Month: September 2015

Should law firms share information about cyber threats?

September 8, 2015 Shelby Bice Leave a comment Cybercrime, In the Law, Legal News, Tech for Lawyers

With law firms and their clients facing cyber threats more and more frequently, it makes sense that firms would want to come together and share what information they know about these threats in order that each firm can be better prepared to advise their clients. The Legal Services Information Sharing and Analysis Organization, or LS-ISAO for short, was formed to allow this kind of collaboration between firms. The new alliance is connected with a similar organization, the Financial Services Information Sharing and Analysis Organization, or FS-ISAO, which has been requiring private and public financial sectors to share information on cyber security and other threats since 1999. While LS-ISAO was formed after several law firms contacted the FS-ISAO, not all law firms are eager to join the alliance.

Although any law firms are educating their members on cyber threats or even have teams specifically dedicated to cybersecurity, most law firms guide their response to cyber threats based upon their clients’ opinions. For example, Chanley Howell, a member of the cybersecurity team at Foley & Lardner, isn’t very keen on becoming a part of the alliance, but explains, “If we start hearing clients recommend it, we’ll probably join.” Though it may seem counterintuitive for a cybersecurity team to put off joining an organization created to spread knowledge about cyber threats, Jeremiah Buckley, a founder member of Buckley Sandler who writes about cyber risk, argues that there are some potential drawbacks an organization that shares cybersecurity information so freely. Namely, if a law firm shares what they learned from a cyber threat with the alliance, even though everything is required to be anonymous, other firms could still determine which law firm was involved and then use that information to attack and discredit the firm. On the flip side, firms should be wary of information that is shared anonymously since there is no way to prove that the information is correct. Finally, firms are still competing with one another, and giving someone else a leg up may not always be in a firm’s best interests.

Even though there may be some issues associated with the new alliance, the Legal Services Information Sharing and Analysis Organization is still young. With time, according to the Vice President of Products and Services at the FS-ISAO, trust will develop between its members.

Article via Bloomberg BNA, August 21, 2015

Photo: Two People-Business Meeting via Stephen D [Creative Commons Attribution-NonCommercial-NoDerivs]

New regulations on cell-site simulators

September 7, 2015 Shelby Bice Leave a comment Government, Privacy, Tech

The Department of Justice has put stricter regulations on the use of cell-site simulators by requiring a warrant to be issued before one can be used, except in the case of “exigent” or “exceptional circumstances”, according to the CNN report covering the announcement. Cell-site simulators, which acquire locational data from cellphones by posing as cell towers, have not been regulated previously. The use of cell-site simulators have proven very helpful to law enforcement trying to locate kidnapping victims, terrorists, and other fugitives. While effective, these simulators also gather information about citizens who have not committed any crimes. This breach of privacy calls into question the ethics behind using cell-site simulators which in turn led to the announcement from the Department of Justice.

The new regulations have been praised as a step in the right direction for protecting citizen’s privacy after previous scandals of government agencies hiding their surveillance technology from the public. However, the Department of Justice’s announcement only applies to federal agencies, not local or state law enforcement. The staff attorney for the American Civil Liberties Union, Nathan Freed Wessler, stated that “Congress should act to pass more comprehensive legislation to ensure that Americans’ privacy is protected from these devices and other location tracking technologies” by including law enforcement agencies that purchased cell-site simulations with federal funding under the new regulations.

Articles via ABA Journal, September 4, 2015: CNN, September 3, 2015

Photo: Timelaps with Oneplus One Cellphone via Damien Thorne [Creative Commons Attribution-NonCommercial-NoDerivs]

Facebook creates personal learning program

September 5, 2015 Abby Shulman Leave a comment Business, Education, Government, Social Media, Tech

In a blog post on Sept. 3, Facebook’s Chief Product Officer Chris Cox explained the company’s goal to offer personalized education to public school students. Facebook partnered with the Bay Area’s Summit Public Schools throughout the 2014 school year to develop Personalized Learning Plan (“PLP”), a tool to help students organize and tailor their educations. Over 2000 students and 100 teachers utilized the program in 2014.

Summit seeks to offer PLP to public schools across the nation, and is partnering with a few schools in 2015 to test the piloted program. Facebook will use feedback from the 2015 school year to improve the interface.

PLP is a program entirely separate from the main Facebook company. Students and teachers who login are not required to have a Facebook account, and user information will not be sold to any advertisement companies. In fact, Facebook must abide by the Student Privacy Pledge, a guide to protecting students endorsed by the US Government.

Article via TechCrunchJuly 13, 2015

Photo: Facebook via Scott Beale [Creative Commons Attribution-NonCommercial-NoDerivs]

Hacking Team’s clientele- corrupt governments

September 4, 2015 Abby Shulman Leave a comment Cybercrime, Economy, Government, Human Rights, Justice, News, Privacy, Security, Tech

In July of 2015, 400 gigabytes of documents outlining the dealings of spyware company Hacking Team were released. The for-profit surveillance firm was found to work with oppressive regimes across the globe, including those of Russia, Ethiopia, Azerbaijan, Kazakhstan, Vietnam, Saudi Arabia, and Sudan. Also benefiting from the company’s exploitive surveillance tools is the US Bureau of Investigation, which has spent $775,000 on Hacking Team tools since 2011.

Hacking Team’s abilities are expansive. The firm can steal pre-encrypted data and passwords typed in Web browsers, as well as activate the microphone and camera on a target device. Users of Google Play and Apple stores may also be activating surveillance malware coded by Hacking Team.

Privacy and human rights advocates are outraged by the lack of legislation regulating firms like Hacking Team and its rival Gamma International, but regulation can be tricky. Badly drafted export controls could create red tape for journalists to circumvent when trying to access communications mechanisms or antivirus software. Syrian activists, for example, have cited American export controls as one of the leading obstacles of installing anti-surveillance software on phones and computers to protect their communications from the Assad regime.

The discussion is subtle, as it must take into account the personal liberties of global citizens, the dynamic nature of the technology industry, and the diverse interests of country governments.

Article via Committee to Protect JournalistsJuly 13, 2015

Photo: On the Phone via Artform Canada [Creative Commons Attribution-NonCommercial-NoDerivs]

 

 

 

Data encryption thwarts criminal investigations

September 3, 2015 Abby Shulman Leave a comment Citizen Justice, Court, Criminal Law, Ethics, Government, Justice, Legal News, News, Privacy, Security, Tech

According to Manhattan’s District Attorney, smartphone data encryption hinders criminal investigations in state courts. Cyrus R. Vance, Jr. testified to the Senate Judiciary Committee on July 8, 2015 in an effort to advocate legislation allowing law enforcement officials to access private phone data with judicial authorization.

Vance, Jr. cites that 71% of phone evidence in his office comes from Apple or Android devices. As a result, Apple and Google’s move to fully integrate data encryption in their next devices will significantly affect prosecution processes in state courts.

State courts adjudicate over 90% of all criminal cases annually, which means over 100,000 cases for Vance’s office alone.

“To investigate these 100,000 cases without smartphone data is to fight crime with one hand tied behind our backs,” he asserts.

Vance does not support bulk data collection or surveillance without authorization. Civil liberty and privacy advocates are still wary, however, and endorse data encryption overall. This sentiment is in relative accordance with statements from Deputy Attorney General Sally Yates and FBI Director James Comey. They say that the Obama administration has no current plans to mandate companies to provide federal agents encryption keys for their products, but they also recognize that companies should not make their devices “warrant-free zones” that impede law enforcement’s authorized access to criminal evidence.

Article via Legaltech NewsAugust 10, 2015

Photo: IPhone via Jorge Quinteros [Creative Commons Attribution-NonCommercial-NoDerivs]

Harvard hackathon sheds light on political issues

September 3, 2015 Astrid Countee Leave a comment In the Law, Tech, Tech for Lawyers

Larry Lessig is a lawyer, political activist and scholar on a mission to bring important legal research to light. Legal scholars spend many years researching deep topics, such as who is really financing political campaigns, that never make it to the public consciousness. In order to change that, an  event called Hacking iCorruption was created. This is a hackathon meant to attract accomplished programmers, scientists, journalists and academics together to push this research to the internet and into the hands of the public at large.

Lessig launched Safra Research lab in 2010. Since then, the lab has amassed a data from legal research that he believed should be involved in political debate. This mission, combined with investigative reporter Brooke Williams idea for a hackaton, was the spark that created Hacking iCorruption. In the article Williams states, “A lot of us had simple problems that required a technical solution, but we had no budget or ability to hire an expert to solve it.” It became clear that having a hackathon would be the way to bring together the diverse group that they needed.

Due to the success of this hackathon, new ones are springing up. WeCott is a hackathon that has been created to help people organize boycotts and receive crowd funding. Hackathons are a movement according to the organizers of WeCott, and they are focusing on efforts to keep the momentum going in their communities.

 

Article via ABAJournal, 1 September 2015

Photo: Hackathon via Ferderacao das Industrias do Estado de Sao Paulo[Creative Commons Attribution-NonCommercial-NoDerivs]