‘Hackcess to Justice’ winners look to increase the reach of their apps (ABA Journal, 25 August 2014) – Award winners from the recent Hackcess to Justice legal hackathon are working hard to fulfill the main goal of the event: Improving access for all Americans to effective legal assistance. In the two weeks since the inaugural hackathon-in conjunction with the ABA Annual Meeting-took place at Suffolk University Law School in Boston, the programmers and lawyers behind the three winning entries have hardly sat back and rested on their laurels. Instead, they have all taken steps to try and increase the reach of their apps. For instance, all three apps are now available for the general public to use, and in some cases, the prize winners are speaking to nonprofit and state agencies to figure out ways their apps can be used to provide legal assistance to many more individuals. William Palin, a Somerville, Massachusetts, attorney who won first place with his health care proxy and living will generator PaperHealth , tells the ABA Journal that the app has already been approved by Apple and is now available in the App Store . He says that he is currently talking to a nonprofit legal network in Vermont in the hopes of increasing awareness of his app. “What I’m proposing is that, if the state will provide an attorney to review the legality of the app, then I’ll adjust and customize it for the state, and then provide it for free, as long as they promote it,” says Palin, who hopes to do this with every state in the country. The second-place winning app, disastr , which was created by Matthew Burnett, director of the Immigration Advocates Network, and Adam Friedl, program and special initiatives manager at Pro Bono Net, has been officially released for Android. The app provides information, resources, real-time news and alerts and legal representation forms for people affected by natural disasters Meanwhile, David Colarusso, staff attorney for the Massachusetts Committee for Public Counsel Services, has been busy talking to state officials about potential uses for his team’s app, Due Processr . The app, which took third place and was developed by Colarusso and his teammates, David Zvenyach, a general counsel in Washington, D.C. and William Li, a computer science PhD student at the Massachusetts Institute of Technology, Hotmail.is an interactive tool that allows users to determine their eligibility for indigent legal services in Massachusetts, and for criminal defendants to calculate their state prison sentences.

 

Provided by MIRLN.

Image courtesy of FreeDigitalPhotos.net/tiramisustudio

 

Encrypt your phone calls with Signal for iPhone and RedPhone for Android (Lawyerist, 30 July 2014) – Security is getting simpler and easier, thanks to companies like Open Whisper Systems , which now has encrypted calling apps for both iPhone and Android. RedPhone for Android has been out for a while, and Signal is a brand-new encrypted calling app and service for iPhone . Both are free to download and use. Both apps are also open-source (you can find the code on Github ) so that anyone can audit the code to ensure it does what it is supposed to do. What they do is encrypt phone calls between Signal or RedPhone users. If someone were to gain access to your phone meta data, for example, all they would be able to see is that you called Whisper System’s servers, which do not keep any logs. The call itself is encrypted and decrypted locally on your phone, which makes it extremely difficult for anyone to figure out how to listen in. Signal is a good-looking app that blends in well with iOS 7. (RedPhone just uses the default Android system dialer, so it does not change the look and feel of calls other than to add a RedPhone Call label to secure calls.) Signing up is as simple as providing your phone number, then confirming it with a code sent by text message. It’s a convenient signup method that does away with usernames and passwords. After that, Signal works a lot like the regular iPhone phone app. You just have to launch Signal, instead, in order to make secure calls. The only real downside to Signal and RedPhone is that your friends need to have the app in order for you to call them securely. If you try to call someone who is not already registered with Signal, it will offer to invite them to Signal via text message. RedPhone works a bit differently, since it integrates with the Android dialer. RedPhone will let you call anyone, and it uses encryption whenever the person you call has RedPhone installed.

 Provided by MIRLN.

 

From MIRLN founder, Vince Polley:

Polley : I’ve installed Signal, and see that a few of my friends & colleagues already have it on their iPhones. Give it a try; give me a call.]

Image courtesy of FreeDigitalPhotos.net/StuartMiles.

Great privacy essay: Fourth Amendment doctrine in the era of total surveillance (NetworkWorld, 30 July 2014) – When you signed up with your ISP, or with a wireless carrier for mobile devices, if you gave it any thought at all when you signed your name on the contract, you likely didn’t expect your activities to be a secret, or to be anonymous, but how about at least some degree of private? Is that reasonable? No, as the law currently suggests that as a subscriber, you “volunteer” your personal information to be shared with third-parties. Perhaps not the content of your communications, but the transactional information that tells things like times, places, phone numbers, or addresses; transactional data that paints a very clear picture of your life and for which no warrant is required. I’d like to direct your attention to an essay titled “Failing Expectations: Fourth Amendment Doctrine in the Era of Total Surveillance” by Olivier Sylvain , Associate Professor of Law at Fordham University School of Law. He said, “Today’s reasonable expectation test and the third-party doctrine have little to nothing to offer by way of privacy protection if users today are at least conflicted about whether transactional noncontent data should be shared with third parties, including law enforcement officials.” * * * Sylvain argues that “the reasonable expectation standard is particularly flawed if it has the effect of encouraging judges to seek guidance from legislatures on constitutional norms and principles. Judicial review is the vital antimajoritarian check against excessive government intrusions on individual liberty under our constitutional scheme. This is a responsibility that courts cannot pass off to the political branches when, as is the case today, most people expect that the cost of network connection is total surveillance.”

Provided by MIRLN.

Image courtesy of FreeDigitalPhotos.net/Stuart Miles

Cloud computing stymies digital forensics investigations (Nextgov, 24 July 2014) – In recent years, cloud computing has made the leap from an emerging technology to government mainstay, allowing agencies an IT avenue to share services, save money and increase efficiency. However, cloud computing still presents some major technical challenges in government, as illustrated by a recent draft report issued by the National Institute of Standards and Technology. Prepared by the NIST Cloud Computing Forensic Science Working Group, the report summarizes a staggering 65 challenges cloud computing presents to forensics investigators who sift through bits and bytes of digital evidence to solve crimes. The challenges are technical, legal and organizational, according to NIST’s Martin Herman, co-chair of the working group. They can be further classified among nine categories, including architecture, data collection, analysis, standards, training and “anti-forensics” such as data hiding and malware. With cloud computing becoming more popular – many agencies, for example, now use cloud computing for email – scenarios in which the cloud might muck up an investigation are plentiful. For example, in a typical computer system, when a user deletes a file, the user isn’t actually deleting the information—only the digital “pointers” to the file, according to Herman. Data isn’t really deleted until the physical hard drive or storage disk is overwritten with other data. Traditional forensics teams routinely recover files – including deleted files – using fairly well-known tools. Because the cloud can be a shared, multitenant environment, servers and storage devices can be shared among many different customers. That means, Herman said, there is a higher likelihood deleted data will be overwritten.

Provided by MIRLN.

Image courtesy of FreeDigitalPhotos.net/Stuart Miles

A plan to untangle our digital lives after we’re gone (NPR, 23 July 2014) – Ancient peoples sent their dead to the grave with their prized possessions – precious stones, gilded weapons and terracotta armies. But unlike these treasures, our digital property won’t get buried with us. Our archived Facebook messages, old email chains and even Tinder exchanges will hover untouched in the online cloud when we die. Or maybe not. Last week, the Uniform Law Commission drafted the Uniform Fiduciary Access to Digital Assets Act , a model law that would let relatives access the social media accounts of the deceased. A national lawyers’ group, the ULC aims to standardize law across the country by recommending legislation for states to adopt, particularly when it comes to timely, fast-evolving issues. “Where you used to have a shoebox full of family photos, now those photos are often posted to a website,” notes Ben Orzeske, legislative counsel at the ULC. That shoebox used to go to the executor of the deceased’s will, who would open it and distribute its contents to family members. The will’s author could decide what she wanted to give and to whom. The Uniform Fiduciary Access to Digital Assets Act aims to make the digital shoebox equally accessible. “This is the concept of ‘media neutrality,’ “ Orzeske explained. “The law gives the executor of your estate access to digital assets in the same way he had access to your tangible assets in the old world. It doesn’t matter if they’re on paper or on a website.” It turns out those terms-of-service agreements Internet users usually click through without reading include some strict rules: The small print on sites like Facebook and Google specifies that the user alone can access his or her account. But the ULC’s proposed law would override those contracts, Orzeske said. [see also Tech seeks life after death for accounts (The Hill, 24 July 2014)]

Provided by MIRLN.

Image courtesy of FreeDigitalPhotos.net/David Castillo.

Prosecutors are reading emails from inmates to lawyers (NYT, 22 July 2014) – The extortion case against Thomas DiFiore, a reputed boss in the Bonanno crime family, encompassed thousands of pages of evidence, including surveillance photographs, cellphone and property records, and hundreds of hours of audio recordings. But even as Mr. DiFiore sat in a jail cell, sending nearly daily emails to his lawyers on his case and his deteriorating health, federal prosecutors in Brooklyn sought to add another layer of evidence: those very emails. The prosecutors informed Mr. DiFiore last month that they would be reading the emails sent to his lawyers from jail, potentially using his own words against him. Jailhouse conversations have been many a defendant’s downfall through incriminating words spoken to inmates or visitors, or in phone calls to friends or relatives. Inmates’ calls to or from lawyers, however, are generally exempt from such monitoring. But across the country, federal prosecutors have begun reading prisoners’ emails to lawyers – a practice wholly embraced in Brooklyn, where prosecutors have said they intend to read such emails in almost every case. The issue has spurred court battles over whether inmates have a right to confidential email communications with their lawyers – a question on which federal judges have been divided. 

Provided by MIRLN.

Note from MIRLN Founder, Vince Polley:

Polley : This is only mildly nefarious – the jail/prison email systems carry ToS that abrogate confidentiality. Still. And, there have been cases involving private employers who’ve been prohibited from accessing/using emails between an employee and the employee’s counsel, generally on the basis of superseding policy protecting attorney-client privilege.]