Mediaboss Marketing

In this excerpt from our new Digital Privacy initiative, Jim Harper from the Competitive Enterprise Institute critiques current Fourth Amendment doctrine and calls on courts to adopt a new approach that hews closely to the Fourth Amendments text.

You can read the full text of Harpers white paper at our special section, A Twenty-First Century Framework for Digital Privacy, at https://constitutioncenter.org/digital-privacy

Stare decisis is the valued judicial practice of extracting the underlying principle from precedent, the ratio decidendi, and applying it to present cases. But what happens to the principle behind a prescient dissentthe ratio dissensi, if you willwhen a majoritys decision later proves wrong? Almost ninety years ago, an understated Supreme Court Justice left crumbs of insight in a dissent that may help solve the riddle of applying the Fourth Amendment, particularly to modern communications and data. His thinking can help construct a more complete, reliable, and truly juridical method for administering the Fourth Amendment. Advocates and courts should look to his prescient ratio dissensi.

Pity Justice Butler. Next to contemporaries such as Oliver Wendell Holmes, Jr., Louis D. Brandeis, and Benjamin Cardozo, Pierce Butler occupies second-tier status in historys assessment of Supreme Court justices. A conservative Democrat put forward by a Republican president, Butler was a controversial nominee for the Court. One of his Minnesota home-state senators opposed him, as did progressive lion Robert LaFollette, Sr., a Republican from Wisconsin. The opposite end of the ideological spectrum did Butler no favors: the Ku Klux Klan opposed his nomination because he was a Catholic.

Justice Butler wrote more than 300 opinions in his sixteen years of Supreme Court service, but few stand out today. He is best remembered as one of the four horsemen who lost their constitutional stand against President Franklin Delano Roosevelts expansive New Deal programs. But time has vindicated some of Justice Butlers work on the Court, including notable dissents.

Butler alone rejected Oliver Wendell Holmes, Jr.s now notorious reasoning in Buck v. Bell, for example. Allowing forced sterilization of a woman, Holmes wrote coldly for the majority: Three generations of imbeciles are enough. The Nazis use of eugenics the next decade cast more than a little pall over the practice, and Skinner v. Oklahoma effectively ended forced sterilization in 1942. Score one for the conscience of Justice Butler.

Likewise, in Palko v. Connecticut, Butler alone disagreed with Justice Cardozos ruling that the Constitutions protection against double jeopardy did not apply to the states. The Court reversed itself on this question three decades later. Score another.

Butler was a legal technician, and his areas of focus were not what generally capture public and scholarly attention. His approach to opinion writing stressed simplicity and minimalism, according to a history by David R. Stras, now a Minnesota Supreme Court justice himself, and it was rare indeed when he used rhetorical flourishes to argue a point. So it is not surprising that Justice Butlers dissent in Olmstead v. United States has remained obscure behind the fanfare of his brother Louis Brandeiss dissent. But time may yet vindicate Justice Butlers reasoning, especially given its usefulness for applying the Fourth Amendment to the digital world.

Olmstead, of course, was the 1928 case in which the Court found that a Fourth Amendment search had not occurred when government agents wiretapped the telephones of suspected bootleggers. Justice Brandeis, co-author of a Harvard Law Review article called The Right to Privacy forty years earlier, inveighed against the ruling using powerful and persuasive language. The makers of our Constitution undertook to secure conditions favorable to the pursuit of happiness, he wrote:

They recognized the significance of mans spiritual nature, of his feelings, and of his intellect. They knew that only a part of the pain, pleasure and satisfactions of life are to be found in material things. They sought to protect Americans in their beliefs, their thoughts, their emotions and their sensations. They conferred, as against the Government, the right to be let alonethe most comprehensive of rights and the right most valued by civilized men.

Posterity has favored Brandeiss passion. Commentators and scholars today still quote and muse over his formulation of the right to be let alone. They explore how that notion might be implemented to preserve the values that the Framers held dear.

But Brandeiss words did not found a sustaining rationale for Fourth Amendment protection. The proof is in the eating of the pudding: Modern Fourth Amendment jurisprudence is a muddle, and it is sorely challenged by advances in information technology. This is particularly poignant because Brandeis foresaw the surveillance capabilities enabled by todays information and communications technologies. Ways may someday be developed, he wrote, by which the Government, without removing papers from secret drawers, can reproduce them in court, and by which it will be enabled to expose to a jury the most intimate occurrences of the home.

The case that reversed Olmstead, of course, was Katz v. United States. In Katz, thirty-nine years later, Justice Harlan shared his sense of how the Constitution controls government access to private communications in his solo concurrence: My understanding, he wrote, is that there is a twofold requirement, first that a person have exhibited an actual (subjective) expectation of privacy and, second, that the expectation be one that society is prepared to recognize as reasonable.

Since then, courts have analyzed whether defendants have had a reasonable expectation of privacy in information or things. Under Justice Harlans concurrence, if not the Katz majoritys rationale, the defeat of a reasonable expectation of privacy signals a constitutional search generally requiring a warrant.

That doctrine has not worked. Courts rarely follow the full analysis Justice Harlans formulation suggests. They rarely inquire into a defendants actual (subjective) expectation of privacy, for example, or how it was exhibited. The second half of the test requires judges to use their own views on privacy as a proxy for objectivity, though they are neither public opinion researchers nor sociologists. Against litigants importuning about privacy, courts after Katz have found as often as not that the Fourth Amendment does not protect the security of sensitive and revealing information.

In Smith v. Maryland, for example, one of the leading communications privacy cases, the Supreme Court found that placement of a pen register on a suspects phone line without a warrant did not violate the Fourth Amendment. [W]e doubt that people in general entertain any actual expectation of privacy in the numbers they dial, Justice Blackmun wrote. Walking through the influences that would suppress expectations of privacy in phone-dialing, and none that would support it, he said, It is too much to believe that telephone subscribers, under these circumstances, harbor any general expectation that the numbers they dial will remain secret.

A Court without Justice Brandeiss passion for privacy is evidently quite free to undercut it. So in United States v. Karo, government agents had arranged with an informant to surreptitiously install a radio beeper in a container. They used the presence of the beeper in the container over a period of several days to locate it at three different residences and in the driveway of a fourth, to locate the container in a pair of self-service storage facilities, and also to locate it in transitall the while unable to suffer the inconvenience of getting a warrant. The Court did not examine whether all this warrantless beeper-tracking was reasonable. It gave the once-over to Karos expectation of privacy and found his (presumed) feelings unreasonable.

More recently, the reasonable expectation of privacy test produced a ruling that government agents examination of a stopped vehicle with a drug-sniffing dog is not a Fourth Amendment search. It is hard to think of a word better than search for such highly focused analysis of whether certain particulates exist in the air. Some cases certainly have maintained the protection the people have from inquisitive government agents, but the right to be let alone has not fared all that well when privacy and expectations thereof have been the locus of the Courts decision-making.

If Justice Brandeiss passion did not lay the groundwork for sound administration of a strong Fourth Amendment right, perhaps Justice Butlers Olmstead dissent could. His challenge to the majority decision eschewed feelings, instead examining the legal status of telephone conversations:

The contracts between telephone companies and users contemplate the private use of the facilities employed in the service. The communications belong to the parties between whom they pass. During their transmission, the exclusive use of the wire belongs to the persons served by it. Wiretapping involves interference with the wire while being used. Tapping the wires and listening in by the officers literally constituted a search for evidence.

The communications belong to the parties between whom they pass. It is a fascinatingand very differentway of thinking about what happened in Olmstead. Justice Butler would have protected Olmsteads calls from warrantless wiretapping not because it is part of human essence to have communications remain private, as Justice Brandeis said, but because peoples conversations are not the governments to listen to.

Justice Butlers formulation holds the seeds of an alternative way to administer the Fourth Amendment. It is technical and value-free, but it offers the hope of better Fourth Amendment administration because it is more susceptible to sound application than current Fourth Amendment doctrine. Its use would provide consistent and reliable protection for Americans liberties and a stable rule for law enforcement in a time of technological change.

Courts in Fourth Amendment cases should decline to invoke doctrine that requires them to make broad social pronouncements. Rather, they should apply the text of the Amendment and general legal principles as literally as possible to the facts of cases. That is not always easy, and it requires new and deeper analysis of what it means to search and to seize. It also requires fuller awareness of property and contract rights as they apply to communications and data. But it is a more methodical judicial exercise than applying reasonable expectations doctrine, and it would achieve the current Courts goal of preserving that degree of privacy against government that existed when the Fourth Amendment was adopted.Applying the law to the facts is the better way to administer the Fourth Amendment.

Read more at: https://constitutioncenter.org/digital-privacy/The-Fourth-Amendment-in-the-Digital-Age

Filed Under:

Originally posted here:
The Fourth Amendment in the Digital Age - Constitution Daily (blog)

The federal government thinks it should be able to use one warrant to hack into an untold number of computers located anywhere in the world. But EFF and others continue to make the case that the Fourth Amendment prohibits this type of blanket warrant. And courts are starting to listen.

Last week, EFF pressed its case against these broad and unconstitutional warrants in arguments before a federal court of appeals in Boston, Massachusetts. As we spelled out in a brief filed earlier this year, these warrants fail to satisfy the Fourth Amendments basic safeguards.

The case, U.S. v. Levin, is one of hundreds of prosecutions resulting from the FBIs 2015 seizure and operation of a child pornography site Playpen. While running the site, the FBI used malwareor a Network Investigative Technique (NIT), as they euphemistically call itto infect computers used to visit the site and then identify those visitors. Based on a single warrant, the FBI ended up hacking into nearly 9,000 computers, located in at least 26 different states, and over 100 countries around the world.

But thats unconstitutional. One warrant cannot allow law enforcement to hack into thousands of computers wherever they are in the world. As law enforcement defended these blanket hacking warrants and pushed for federal rule changes to allow themand as Congress stood by and idly let this rule change go into effectweve been fighting in court to make sure that the Fourth Amendments protections dont disappear as law enforcement begins to rely on hacking more and more.

And there are signs that courts are beginning to recognize the threats to privacy these warrants pose. Earlier this year, a federal magistrate judge in Minnesota found [PDF] that the warrant the FBI relied on in the Playpen casethe same warrant we were arguing against in Levinviolated the Fourth Amendment.

In the February report, Magistrate Judge Franklin Noel described how the governments NIT fails the Fourth Amendments requirement that warrants describe a particular place to be searched, agreeing with arguments weve made to courts in other Playpen prosecutions. The warrant in this case fails to satisfy that requirement because, at the time the warrant was issued, it is not possible to identify, with an specificity, which computers, out of all of the computers on earth, might be searched pursuant to this warrant, Noel wrote.

He also explained how the warrant essentially flips the Fourth Amendments particularity requirement on its head, searching and then identifying specific computers instead of identifying specific computers and then searching them. Only with [information gathered through the use of malware] could the Government begin to describe with any particularity the computers to be searched; however, at that point, the computer had already been searched.

Its encouraging that courts are beginning to agree with arguments from us and others that these warrants far exceed the Fourth Amendments limits on government searches.

As the Playpen prosecutions begin to work their way up to the courts of appeals, the stakes become higher. The decisions these courts reach will likely shape the contours of our constitutional protections for years to come. Weve filed briefs in every appeal so far, and well continue to make the case that unfamiliar technology and unsavory crimes cant justify dispensing with the Fourth Amendments requirements altogether.

See the article here:
The Fight Against General Warrants to Hack Rages On - EFF

Navy Adm. Michael Rogers, commander of the US Cyber Command, and Director of the National Security Agency, testifies during a Senate Armed Services Committee hearing on Capitol Hill.

France's election is the latest victim of Russian hacking. That's according to the NSA.

After US intelligence agencies agreed Russia was behind the 2016 presidential election hacking, both Federal Bureau of Intelligence Director James Comey and former Director of National Intelligence James Clapper warned that Russian hackers would be back to influence future elections.

The warning rang true during France's presidential election, National Security Agency Director Mike Rogers revealed on Tuesday. Rogers was testifying at a Senate Armed Services committee hearing, as lawmakers look to establish a policy on how to respond to cyberattacks.

The NSA director and US Cyber Command leader told the committee that the US was monitoring Russian activity and saw hackers attempt to break into France's election infrastructure.

"We had talked to our French counterparts prior to the public announcements of the events publicly attributed this past weekend and gave them a heads up. 'Look, we're watching the Russians. We're seeing them penetrate some of your infrastructure,'" Rogers said during the hearing. "Here's what we can do to try to assist."

On Friday, two days before France's election, hackers leaked hordes of emails from candidate Emmanuel Macron's campaign in a last-minute attempt to sway voters. It didn't work. Macron won the presidency on Sunday. It had been unclear who was behind the leak, but Russia was a prime suspect.

"We've known for some time that the Russians run fairly robust information operations in Europe, and have for many years," Michael Daniel, the president of the Cyber Threat Alliance, said in an email.

Despite the failed influence campaign in France, it hasn't stopped Russian hackers from trying in other nations, Rogers said.

"We're doing similar things with our German counterparts, with our British counterparts, they have an upcoming election sequence," the NSA director said.

The Russian Embassy in the US didn't immediately respond to a request for comment. The Kremlin has previously denied any involvement with hacking efforts to influence the world's elections.

Batteries Not Included: The CNET team reminds us why tech is cool.

CNET Magazine: Check out a sample of the stories in CNET's newsstand edition.

Read the original:
NSA chief: US alerted France to Russian election hacking - CNET

There were empty cans of Mountain Dew and Monster Energy everywhere.

Despite the pile of energy drinks, there was a surprising calm in the room as I stood by two dozen cadets at the US Military Academy at West Point. They were tasked with building a server and protecting it from breaches by the National Security Agency for a full week.

With a lifetime of research -- watching movies about cyberwarfare -- I figured I was all set for this assignment. But there was no dramatic music, no people running around and yelling about "cyber nukes" -- whatever those are. It looked like a normal office, like the one I'm sitting in as I write this. There wasn't even a sweeping camera shot of all the action.

Instead, four groups of cadets sat around rows of laptops at the ready. There was the Web Services team, to make sure their websites were up and running; the Web and Forums team, which moderates what goes on in their servers; the Network Monitoring team, which stands guard; and the Strike Team, which takes action to combat breaches.

The pace picked up a bit as the NSA sent over a task: creating a password restriction in the next two hours. But even then, there was no dramatic rush or screens filled with flowing rivers of green code.

The most noteworthy part of the attack? URLs like "pooploopery.com" and "canadabrokeit.com."

This is the second installment of a two-part series on cybersecurity and West Point.

Those names sound goofy, but the military is taking its cyberdefense capabilities seriously. This exercise, which is held annually at West Point, is part of an increased focus in military academies to train experts against attacks in the future.

After all, cyberwarfare is an increasing concern on and off the battlefield, and the US has already gotten a glimpse of what attacks could look like in the future. The 2016 presidential election was heavily influenced by Russian hackers, while Chinese hackers stole 22 million social security numbers from a federal database in 2015 and North Korean hackers were blamed for a massive breach at Sony the year before. With experts predicting threats like bombings caused by distributed denial-of-service (DDoS) attacks, it's become more important to train future officers to defend online.

"It's certainly a great emphasis. We see the rise of the cyber branch with the United States Army," Major Michael Petullo, an assistant professor at West Point's military academy said. "Individual privacy and freedom is all pending these days on cyber."

That mentality extends beyond the Army's own troops. Last month, the US Air Force issued its "Hack the Air Force" challenge to security specialists around the world, offering hefty rewards to anyone who can break into its public websites. It's a follow-up to challenges like "Hack the Army" and "Hack the Pentagon," in which bug bounty hunters cashed in on $75,000 by identifying the Pentagon's vulnerabilities. It only took five minutes for the first bounty to come during the Army challenge.

Since 2000, the NSA has been testing cadets at military schools by "hacking" servers in their classrooms for an entire week. In April, the Naval Academy, the Coast Guard Academy, the Marine Academy, the Military Academy and the Royal Military College of Canada joined in the Cyber Defense Exercise, looking to see who could best fend off the NSA's cyberattacks.

As part of the challenge, NSA hackers make up the "Red Cell" and teams from each academy make up "Blue Cells." The NSA is allowed to attack at all times, while the cyberdefense teams are restricted from doing anything between 10 p.m. and 9 a.m. To make things even harder, there's the Gray Cell, bots meant to emulate careless users who hackers typically target.

In one Gray Cell scenario, an important politician would come into an Army base with a laptop that potentially has a virus on it. The cadets have to clean off the device and remove any malware before the Gray Cell connects onto the servers.

Do you think that's far-fetched? Vice President Mike Pence and Clinton campaign manager John Podesta probably don't.

"The threat is real and gets more and more advanced every day. It evolves very rapidly," NSA Red Cell lead Curtis Williams said.

The cadets have to prevent the NSA from stealing password tokens, protect their servers from shutdown and block out intruders. The NSA's break-in is inevitable, so the competition becomes about who can defend their servers the longest.

"They end up getting in, but they get into everyone's," said Mitch DeRidder, captain of the Army's Blue Cell. "They're closing in as time goes on."

After DeRidder assigned the duties for the NSA's password challenge, the room fell quiet again. Attacks still flowed in from the NSA, but they were easy to spot because of their goofy names.

The cadets were supposed to monitor for these fake names and block them. Sometimes, it wasn't as obvious as a pooploopery. One ping had come in from lyft.cpm, a rip-off of the popular ride-sharing app.

"They're hoping that we make typos," said Conner Wissman, on the Army's Service team. "They're trying to throw us off because every second of blocking these count."

The team members' eyes glazed over while watching scores of URLs coming into the servers, a boring but necessary task.

"There's nothing I can do, I kind of just sit here and watch," Wissman said. On the Web and Forums team, one cadet folded paper into a small boat. Another cadet, manning the servers, took the boat apart and made a paper hat.

US Army cadets hard at work during the Cyber Defense Exercise. If you look really closely, you can see the paper boat.

By the end of the week, the Navy had won the exercise, but the cadets at West Point weren't defeated. In their loss, they'll be able to learn what went wrong and how to improve for when the nation's cybersecurity is at stake.

For future exercises, the NSA wants the academies to be able to collaborate. It also expects to add additional challenges like protecting other connected devices -- think smart appliances and light bulbs. The cadets already see the value in these challenges.

"Cyber is one of the biggest national security threats," DeRidder said. "Having trained NSA personnel attacking us, that definitely helped prepare us for the future."

It's Complicated: This is dating in the age of apps. Having fun yet? These stories get to the heart of the matter.

Tech Enabled: CNET chronicles tech's role in providing new kinds of accessibility.

View post:
Military cadets battle the NSA in mock cyberwar games - CNET

On Monday, it was revealed that former President Barack Obama warned then-President-elect Donald Trump not to hire Gen. Michael Flynn. That was two days after the November presidential election. Despite the warning, President Trump selected Flynn as national security adviser. Flynn was later fired for lying to Vice President Mike Pence about his discussions with the Russian ambassador to the United States.

During a hearing on Capitol Hill on Monday, former acting Attorney General Sally Yates also revealed that Flynn was vulnerable to foreign blackmail and that she issued a separate warning about him to the Trump administration. Yates testified alongside James Clapper, the former director of national intelligence.

Retired four-star Gen. Michael Hayden served Presidents Bill Clinton, George W. Bushand Barack Obama in top intelligence posts, including as the director of the National Security Agency, the director of the CIA, and the deputy director of national intelligence. Though Hayden believes Flynn is tactically brilliant and praises his distinguished career within the Pentagon, he argues that he was not the right person to serve as Trumps national security adviser.

I think Mike coming into the national scene was very unfamiliar turf for him, and I dont think he was a very good fit for the job that the president selected him for, Hayden says.

This was a perfect storm, he later adds. Gen. Flynn coming out of government a bit angry, feeling a bit disrespected, passionate about some things, and working for a president who had those same attitudes they kind of fed off of one another. Hence, my reasoning, back before all this, I thought Mike was an ill fit for the job. What President Trump needs is someone to calm him down, not someone to accelerate him. I fear as if weve got this convergence, and it just headed to a very dark place.

According to Hayden, during an early Trump transition meeting on national security, Flynn was specifically told to be careful when it came to discussions with the Russians.

There were already these kinds of signs, I think, that folks more familiar with how this stuff works were a bit ill at ease with what they saw happening, Hayden says.

Overall, Hayden believes that the testimony given by Clapper and Yates was solid.

You saw two career government professionals testifying yesterday, says Hayden. Ive got to tell you, the only safe haven for a government professional in issues like this is the truth. And I knew, when I saw the lineup for this hearing, one, this was not going to be a happy day for the White House, who have tried to spin all of this in every possible direction. And number two, this wasnt going to settle things down this was going to excite this issue.

After the Trump administration was warned about Flynn, there should have been a tectonic shift inside the West Wing of the White House, Hayden says.

[Monday], we learned [the warnings] happened not once but twice in personal meetings, and [there was] an additional phone call, says Hayden. The tone of the conversation was intensely serious, and that this is a big deal.

After Yates warned the Trump administration, it took officials 18 days to fire Flynn, something Hayden attributes to chaos and incompetence within the White House. On Monday, officials within the administration backtracked, saying that former President Obama did warn President Trump, but that Trump thought his predecessor was joking.

This White House has a strained relationship with the truth, and they find themselves unable just simply to admit facts that seem obvious to the rest of us, says Hayden. Ten days ago, you had the president of the United States still questioning whether or not the Russians were the ones who actually did all this stuff.

This story originally aired on The Takeaway.

Read the original:
Former NSA director says this White House can't handle the truth - PRI