The NSA report Clarke, Richard A; Clarke, Richard A; Morell, Michael J ...
2014., 20140331, 2014, 2014-03-31
eBook
"We cannot discount the risk, in light of the lessons of our own history, that at some point in the future, high-level government officials will decide that this massive database of extraordinarily ...sensitive private information is there for the plucking. Americans must never make the mistake of wholly 'trusting' our public officials."--The NSA Report
This is the official report that is helping shape the international debate about the unprecedented surveillance activities of the National Security Agency. Commissioned by President Obama following disclosures by former NSA contractor Edward J. Snowden, and written by a preeminent group of intelligence and legal experts, the report examines the extent of NSA programs and calls for dozens of urgent and practical reforms. The result is a blueprint showing how the government can reaffirm its commitment to privacy and civil liberties--without compromising national security.
Since the 1960s, consumer protection law has been built on the contrast between large “producers” and small “consumers.” Today, instead, an ordinary consumer owns what can accurately be called a ...“personal mainframe”--a home computer whose processing power matches an IBM mainframe from about 10 Years ago. Equipped with a personal mainframe--an Information-Age factory--ordinary “consumers” at home are increasingly also becoming “producers.” As unregulated consumers become regulated producers, a major legal question is whether and when the individual should have to comply with consumer protection laws. The discussion here selects four examples of US legal rules that might apply to consumers-as-producers, with recommendations spanning the range of possibilities: (1) consumer privacy legislation: creating a threshold, with no compliance required for databases of fewer than 5,000 names, is recommended; (2) advertising substantiation: concerning the requirement that advertisers have a “reasonable basis” for their claims, applying current law to small advertisers is recommended; (3) spam: current law does not create a threshold for those who send a few commercial emails, but such a threshold is worth considering; (4) political blogging: the author agrees with the US Federal Election Commission decision to create a major exemption from campaign finance laws for online political advocacy, even for large blogs or websites. The common theme among these recommendations is to describe the sort of harm that existing law seeks to reduce. The approach here next looks at how the use of personal mainframes affects creation of those harms. Where the sorts of harm are likely to be created by consumers-as-producers, the analysis tilts towards requiring compliance. Where the sorts of harms are unlikely to be caused by consumers-as-producers, then the case for an exception is stronger.
By definition, an essential question of cyberlaw is to define when law will affect actions in cyberspace. On the Internet, diversity of law poses a fundamental challenge. Each surfer on a website ...might be from a foreign jurisdiction, with laws unknown to the owner of the site.
Katz Is Dead. Long Live Katz Swire, Peter P.
Michigan law review,
03/2004, Volume:
102, Issue:
5
Journal Article
Open access
'Katz v. United States' is the king of Supreme Court surveillance cases. Written in 1967, it struck down the earlier regime of property rules, declaring that "the Fourth Amendment protects people, ...not places." The concurrence by Justice Harlan announced the new regime - court-issued warrants are required where there is an infringement on a person's "reasonable expectation of privacy." Together with the companion case 'Berger v. New York', Katz has stood for a grand conception of the Fourth Amendment as a bulwark against wiretaps and other emerging forms of surveillance.
Peeping Swire, Peter P.
Berkeley technology law journal,
07/2009, Volume:
24, Issue:
3
Journal Article
Peer reviewed
This article explores the phenomenon of employee snooping, a practice the author calls "peeping." The article draws on mythology and literature to show the ancient roots of the phenomenon of peeping. ...Part II of the article discusses the recent political and celebrity peeping incidents. Part III describes three increasingly harmful types of peeping: the gaze, the gossip, and the grab. Part IV asks: "Why now?" Part V explores what to do about this increase in peeping. Many of the most promising approaches are technical safeguards, including systems that limit employee access except where authorized and auditing systems to deter, detect, and punish those who break the rules. Finally, Part VI applies these insights to a major current area of controversy: behavioral advertising on the Internet.
Software engineers build software systems in increasingly regulated environments, and must therefore ensure that software requirements accurately represent obligations described in laws and ...regulations. Prior research has shown that graduate-level software engineering students are not able to reliably determine whether software requirements meet or exceed their legal obligations and that professional software engineers are unable to accurately classify cross-references in legal texts. However, no research has determined whether software engineers are able to identify and classify important ambiguities in laws and regulations. Ambiguities in legal texts can make the difference between requirements compliance and non-compliance. Herein, we develop a ambiguity taxonomy based on software engineering, legal, and linguistic understandings of ambiguity. We examine how 17 technologists and policy analysts in a graduate-level course use this taxonomy to identify ambiguity in a legal text. We also examine the types of ambiguities they found and whether they believe those ambiguities should prevent software engineers from implementing software that complies with the legal text. Our research suggests that ambiguity is prevalent in legal texts. In 50 minutes of examination, participants in our case study identified on average 33.47 ambiguities in 104 lines of legal text using our ambiguity taxonomy as a guideline. Our analysis suggests (a) that participants used the taxonomy as intended: as a guide and (b) that the taxonomy provides adequate coverage (97.5%) of the ambiguities found in the legal text.
This paper explains how changing technology, especially the rising adoption of encryption, is shifting law enforcement and national security lawful access to a far greater emphasis on stored records, ...notably records stored in the cloud. The major and growing reliance on surveillance access to stored records results from the following changes: Encryption - adoption of strong encryption is becoming much more common for data and voice communications, via virtual private networks, encrypted webmail, SSL web sessions, and encrypted Voice over IP voice communications; declining effectiveness of traditional wiretaps - traditional wiretap techniques at the ISP or local telephone network increasingly encounter these encrypted communications, blocking the effectiveness of the traditional techniques; and the new importance of the cloud - government access to communications thus increasingly relies on a new and limited set of methods, notably featuring access to stored records in the cloud. The haves and have-nots. The first three changes create a new division between the haves and have-nots when it comes to government access to communications. The have-nots become increasingly dependent, for access to communications, on cooperation from the have jurisdictions. The first part of the paper describes the changing technology of wiretaps and government access. The next part documents the growing adoption of strong encryption in a wide and growing range of settings of interest to government agencies. The third part explains how these technological trends create a major shift from real-time intercepts to stored records, especially in the cloud.
...the United States also sets requirements that do not exist in the EU, such as the Fourth Amendment requirement that a warrant be signed by a judge upon a finding of probable cause. ...both are ...stricter in important ways when setting standards for law enforcement access to personal data. At a descriptive level, the relative strictness of both sides is important to debates about whether the United States has adequate privacy protection, and thus should be a lawful destination for flows of personal data from the EU. Since the Snowden leaks began in 2013, many EU discussions of U.S. privacy protections have underestimated the number and vigor of U.S. protections, notably against excessive government surveillance.
The 1996 Jaffee v Redmond US Supreme Court decision established a privilege for psychotherapeutic communications in the federal courts. The new privilege has both substantive and symbolic importance. ...In its strongly worded opinion in Jaffee v Redmond, the US Supreme Court made clear that confidentiality in psychotherapy takes precedence over certain other important societal goals. The new Health Insurance Portability and Accountability Act (HIPAA) medical privacy rule promulgated by the Department of Health and Human Services relies on Jaffee v Redmond in providing additional legal protections for confidential psychotherapy. Both the US Supreme Court's Jaffee v Redmond ruling and the HIPAA rule support the ethical protection of confidentiality of conversations between psychiatrists and patients.