Wednesday, August 15, 2012

Hey, maybe we don't need no stinking badges!
Location, location, location: two warrantless surveillance cases in the courts
August 14, 2012 by Dissent
EFF has issued a press release about U.S. v. Jones, a case in the District Court for the District of Columbia:
A federal district court is poised to determine whether the government can use cell phone data obtained without a warrant to establish an individual’s location. In an amicus brief filed Monday, the Electronic Frontier Foundation (EFF) and the Center for Democracy & Technology (CDT) argue that this form of surveillance is just as unconstitutional as the warrantless GPS tracking the U.S. Supreme Court already shot down in this case.
“Location data is extraordinarily sensitive. It can reveal where you worship, where your family and friends live, what sort of doctors you visit, and what meetings and activities you attend,” said EFF Senior Staff Attorney Marcia Hofmann. “Whether this information is collected by a GPS device or a mobile phone company, the government should only be able to get it with a warrant based on probable cause that’s approved by a judge.”
Read more on EFF.
Meanwhile, in the Sixth Circuit, the Court of Appeals has issued its opinion in U.S. v. Skinner , and it’s not good news for privacy advocates. Unlike Jones, law enforcement did not attach a GPS to a suspect’s car, but did ping his cellphone to discover his location. Here’s the beginning of the opinion:
When criminals use modern technological devices to carry out criminal acts [If the cell phone was just “along for the ride” would the decision have been different? Bob] and to reduce the possibility of detection, they can hardly complain when the police take advantage of the inherent characteristics of those very devices to catch them. This is not a case in which the government secretly placed a tracking device in someone’s car. The drug runners in this case used pay-as-you-go (and thus presumably more difficult to trace) cell phones to communicate during the cross- country shipment of drugs. Unfortunately for the drug runners, the phones were trackable in a way they may not have suspected. The Constitution, however, does not protect their erroneous expectations regarding the undetectability of their modern tools.
The government used data emanating from Melvin Skinner’s pay-as-you-go cell phone to determine its real-time location. This information was used to establish Skinner’s location as he transported drugs along public thoroughfares between Arizona and Tennessee. As a result of tracking the cell phone, DEA agents located Skinner and his son at a rest stop near Abilene, Texas, with a motorhome filled with over 1,100 pounds of marijuana. The district court denied Skinner’s motion to suppress all evidence obtained as a result of the search of his vehicle, and Skinner was later convicted of two counts related to drug trafficking and one count of conspiracy to commit money laundering. The convictions must be upheld as there was no Fourth Amendment violation, and Skinner’s other arguments on appeal lack merit. In short, Skinner did not have a reasonable expectation of privacy in the data emanating from his cell phone that showed its location.
Citing Knotts, the opinion explains:
There is no Fourth Amendment violation because Skinner did not have a reasonable expectation of privacy in the data given off by his voluntarily procured pay- as-you-go cell phone. If a tool used to transport contraband gives off a signal that can be tracked for location, certainly the police can track the signal. The law cannot be that a criminal is entitled to rely on the expected untrackability of his tools. Otherwise,dogs could not be used to track a fugitive if the fugitive did not know that the dog hounds had his scent. A getaway car could not be identified and followed based on the license plate number if the driver reasonably thought he had gotten away unseen. The recent nature of cell phone location technology does not change this. If it did, then technology would help criminals but not the police. It follows that Skinner had no expectation of privacy in the context of this case, just as the driver of a getaway car has no expectation of privacy in the particular combination of colors of the car’s paint.
Lest you think this just applies to criminals, the court hastens to assure that the lack of expectation of privacy from government pings applies to us all. In a footnote, they write:
We do not mean to suggest that there was no reasonable expectation of privacy because Skinner’s phone was used in the commission of a crime, or that the cell phone was illegally possessed. On the contrary, an innocent actor would similarly lack a reasonable expectation of privacy in the inherent external locatability of a tool that he or she bought.
You can read the full opinion here.

(Related) Who was confused?
Sixth Circuit Rules That Pinging a Cell Phone to Determine Its Location is Not a Fourth Amendment “Search”
August 15, 2012 by Dissent
Orin Kerr offered some comments on yesterday’s opinion in U.S. v. Skinner, previously mentioned on this blog. Here’s part of his commentary:
1) Unless I’m just missing something obvious, the opinion seems pretty vague on the technological facts. The majority opinion initially says that the government obtained a court order ordering the cell phone company to release “cell site information, GPS real-time location, and ‘ping’ data” for the phone used by the suspect. It then says that the government tracked the suspect’s location by “pinging” the cell phone over three days. Later on, the majority opinion (and the concurrence) refers to the location information as “GPS location information.” But cell-cite information and GPS information are different, and “pinging” the cell phone could mean actively sending a request for cell-site data, actively sending a request for GPS data, or something else. So I’m a bit murky on the facts of what happened, which makes it hard to know what to make of the court’s analysis.
2) The murkiness of the facts are particularly unfortunate because the reasoning of the majority opinion relies heavily on cell phones broadcasting location information as just part of the way that they work. But if pinging the cell phone means actively sending a request to the phone to return its current GPS location, that’s not just how cell phones work: That’s the product of the cell phone provider setting up a mechanism by which the government can manipulate the phone into revealing its location. That seems to be a very different category of Fourth Amendment problem than a problem of how a technology “naturally” works.
Read more on The Volokh Conspiracy.

Beware who you “Friend?”
No Fourth Amendment violation when government looked at Facebook profile using friend’s account
August 14, 2012 by Dissent
Evan Brown writes:
U.S. v. Meregildon, — F.Supp.2d —, 2012 WL 3264501 (S.D.N.Y. August 10, 2012)
The government suspected defendant was involved in illegal gang activity and secured the assistance of a cooperating witness who was a Facebook friend of defendant. Viewing defendant’s profile using the friend’s account, the government gathered evidence of probable cause (discussion of past violence, threats, and gang loyalty maintenance) which it used to swear out a search warrant.
Read more about the case on Internet Cases.

Will the EU follow?
"The German Federal Court of Justice has ruled that ISPs have to turn over to rights-holders the names and addresses of illegal file sharers, but only 'if a judge rules that the file sharer indeed infringed on copyright,' said the court's spokeswoman, Dietlind Weinland. The ruling overturns two previous rulings by regional courts and is significant because the violation doesn't have to happen on a commercial scale, but applies whenever 'it is possible to know who was using an IP address at the time of the infringement,' the court said."

Is this another “all parties must consent” issue?
Former ACORN Worker Can Sue Right-Winger on Privacy Claim
August 14, 2012 by Dissent
Matt Reynolds reports:
A federal judge refused to throw out claims that a right-wing activist violated the privacy of an ACORN worker who was taped counseling defendant James O’Keefe, who sought advice on how to fill his house with underage prostitutes.
Juan Carlos Vera sued O’Keefe and his associate Hanna Giles in Federal Court on privacy claims, after O’Keefe secretly filmed Vera at an ACORN office in National City in 2009.
Read more on Courthouse News.

A little anti-social might be called for here... Similar to: “Attention all burglars: We're going to be out of town starting...”
Dell CEO’s Kid Overshares on Social Media
The twitter account for Alexa Dell, daughter of Dell founder Michael Dell, has been deactivated following security concerns prompted by her detailed account of the family’s whereabouts.
The security of the CEO, who expects to spend $2.7 million in 2012 t0 keep his family safe, came under question after an photo of Zachary Dell was posted by his sister Alexa on photo-sharing app Instragram, according to Bloomberg Businessweek
The teenager shared a photo of Zachary devouring cuisine in a private plane on a trip to Fiji. But, that’s not all, the magazine reported. Like millions of others who use social network sites, she would often-times detail the time, date and location of many events attended by the family, including trips to New York City and a high school graduation dinner, according to Bloomberg Businessweek.

Testing software should mean you test all of it. (This somewhat conflicts with earlier reports) And running new or old software, you should always know what is happening and which program does what.
New submitter alexander_686 points out a Bloomberg article about the cause of Knight Capital Group's $440 million algorithmic trading disaster from a couple weeks ago. The report says a dormant software system was accidentally activated on August 1, which immediately began increasing stock trade volumes by a factor of 1,000. The Wall Street Journal has further details:
"Knight Capital Group Inc.'s accidental trades earlier this month were triggered by a flawed upgrade of trading software that caused an older trading system connected to the computer code to inadvertently go 'live' on the market, according to people familiar with the matter. The errors at Knight on Aug. 1 involved new code the Jersey City, N.J.-based brokerage designed to take advantage of the launch of a New York Stock Exchange trading program, which was introduced that day to attract more retail-trading business to the Big Board, the people say. ... When NYSE Euronext trading floor officials called Knight at about 9:35 a.m. to try to pinpoint the cause of unusual swings in dozens of stocks, just after the Big Board opened for trading, Knight traders and their supervisors had a difficult time detecting where in its systems the problem was located, say people familiar with the morning's events. The NYSE had to call Knight several times before deciding to shut the firm off, the people say."

No comments: