, time, or user),”
“It seems quite concerning and extremely overbroad — raising both First and Fourth amendment concerns. It’s targeting anyone who visited a site used to organize a protest, in a way that seriously risks chilling speech and associational rights…Presumably what they’re trying to do is build links and associations … and use that as a basis for a broader investigation.”
“Generating a backdoor into today’s leading chat application should not therefore be seen as a long-term solution. Rather, all evidence to the contrary suggests that terrorists will quickly shift to new platforms or innovate and create their own.”
“Even if the U.S. DOJ legislation prohibits countries that authorize overbroad warrants from executing them under the bilateral agreement, it does not provide for recourse mechanisms for companies seeking to push back against requests or procedures for regularly scrutinizing requests for their compliance with the legislation. We have been told that companies who wish to challenge a request can resort back to the MLAT process, but the legislation itself does not address that avenue of recourse… It is reasonable to ask whether companies, particularly smaller, less-resourced ones, will be prepared to fight what they perceive to be unlawful requests, especially without a clear sense of whether or how the U.S. government will get involved.’”
- –Mailyn Fidler, fellow, Berkman Klein Center for Internet & Society Harvard University & Scarlet Kim, legal officer, Privacy International
“Any search of data stored on a digital device, whether performed using special forensic software or conducted manually after obtaining and entering the owner’s password, provides access to a person’s entire private life.”
“Now, President Vladimir Putin has signed legislation outlawing the use of VPNs and other methods that permit users to connect to the Internet anonymously, such as the Tor browser. Mr. Putin also signed legislation that will require instant-messaging services to establish the identity of users by their phone numbers — another step to make sure no one escapes surveillance if the state deems it necessary.”
SOCIAL MEDIA HIGHLIGHTS
- @ConversationUS: End-to-end encryption isn’t enough security for ‘real people’
- @EFF: Interested in data privacy? Here’s a primer on how the Fourth Amendment applies to digital information.
- @Infosecurity Mag: Ex-MI5 Boss Evans: Don’t Undermine Encryption
- @asroehlein: Have You Visited a Major Trump Protest Website? There’s a Warrant Out for Your Data
- @EFF: The government keeps using unconstitutional methods to investigate protestors, but one web host is fighting back
- @lawfareblog: Susan Landau: Phones Move – and So Should the Law
- @nytimesbusiness: “It’s legal to visit a website and it’s legal to attend a protest. This search warrant is a intimidation tactic”
- @realdanstoller: @Google Must Turn Over Data Stored Abroad Sought Under U.S. Warrant
- @AJENews: “Intimidation tactic.” US government seeks data on visitors to anti-Trump site
- @CruickshankPaul: US Army Cyber Institute Fellow @AfterWestphalia argues encryption app backdooring is a worse than futile exercise
- @josephfcox: New: in internal doc DEA says ‘there is no silver bullet’ for going dark; points to problem of WhatsApp encryption
- @OrinKerr: MSFT ruling may not matter in lots of big cases anymore. In a CA2 case, CA2 may say can’t get warrant. But NDCa says can, and DOJ will.
- @OSFellows: Fellow @jendaskal quoted in @thehill raising alarm at #DOJ request for data on visitors to Trump protest website
- @schnierblog: Do the Police Need a Search Warrant to Access Cell Phone Location Data?
- @benghancock: Judge Seeborg saying at a hearing now he’s inclined to affirm an MJ’s ruling that warrant for Google to produce overseas data not unlawful
- @benghancock: Judge says to USA lawyer on Microsoft 2nd C decision: “My sense of it is favorable to your side, so I suspect you’d want to leave it there.”