FBI-Apple showdown ends

Just before a court hearing schedule for Tuesday, the FBI decided to pursue and attack method that would not require Apple’s assistance. This effectively put the FBI’s case on pause, and created an anti-climactic end to the battle between the government and the tech giant over hacking into the San Bernardino shooters iPhone. A U.S. District Court in California ruled that good cause had been shown by the government for the delay and ordered it to file a status report with the court on April 5.

Originally the FBI had wanted Apple to write software that would change the amount of password attempts that could be made before the phone erased itself. Currently, an iPhone will be erased after 10 unsuccessful attempts with the wrong passcode. The FBI stated that it would need Apple’s help to get around this hurdle, but apparently that has changed. This leave many to wonder how to agency might defeat the phone’s security.

“You can always attack the phone while it’s running. There are hundreds of people in the world, if not more, who can do that,” said Rod Schultz, vice president of product at Rubicon Labs.”They can attach a debugger to the device, and modify the instructions that are doing the policy check,” he told TechNewsWorld.

The password also could be recovered through a technique known as NAND mirroring. It requires making a copy of the iPhone’s memory. Then, after 10 wrong password guesses erased the phone’s contents, the memory would be reloaded into the phone and the FBI could take 10 more tries at cracking it. That process would be repeated several times until the FBI was able to hack into the phone. The downside is that it takes a long time, and that is most why the FBI didn’t want to do it.

The is some skepticism about the reasons why the FBI asked for the delay. “Those of us who are watching both the technology arguments and the legal arguments are somewhat skeptical of the claim that the FBI suddenly discovered they could get into the phone,” said Mike Godwin, general counsel and director of innovation policy at the R Street Institute.

“The legal arguments that Apple produced were quite strong,” Godwin told TechNewsWorld. “I think the FBI was worried it was going to lose based on the legal arguments.”

As for Apple, its public stance is that the issue must be settled outside the courts. “Tim Cook has never said Apple will never cooperate with the FBI,” observed R Street’s Godwin.

Article via TechNewsWorld, 23 March 2016

Photo: The Apple – FBI Electronic Encryption Fight RGB Triptych v1.3 by Surian Soosay [Creative Commons Attribution-NonCommercial-NoDerivs]


CourtHack: Tech comes to the courts

The CourtHack hackathon is an initiative by the National Center for State Courts in Utah and HackerNest. The purpose is to address the growing digital divide between information from the legal system (law enforcement, legal representation) and the court system (trials cases, judges, courthouses) that needs to access it.

The recent Netflix documentary Making a Murderer demonstrates how the inability to easily access data and communicate with the court system can contribute to systemic failures. Popular television shows aside, there is continuous talk about the failures of our justice system. Punishment is not deterring future crimes; there are far too many police officers in certain neighborhoods and not enough in others. According to UTNews, non-violent criminals are being incarcerated at alarming rates, producing a 60% chance that they will go back to prison once released. Although there are many reasons why these issues are plaguing our justice system, all experts agree that the current strain on the court system to meet the public needs is a threat to our rights to fair and speedy trials.

CourtHack seeks to use hackathons to create innovative and efficient solutions to flaws in the U.S. justice system. As one of the first ever court-related hackathons, CourtHack hopes to serve as a symbol of how the legal system and technology can be brought together to produce positive results.

Approximately 100 participants will form teams and compete for sizeable cash and non-cash prizes, mentorship opportunities, key meetings with industry decision-makers, and a demo spot at a major court technology conference. The event is completely free, although there is a $20 registration fee that will be refunded when you arrive on the day of the event. The hackathon will take place at:
Matheson Courthouse
450 State Street
Salt Lake City, UT

Legal minds, technologists, entrepreneurs, and concerned citizens are encouraged to compete in this epic, 22-hour hackathon. There will be an expert panel of judges that range from court administrators to judges to CIOs from around the country.

CourtHack Challenges

The team at CourtHack has made a set of challenges meant to inspire teams to build the things that will have an immediate benefit on people’s lives. Teams are not limited by the challenges; they are meant to inspire and shape the understanding of the needs that currently exist.

1. Accountability: Predictive Analytics to Target Court Oversight

Courts are supposed to oversee estate assets, including those that are willed over to family members. There are instances where a guardian may be presumed to be stealing money from the person that they are supposed to protect, but the court may be backed up with other cases. Lack of time and lack of resources makes this process difficult to manage. Therefore, there is an opportunity for technology to better manage these cases, and make abuses of the system more transparent.

2. Public Access to Justice: Apps, Tools, and Processes to improve access to justice and allow the public to resolve disputes efficiently

The court system is terribly behind in web technologies. This means that simple things such as paying a fine, or showing proof of license or insurance for a ticket are not usually possible via the web. Simple mobile applications that would enable citizens access to complete these transactions would dramatically improve the speed and efficiency of the court.

3. Legal Speed: Remote dispatch of emergency protection orders

Speeding up the flow of court information to and from the public is a major need. Circumstances such as domestic violence and abuse would be greatly facilitated if there were an easy way to send information to law enforcement and the court system. Getting restrictive orders can take time do to the need to present information in court. An application that would allow this data to be sent over the web, along with video conferencing with expedite this process.

4. Wild Card: Gaps in the Court System

There are many existing gaps in our legal system that could be aided by technology. Minor issues that are currently being handled in court may be able to be done remotely if there was a web portal and mobile app for access. Even the need to ask questions to the court could be facilitated by web technologies. There is a lot of opportunity to help make the court system more efficient in its ability to serve the public and fulfill its duties.

Article via University of Texas News, 1 June 2015; The New York Times, 12 March 2012

Photo via CourtHack


Apple refuses to hack into terrorist iPhone

Apple is being criticized by a British solider’s family for refusing to hack into an iPhone linked to December’s terrorist attack in San Bernardino, California.

Apple Chief Executive Tim Cook spoke out against the court order on Wednesday, calling the demand “chilling” and saying that compliance would be a major setback for online privacy. Many digital rights groups agree.  The federal government’s attempts to capture data from tech companies has been met with apprehension and fear. Just a few months ago, several tech companies started standing up to government data requests. But not everyone agrees with Apple’s stance on this issue.

Major tech companies like Facebook, Google, and Apple all want to protect their customers’ data by securing it at the highest levels. But, federal governments like the US and the UK want these companies to find ways to hack into customer hardware and accounts, arguing that privacy should not come at the expense of national security. This ongoing battle over encryption puts tech giants on one side, and law enforcement and intelligence on the other.

Fusilier Lee Rigby was off duty and walking down the street near his barracks in Woolwich, England, in May 2013 when he was the victim of a brutal attack by two men who told witnesses they were avenging the killing of Muslims by British soldiers.  Ray McClure, Rigby’s uncle, believes that Apple is doing nothing more than “protecting a murderer’s privacy at the cost of public safety.”

“Valuable evidence is on that smartphone and Apple is denying the FBI access to that information,” McClure said, arguing that a warrant to search a smartphone should be no different than a warrant used to search a property.

In the court order handed to Apple, the company was told it must assist the FBI in unlocking the iPhone linked to San Bernardino gunman Syed Rizwan Farook. In addition to unlocking the phone, The FBI wants Apple to build a new version of its iOS mobile software that would be able to bypass the iPhone’s security so that the agency could hack any device remotely. In an open letter published on Apple’s website, Tim Cook stated that Apple has been working with the FBI, providing data and advice on how to move forward. But the creation of software that would allow the FBI to bypass Apple’s security simply doesn’t exist. “The US government has asked us for something we simply do not have, and something we consider too dangerous to create,” said Apple CEO Time Cook.

Article via Cnet, 18 February 2016

Photo: Apple CEO Tim Cook by Mike Deerkoski [Creative Commons Attribution-NonCommercial-NoDerivs]


Safe Harbor 2.0 in the making

The United States and the European Union have reached a new agreement in replacement of Safe Harbor, as announced on February 2. Safe Harbor originally outlined the rules for electronic data transfers between the U.S. and the EU, until it was nullified by a European court for jeopardizing the privacy of European citizens. According to negotiators, the new deal will create a “Privacy Shield” in order to protect European data. Whatever the new agreement might entail, it will affect e-discovery—electronic evidence used in litigation or government investigations—as well as social media and business-related data transfers between the U.S. and the EU.

The European court decision on Safe Harbor’s validity is a result of fundamental differences in the way that Americans and Europeans view privacy. The 1995 EU Data Protection Directive established data protection requirements in the European Union that are far more comprehensive than current laws in the U.S. One of the stipulations of the 1995 law is that citizens’ personal data cannot be transferred to countries lacking sufficient data protection, such as the United States. When the Patriot Act was passed in 2001, the divergence between European and American privacy laws widened even further.

The Safe Harbor framework was considered to be a loophole to the European law. It allowed any individual company with EU privacy certification to transfer data between the U.S. and EU, even though the U.S. as a nation did not comply with the 1995 EU data Protection Directive. Moreover, American companies were only required to self-certify—essentially, a company had only to state that they were abiding by European privacy standards in order to transfer any amount of data.

Max Schrems, an Austrian law student, created an organization called “Europe versus Facebook” (EvF) in order to fight Safe Harbor in court. Although he lost his case before the Irish Data Protection Authority, the European Court of Justice held on October 6, 2015 that “There is no general privacy law or other measures enacted in the U.S. that shows the U.S offers ‘an adequate level of protection’ for personal data relating to European data subjects.”

Some call the new agreement “Safe-Harbor 2.0.” Until more information is provided, it’s impossible to know whether the deal includes real improvements, or just more loopholes.

Article via: Legaltech News, 11 February 2016

Photo: European Union Colours by Tristam Sparks  [Creative Commons Attribution-NonCommercial-NoDerivs]

 


Brazil suspends Whatsapp for 100 million users

Brazil’s government recently banned the Facebook-owned communication service Whatsapp for 48 hours after the company refused to hand over user data to authorities. Whatsapp is used by 100 million Brazilians, many who prefer the app to standard texting and calling. As a result, the ban was met with outrage. Some called for the impeachment of Brazil’s president Dilma Rousseff; others immediately switched to an alternative messaging service, Telegram.

Law enforcement has been in conflict with Whatsapp for months due to Facebook’s refusal to hand over user data from a suspected drug user. The irony, however, is that Brazil condemned the NSA in 2013 after Edward Snowden exposed the surveillance agency’s data collection practices.

In a 2013 speech to the U.N., President Rousseff asserted, “My government will do everything within its reach to defend the human rights of all Brazilians, and to protect the fruits borne from the ingenuity of our workers and our companies.”

Following Snowden’s leak, Brazil even committed to a $185 million project to construct a fiber optic cable transporting data to and from Portugal while bypassing the United States, so that U.S. authorities could not intercept information. U.S. businesses were prohibited from participating in the project.

In response to the suspension of Whatsapp, Facebook CEO Mark Zuckerberg said: “I am stunned that our efforts to protect people’s data would result in such an extreme decision by a single judge to punish every person in Brazil who uses WhatsApp.”

Article via Washington Post, December 17, 2015

Photo: Visita de Dilma Rousseff via La Moncloa Gobierno de Espana

[Creative Commons Attribution-NonCommercial-NoDerivs]


Net neutrality faces opposition

The concept of an “open internet”, or net neutrality, keeps internet service providers , or ISPs, from being able to alter how users are able to access web content. Specifically, it bans ISPs from being able to create internet “fast-lanes” or slow download speeds for web content that they wish to direct users away from. President Obama stated that he supports an “open internet” last year, three months before the Federal Communications Commission, or the FCC, was able to have rules enforcing net neutrality approved. Now, though, representatives from the telecommunications industry have come out in opposition of those rules, leading to the FCC to have to defend net neutrality in court this past Friday.

The FCC was originally able to get the “open internet” rules approved earlier this year by classifying ISPs as utility providers. This distinction gives the FCC more power to regulate ISPs. While the FCC believes that net neutrality supports businesses by keeping web services competitive, the telecommunications industry states that the new rules give the FCC too much control over the broadband market, hindering free enterprise instead of helping. Lawyers representing the views of the telecommunications industry argued that instead of being classified as utility providers, ISPs should be classified under information services, like Google. This classification would lessen the FCC’s ability so regulate ISPs and render the net neutrality rules inapplicable. The FCC argues, however, that without rules enforcing an “open internet”, ISPs will have too much power to promote certain web content over others. This could potentially hinder development and investment of new web content.

These arguments were presented to a panel of three judges who will release a decision in the spring which may approve or reject parts of the net neutrality rules.

Article via Buzzfeed, December 4, 2015

Photo: Protest at the White House for Net Neutrality via Joseph Gruber [Creative Commons Attribution-NonCommercial-NoDerivs]