By IT-Lex Intern Christopher Britt (LinkedIn)

The Department of Homeland Security integrates civil rights and civil liberties into all agency activities by promoting respect for civil rights and civil liberties in policy creation and implementation.  Furthermore, the Department of Homeland Security believes and is committed to transparency in reference to civil rights violations, as articulated here.  And finally, the Department of Homeland Security thinks that intuition and “hunches” should be enough to search your gadgets at the United States border.

» Read the rest of this entry «

We haven’t covered the NSA/Prism stories here at IT-Lex yet, mainly because they are all over every news source at the moment, and new information seems to keep coming out. (In the unlikely event that you’ve been living under a rock for the last week, The Guardian first broke the story, and their coverage is nice and comprehensive). One particular story did not receive blanket coverage, but did catch our eye, and it comes out of the Southern District of Florida. The case is U.S. v. Davis: five defendants were “indicted for charges relating to an alleged conspiracy to commit a string of robberies of armored Brink’s trucks.” During the course of one of these robbieries, a Brinks employee was shot and killed. (Here’s the press release from when the defendants were arrested back in 2011).
» Read the rest of this entry «

By IT-Lex Intern Joey Chindamo (LinkedIn)

There is seemingly no end to the litigation that arises from the Stored Communications Act. Today, we review two recent cases that both invoked the controversial SCA in distinct ways.

First, Joseph v. Carnes, a case from the U.S. District Court for the Northern District of Illinois. A dispute among members of a limited liability company led to some members accessing, reading, and storing the emails of other members. The plaintiffs filed suit under 18 U.S.C. § 2701(a), which provides a cause of action for the intentional access “without authorization” of a “facility through which an electronic communication service is provided.” In response, the defendants claimed they simply followed the procedure for email access followed by all members of the LLC and subsequently filed a motion to dismiss for failure to state a claim.

» Read the rest of this entry «

By IT-Lex Intern Christopher Britt (LinkedIn)

China is watching you!  Sort of…

Actually, they are watching your government. Earlier this month ArsTechnica reported that the People’s Liberation Army (PLA) – the armed forces for the People’s Republic of China – had been hacking a U.S. Defense Department’s supplier, QinetiQ, accessing many technological items including cyber-security protocols.  As if that was not enough, the PLA had been in the system of QinetiQ since 2007, and QinetiQ had been warned repeatedly that its systems had been exploited. » Read the rest of this entry «

By IT-Lex Intern Joey Chindamo (LinkedIn)

When we last discussed the Electronic Communications Privacy Act, we left off with a question—when, exactly, would reform happen? In light of recent privacy news, it appears the wheels of reform are steadily turning, and it may be here soon.

Our analysis of the Stored Communications Act, a contested portion of the ECPA that allows law enforcement agencies to obtain electronic communications older than 180-days without a warrant, noted that both the U.S. Senate and House of Representatives supported reform. Now, the Executive Branch has weighed in favorably, too. Two weeks ago, during his testimony in front of the House Judiciary Committee, Attorney General Eric Holder announced that ECPA reform is “something . . . the [Department of Justice] will support.”

» Read the rest of this entry «

By IT-Lex Intern Nicole Sellers (LinkedIn)

A man named Daniel Rigmaiden is currently facing federal conspiracy, wire fraud and identity theft charges, and there’s a fair amount of controversy about the way the case against him was put together. Much of the evidence was obtained through a “spoofed” cell tower, using a device called ‘Stingray’, through which the FBI obtained information to track locations using the defendant’s wireless air card. In his motion to suppress, Rigmaiden (who is representing himself) argued that in 2008 Verizon secretly reprogrammed his air card so that it would connect to the spoofed tower and allow the FBI to find him. The defendant argued that this action violated his privacy and involved a search of his apartment, and most arguably that the government did not have a probable cause warrant to use the Stingray.

» Read the rest of this entry «

You may recall a post of ours from November about the House of Lords, and its plans to block “questionable” content (i.e. pornography) from all public wi-fi networks. At the time, we discussed the various practical obstacles that would come in the way of such legislation, and said that we “can’t imagine it’ll get too far”. Imagine our surprise, then, to read this in the Telegraph last month:

The Prime Minister is to announce a Government-backed code of conduct which will mean that pornography is blocked in public spaces such as cafes and railway stations where children are likely to be present.

Mr [David Cameron] Cameron said that he wanted “good, clean WiFi” in public spaces which would give parents confidence that their children cannot access illicit websites on smart phones or mobile computers.

Oh.
» Read the rest of this entry «

By IT-Lex Intern Joey Chindamo (LinkedIn)

Is there an expectation of privacy in text messages? The Washington State Supreme Court will tomorrow hear oral arguments in two very similar cases that both asked that same question. As Courthouse News Service reported, both cases involved texting and drug deals:

Both cases involve men who were arrested after police intercepted text messages meant for an alleged heroin dealer. . .

Police had arrested Daniel Lee on drug charges and seized his cellphone… Impersonating Lee, the police then arranged drug sales with Shawn Hinton and Jonathan Rodin, both of whom had sent text messages to Lee’s phone. The police then arrested and charged these men with attempting to possess heroin.

» Read the rest of this entry «

We’ve spoken about data breaches fairly recently, and looked into the requirements about reporting breaches to the authorities. We don’t, usually, get to talk about armed robbery on these pages, though, but here’s a story that unites these two worlds. An armed thief emptied out the contents of the safe at a K-Mart in Little Rock, Arkansas. According to the Storefront Backtalk report:

The thief helped himself to the contents, including about $6,000 in cash and that day’s backup disk.

The disk, which was unencrypted and apparently not password-protected, included the full names, addresses, dates of birth, prescription numbers, prescribers, insurance cardholder IDs and drug names for some 788 customers, according to [parent company] Sears. “Certain prescriptions also contained the customer’s social security number,” said the Sears statement.

Uh oh.

» Read the rest of this entry «

Online privacy is pretty much always in the news nowadays, but this week it really has been front-and-center. The FBI wants the ability to track the social media activity of suspected terrorists, and to that end, already has the right “to mandate Internet providers and phone companies to install surveillance equipment within their networks.” But that allowance doesn’t extend, yet, to third-party service providers like Google or Facebook, where one would imagine the majority of online chatter takes place these days. The FBI would ideally like to have “wiretap backdoors”, which would allow for surveillance on these sites. These kind of plans have been around a few times in the past, and this week’s news suggests that the FBI’s wish may become a reality sooner rather than later.

» Read the rest of this entry «