Texas vs NSA: Cutting the Cord

A representative from Texas has proposed a very interesting way to try to combat NSA surveillance. Jonathan Stickland has proposed a state law (H.RB. No. 3916), which aims to combat NSA surveillance at a San Antonio site by cutting the cord so to speak. The bill would cut access to electricity and water utilities to any federal agency that “is involved in the routine surveillance or collection and storage of bulk telephone or e-mail records or related metadata concerning any citizen of the United States”.


Read the full BBC article here.

By Hustvedt (Own work) [GFDL or CC BY-SA 3.0], via Wikimedia Commons

People of the CIJT, What do you think?

Google+ ‘Stories’ Automatically Curating User Photos

Ask the Decoder: How are algorithms telling our stories for us? (Al Jazeera, 8 Oct 2014) – Jean Yang went on a big trip through Europe this summer, from Edinburgh, Scotland, to Dubrovnik, Croatia, to Oslo, Norway, and back. Like a good tourist, she took pictures on her phone, an Android, throughout her trip. When she returned home, she found a surprise package in her Google+ notifications: a neatly collated, summarized, annotated digital scrapbook titled “Trip.” Jean shared the album with me with this message: “ This is equally cool and creepy: Google made this scrapbook of my June travels based on a random selection of photos I took – and also its knowledge of where I was. It’s kind of nice to have this information organized automatically, but this is really trusting them with a lot of information. It would be funny if they took quotes from emails I sent during this time and put in quotes relevant to the places. “Oslo is so expensive! My second dinner of wonton soup cost 68 kroner.” I’m curious how they decide what to include.” When I spoke with Jean later, she was surprised in part because she didn’t know this feature existed. She was also a little taken aback by all the location information included, given that she hadn’t been using her roaming phone plan or data while abroad. So how did Google pull this together? And why did it leave Jean with mixed feelings? We looked into the program. Google introduced this scrapbooking feature in May, just before Jean’s trip. The company calls it Stories : “Your best photos are automatically chosen and arranged in a fun timeline to show the highlights of your trip or event.” There’s an example scrapbook here . * * *

Focus on Cyber Security is Top Priority for N.Y. Financial Regulator

N.Y. financial regulator says to focus on cyber security (Reuters, 22 Sept 2014) – New York’s financial regulator said on Monday his agency will focus on cyber security over the next year, saying the possibility of a systemic attack to the financial system is one thing that keeps him awake at night. “It is impossible to take it seriously enough,” said Benjamin Lawsky, superintendent of the Department of Financial Services (DFS) for the state of New York. Cyberterrorism is “the most significant issue DFS will work on in the next year,” he said, speaking at a Bloomberg Markets event at the Museum of Jewish Heritage in lower Manhattan. A report earlier this year by DFS on cyber security in the banking sector found that most institutions surveyed have come under cyber attack at some point in the past three years. The attacks came irrespective of the institutions’ sizes, highlighting how prevalent an issue hacking has become.


Provided by MIRLN.

Image courtesy of FreeDigitalPhotos.net/StuartMiles

Attorneys Using iPhones, Overlook iPads

2014 ABA Tech Survey shows more attorneys using iPhones, but iPad use holds steady (iPhone JD, 20 August 2014) – Every year, the ABA Legal Technology Resource Center conducts a survey to gauge the use of legal technology by attorneys in the United States. My thoughts on the prior reports are located here: 2013 ,2012 2011 2010 . No survey is perfect, but the ABA tries hard to ensure that its survey has statistical significance, and every year this is one of the best sources of information on how attorneys use technology. Yesterday, the ABA released Volume VI of the report titled Mobile Lawyers. This year’s report once again shows that a large number of attorneys are using iPhones and iPads. For those nine out of every ten attorneys who are using smartphones, 74% reported in 2014 that they were using a personally owned smartphone, and 28% used a smartphone permanently assigned by their law firm. Those numbers were closer to 66% and 36% in the prior three years, so it seems that in 2014, fewer law firms are buying smartphones for their attorneys and more attorneys are buying their own smartphones. Whether they buy it themselves or it is purchased by their law firm, what smartphones are those nine out of ten attorneys using in 2014? Last year, the big news was that over half of all attorneys were using an iPhone. This year, that number increases even more: 60.8% of all attorneys are using an iPhone (66.8% of the 91% of attorneys who use a smartphone). So if you can imagine a row of ten attorneys, this year one of them doesn’t use a smartphone at all, and six of them use an iPhone. What about the other three? Two of them are likely using an Android phone (24.5% of the 91% of attorneys who use a smartphone report using an Android phone in 2014, a small increase from 22% in 2013.) and that last attorney is probably using a Windows phone. Last year, based on the 2013 survey, I concluded that over 400,000 attorneys were using an iPad based on the survey numbers and the assumption that there are about one million attorneys in the U.S. This year, I still believe that there are over 400,000 attorneys using an iPad, but the 2014 survey results on lawyer tablet use were surprising to me in two respects. First, lawyer tablet use is not growing nearly as much as I had expected. In 2011, 15% of attorneys reported that they used a tablet device. In 2012, that more than doubled to 33%. In 2013, it increased to 48%. Thus, I would have guessed that more than half of attorneys would be using tablets in 2014. But that didn’t happen. The number instead increased only from 48% to 49%. Have we reached the point where most attorneys who want to use a tablet already have one? After all, as useful as an iPad is, I often hear attorneys tell me that laptops such as the MacBook Air are so thin and light that they carry theirs almost everywhere, and when you always have a laptop with you there is less of a need for an iPad. Is it possible that even though almost half of all attorneys now use a tablet, the other half will never see the need to do so?

Provided by MIRLN.

Image courtesy of FreeDigitalPhotos.net/Naypong

Lawyer-Run Organizations Become Hottest Targets for Hackers

UK’s Information Commissioner Voices Concerns About Data Security in Legal Profession (August 5, 2014) – The UK Information Commissioner’s Office (ICO) has received reports of 15 incidents in the past three months involving mishandling of client data by those in the legal profession. The ICO is warning that barristers and solicitors who do not take adequate precautions to protect their clients’ data would face fines of up to GBP 500,000 (US $840,000). – http://www.v3.co.uk/v3-uk/news/2358882/ico-sounds-the-alarm-over-legal-professions-shoddy-data-handling [SANS Editor’s Note (Paller): I have first hand evidence that US law firms have lost huge troves of their clients’ data; the FBI disclosed that US law firms were targets of nation-state attacks in 2009; and the head of MI5 made it clear that the same was happening in the UK in a disclosure the year before. Nation states (as well as economic competitors) have figured out that organizations run by lawyers (as well as the consulting companies run by ex Federal officials) are the most cost-effective way to steal intellectual property from companies seeking to do business in their countries because those companies share the crown jewels with their lawyers and consultants and think they will protect the information. ]


Provided by MIRLN.

Image courtesy of FreeDigitalPhotos.net/StuartMiles

Court Comes Down On Phone Tracking

In major privacy ruling, court says police need warrant to track phone users’ location (GigaOM, 11 June 2014) – In a victory for privacy advocates, a federal appeals court in Florida ruled that law enforcement agents cannot force mobile carriers to turn over the location history of their customers without a search warrant. The case involved an appeal by Quartavius Davis, who was convicted by a jury for his role in a violent armed robbery spree targeting restaurants and gas stations. The evidence included location data gleaned from cellphone towers that showed Davis had been in proximity of the various businesses. In finding that the police should had obtained a warrant to obtain the location data, the 11th Circuit Court of Appeals unanimously ruled that the government violated Davis’ Fourth Amendment right against unreasonable search and seizure. The case is groundbreaking because higher courts have yet to rule definitively on whether people have a privacy right in the location disclosed by their cell phones. Citing a recent Supreme Court case that suggested police in some cases need a warrant to track a suspect’s automobile, the appeals court noted that a cell phone carries deeper privacy implications. The court also drew a firm line between what police must do to obtain call records from a phone company, which can share records without a warrant under the so-called “third-party doctrine,” versus what is required to obtain a person’s location. Declaring that a person’s location is more analogous to the content of a phone call (for which police do need a warrant), the court stated that people can reasonable expect that their mobile carrier will not hand over a historic record of the places they have been. Finally, the case also highlights the ability of cellphone towers to observe and record a phone user’s location. While the court acknowledged that the tower’s do not disclose a person’s precise location, it ruled that they reveal enough information to trigger the Fourth Amendment’s privacy protection.

Provided by MIRLN.

Image courtesy of FreeDigitalPhotos.net/jannoon028.