Chapter 20 - Third-Party Records and Data Mining Part I.

Slides:

Advertisements

Similar presentations

SEARCH AND SEIZURE: COMPLICATED BY TECHNOLOGY

Advertisements

Paul Ohm Associate Professor, CU Law Initiative Director, Silicon Flatirons December 4, 2009.

Information for Students MGH Institute of Health Professions Use your down arrow or click your mouse to advance through the presentation.

Overview of the Privacy Act

Richard Warner USA Patriot Act: Money Laundering Provisions.

News Gathering & the Law The Role of the First Amendment The text of the First Amendment, by its terms, says nothing about a right to gather news or a.

Where Are We Now? Get Out The Map 1.What is PA’s response to Plunkitt? We will build new organizations that reconcile bureaucracy and democracy. Those.

Chapter 8 Part II. 2 New York v. Burger, 482 U.S. 691 (1987) Search of junk yard for stolen goods Lower court excluded the evidence in the criminal trial:

Children's Online Privacy Protection Act and the Video Privacy Protection Act By: Alana Rushing.

Judicial Review. Basic Requirements Court must have jurisdiction Plaintiff must state a recognized cause of action and seek a recognized remedy This is.

Criminal Procedure for the Criminal Justice Professional 11 th Edition John N. Ferdico Henry F. Fradella Christopher Totten Prepared by Tony Wolusky Searches.

The PATRIOT Act, Technology and Records Privacy David L. Sobel General Counsel Electronic Privacy Information Center ECURE 2004 Arizona.

USA PATRIOT Act and Libraries Eric Johnson & Rodney Clare Jackman Sims Memorial Library.

The Patriot Act And computing. /criminal/cybercrime/PatriotAct.htm US Department of Justice.

1 PRIVACY ISSUES IN THE U.S. – CANADA CROSS BORDER BUSINESS CONTEXT Presented by: Anneli LeGault ACC Greater New York Chapter Compliance Seminar May 19,

Right to Privacy: The Unwritten Right

 Freedom of Information Act General Background. Access to Army Records. Exemptions. Exclusions. Procedural Rules for Processing FOIA Requests for Army.

1 GRAND VALLEY STATE UNIVERSITY FAMILY EDUCATIONAL RIGHTS & PRIVACY ACT (FERPA) TRAINING OFFICES OF THE REGISTRAR AND UNIVERSITY COUNSEL JANUARY 20, 2009.

Code of Federal Regulations Title 42, Chapter 1, Subchapter A Part 2 – CONFIDENTIALITY OF ALCOHOL AND DRUG ABUSE PATIENTS BRYANT D. MILLER CAC II, MAC,

Chapter 20 - Third-Party Records and Data Mining Part II.

JO807: Advanced Journalism Research JO807: Week 13 “Freedom of Information Act” and the WWW.

Introduction to the APPs and the OAIC’s regulatory approach Presented by: Este Darin-Cooper Director, Regulation and Strategy May 2015.

Version 6.0 Approved by HIPAA Implementation Team April 14, HIPAA Learning Module The following is an educational Powerpoint presentation on the.

McGraw-Hill/Irwin Copyright © 2011 by The McGraw-Hill Companies, Inc. All rights reserved. Chapter 17 Administrativ e Law.

Copyright © 2004 by Prentice-Hall. All rights reserved. PowerPoint Slides to Accompany BUSINESS LAW E-Commerce and Digital Law International Law and Ethics.

Towards a Freedom of Information Law in Qatar Fahad bin Mohammed Al Attiya Executive Chairman, Qatar National Food Security Programme.

Class 7 Internet Privacy Law Your Digital Afterlife.

Tina Kraigher and Milena Podjed-Fabjančič 18 April 2010 Processing of Telephone Traffic Data of Employees ( a Case Study )

Standards and Guidelines for Web Page Publishing December 9, 2009.

Allows FBI to request (from FISA court judges) access to certain business records, including Common carriers (airlines, bus companies, and others in the.

DATA PRIVACY PERSONNEL FILES “P-FILE”. Wisconsin Public Records Wisconsin Statue – Wisconsin Statue – Wisconsin Statue 230 Wisconsin.

P A R T P A R T Regulation of Business Administrative Agencies The Federal Trade Commission Act and Consumer Protection Laws Antitrust: The Sherman Act.

Chapter 18 - The Fourth Amendment and National Security.

Class 11 Internet Privacy Law Government Surveillance.

CS 4001Mary Jean Harrold1 Class 24 Freedom of speech in cyberspace Assign Assignment 8—due today Term paper—due 11/20.

Working Effectively with Law Enforcement: How to Protect the Privacy of Your University Community Without Going to Jail Michael Corn Director, Security.

Chapter 20 - Third-Party Records and Data Mining Part II.

Chapter 22: Organization and Coordination of Counterterrorism Investigations.

Family Educational Rights and Privacy Act (FERPA) UNION COLLEGE.

“Technology Solutions” Full-Pipe Surveillance EDUCAUSE CSG - Blacksburg January 9, 2008 Lee Smith, Attorney.

Chapter 19 - Congressional Authority for National Security Surveillance Part II.

Chapter 43 Administrative Law and Regulatory Agencies

© 2010 Pearson Education, Inc., publishing as Prentice-Hall 1 ADMINISTRATIVE LAW AND REGULATORY AGENCIES © 2010 Pearson Education, Inc., publishing as.

Public Communications Law Lecture 13 Slide 1 Controlling Pre-Trial Publicity A court is obligated to try to make sure the defendant gets a fair trial.

IM NETWORK MEETING 20 TH JULY, 2010 CONSULTATION WITH 3 RD PARTIES.

October 10, 2007 Fenwick & West Conference Center EFF 2007 Bootcamp 2.0 Best Practices for OSPs: Law Enforcement Information Requests Kurt Opsahl, Senior.

May 11, 2009 Golden Gate University EFF 2009 Bootcamp 2.0 Best Practices for OSPs: Law Enforcement Information Requests Kurt Opsahl, Senior Staff Attorney.

s Protected by Fourth Amendment Right of Privacy By: Xavier Mulligan.

An Introduction to the Privacy Act Privacy Act 1993 Promotes and protects individual privacy Is concerned with the privacy of information about people.

Chapter 19 - Congressional Authority for National Security Surveillance Part I.

2009 Legislative Changes Concerning Protective Orders and Firearms Effective October 1, 2009 FVC--1.

FREEDOM of INFORMATION CHAPTER 9

The EU and Access to Environmental Information Unit D4 European Commission, Directorate General for the Environment 1.

1 Bonvillian v. Dep't of Insurance, 906 So.2d 596 (La.App. Cir ) What is the underlying dispute? Insurance Commission refused to renew a bail bond.

HIPAA Overview Why do we need a federal rule on privacy? Privacy is a fundamental right Privacy can be defined as the ability of the individual to determine.

Privacy Compliance in Schools Darrebin A/P’s Network 7 May 2009.

Sharing Information (FERPA) FY07 REMS Initial Grantee Meeting December 5, 2007, San Diego, CA U.S. Department of Education, Office of Safe and Drug-Free.

Introduction to the Australian Privacy Principles & the OAIC’s regulatory approach Privacy Awareness Week 2016.

VI. CRIMINAL PROCESS FROM ARREST TO CONCLUSION PRESENTED BY: JUDGE MARK A. SPEISER.

Surveillance around the world

Wyoming Statutes §§ through

An Introduction to Public Records Office of the General Counsel

Protection of News Sources

Chapter 20 - Third-Party Records and Data Mining

Essentials of the legal environment today, 5e

The University of Adelaide, School of Computer Science

Electronic Surveillance, Post 9/11

Chapter 43 Administrative Law and Regulatory Agencies

Patron Privacy in the Library

State of florida tax information sharing Paula Barfield August 5, 2015

Presentation transcript:

Chapter 20 - Third-Party Records and Data Mining Part I

2 Whalen v. Roe, 429 U.S. 589 (1977) "We are not unaware of the threat to privacy implicit in the accumulation of vast amounts of personal information in computerized data banks or other massive government files.... The right to collect and use such data for public purposes is typically accompanied by a concomitant statutory or regulatory duty to avoid unwarranted disclosures. Recognizing that in some circumstances that duty arguably has its roots in the Constitution, nevertheless New York’s statutory scheme, and its implementing administrative procedures, evidence a proper concern with, and protection of, the individual’s interest in privacy."

3 Smith v. Maryland - The Pen Register Looking back at this case, what is the court really saying about a reasonable expectation of privacy? What does the court see within the ambit of a reasonable expectation of privacy? Is it really an original intent approach, i.e., is the court looking to what the founders through of as personally private? Has the Court always recognized a right of privacy beyond 4th amendment searches?

4 United States Dept. of Justice v. Reporters Comm. for Freedom of the Press, 489 U.S. 749 (1989) What is the theory of expectation of privacy through obscurity? Is this really an administrative cost argument for expectation of privacy? How has the world changed since this opinion? Is this still a useful theory, or have we given up expectations of privacy based on administrative costs?

5 What would Jefferson have seen within the scope of privacy? Letters? His personal dwelling? His dealings with his bank?

6 Does the Public's Expectation of Privacy Match the Court's? If your employer can read it, can the government? Banking records? Transactions in general? Do you think the general public thinks their banking records are private? Their ? Their tweets? Why are transactions so valuable for intelligence? Should the use of encryption be seen as probable cause for the government to go after the contents of the communication?

7 Data Mining What is data mining? What about encryption - how do transactions escape this? Why is it so important commercially? What is the business model for Gmail? What about companies that buy your credit card and grocery store data? Are there restrictions on private data mining? Why does this make limits on governmental data mining ineffective?

8 National Security Letters Are these issued by a judge? Are these just administrative subpoenas with benefits? National Security Letter on page 560 What does paragraph 3 (readable paragraphs) provide? Does this apply to the entity's lawyer? Does that raise constitutional issue?

9 Library records Why is access to library check out records so controversial? How about video store rentals? Netflix? Online porn?

10 The Patriot Act Patriot Act Improvement limited access to library records, but did not end access: It left libraries subject to §215 orders, however, although it also limited the number of FBI officials who could approve §215 applications for library records, It also limited access to: ‘‘book sales records, book customer lists, firearms sales records, tax return records, educational records, or medical records containing information that would identify a person.’’ Are these all the same sort of records?

11 Doe v. Ashcroft (Doe I), 334 F. Supp. 2d 471 (2004) Doe was ‘‘directed’’ to provide certain information to the Government. As required by the terms of §2709, in the NSL the FBI ‘‘certif[ied] that the information sought [was] relevant to an authorized investigation to protect against international terrorism or clandestine intelligence activities.’’ Doe was ‘‘further advised’’ that §2709(c) prohibited him, or his officers, agents, or employees, ‘‘from disclosing to any person that the FBI has sought or obtained access to information or records under these provisions.’’ Doe was ‘‘requested to provide records responsive to [the] request personally’’ to a designated individual, and to not transmit the records by mail or even mention the NSL in any telephone conversation....

12 Who is Doe? What type of records are requested? Who should be worried about this NSL? What is Doe's concern? Does this include content? Is this information protected by law or is there a constitutional expectation of privacy? How was Doe to provide the requested records? Did Doe comply?

13 Getting the Content of If the Government gives prior notice to the subscriber, or otherwise complies with certain delayed notice procedures, the Government may also subpoena the contents of electronic communications which are either (1) retained on a system for storage purposes (e.g., opened which remains on an ISP’s server), or (2) retained, for more than 180 days, in intermediate or temporary storage (e.g., unopened on an ISP’s server). For the Government to obtain the contents of electronic communications kept for 180 days or less in intermediate or temporary storage (e.g., unopened on an ISP’s server), it must obtain a search warrant under Federal Rule of Criminal Procedure 41, or the state equivalent. Does this apply to Google, outside of GMAIL?

14 Alternative to NSL: Administrative Subpoenas Courts will enforce the subpoena as long as: (1) the agency’s investigation is being conducted pursuant to a legitimate purpose, (2) the inquiry is relevant to that purpose, (3) the information is not already within the agency’s possession, and (4) the proper procedures have been followed. How do you get judicial review?

15 Alternative to NSL: Criminal Subpoenas Does a judge have to make probable cause determinations before a criminal subpoena is issued? How do you get judicial review? Why are the standards different from search warrants? How is the execution of the orders different? Why does this allow a different path for judicial review?

16 FISA Warrants Can you get this info with a FISA warrant? Can you get the content of ? Letters? Phone calls? Why not use a FISA warrant?

17 National Security Letter Procedure Why not just use administrative warrants or criminal warrants? Why have a secrecy provision? Who might Doe tell that would upset the feds? How is this handled with criminal warrants? Does the FBI count on people being less likely to contest an NSL?

18 Contesting an NSL Does the statute forbid judicial review? Would that be constitutional? How does the agency intimidate recipients to avoid review? How was Doe contacted? How was he told to deliver the records? What about talking to others? What would a reasonable non-lawyer assume?

19 Is Intimidation a Legal Issue? Roughly how many NSLs had been issued by the time of this case? How many had been contested in court? What did the judge conclude from this? What did he rule about using §2709 in this manner?

20 Does §2709 Violate Subscriber's Rights? What are the 1st Amendment issues with getting addresses? How is this different from access to bank records and other transaction records? What are potential examples? What about header information, such as subject? What about info on reading blogs, postings to lists, web sites visited, tweets read, etc? What issues do these raise? How is this different from pen registers?

21 Anonymous Internet Speech and Associational Activity Should this be a constitutional right? What if you attack others? What did the judge think? Are the protections of §2709 adequate? Does the judge say that it could never meet the standard?

22 Is the Non-Disclosure Provision Unconstitutional? Section 2709(c) states: ‘No wire or electronic communication service provider, or officer, employee, or agent thereof, shall disclose to any person that the Federal Bureau of Investigation has sought or obtained access to information or records under this section.’ Is this a prior restraint or content restriction?

23 Is §2709(c) a Prior Restraint? First, axiomatically the categorical non-disclosure mandate embodied in §2709(c) functions as prior restraint because of the straightforward observation that it prohibits speech before the speech occurs. As the Supreme Court articulated the threshold inquiry: ‘‘The relevant question is whether the challenged regulation authorizes suppression of speech in advance of its expression.’’

24 Can §2709(c) be Fixed by the Agency? Does §2709(c) give the agency discretion to adopt a balancing test for governmental needs versus 1st Amendment rights? Are there allowable restrictions on 1st Amendment activities?

25 Warshak v. U.S., 490 F.3d 455 (6th Cir.(Ohio) Jun 18, 2007) Plaintiff seeks a declaratory judgment (facial challenge) that the provisions of the Stored Communications Act (SCA) allowing administrative subpoenas to his ISP for his s is unconstitutional. Plaintiff learned that s had been released to the government and sought declaratory judgment and an injunction on behalf of himself and all other users.

26 The Statute Therefore the standard necessary to obtain an order under the [Stored Communications Act (SCA), 18 U.S.C. §§ ] – that the government introduce “specific and articulable facts showing that there are reasonable grounds to believe that the contents” of the to be seized “are relevant and material to an ongoing criminal investigation” [18 U.S.C. §2705(d)] – is permissible as the functional equivalent of a subpoena given the subject’s ability to contest the order in court. Because this standard is lower than the probable cause standard necessary to obtain a search warrant, it is sufficient to justify a warrantless search only in instances where notice is provided to the account holder.

27 The Expectation of Privacy in Why are analogies between ISPs and the post office misguided? Why is there no expectation of privacy in bank records? How does this court see as different from bank records? What about in the hands of a recipient?

28 The Nature of the Expectation How much of this expectation of privacy is due to statutes? What if those changed? What if the court said they did not apply for national security investigations? Do you have an expectation of privacy if there are any exceptions?

29 The Court's Assumption Like telephone conversations, simply because the phone company or the ISP could access the content of s and phone calls, the privacy expectation in the content of either is not diminished, because there is a societal expectation that the ISP or the phone company will not do so as a matter of course. What is the most common counterexample?

30 The Contract with the ISP Why does the contract with the ISP matter? What about on the employer's computer? What about on the University system? Does it matter whether the ISP really looks at the , or only has the right to? What about gmail - how is Google like the NSA when it comes to ?

31 Warshak v. U.S., 532 F.3d 521 (6th Cir.(Ohio) Jul 11, 2008) The appeals court vacated the previous opinion It applied an Abbott Labs analysis and rejected the facial challenge to the SCA It found that the plaintiff had not made a proper showing under Abbott of imminent harm It found that he had two ways of attacking the subpoenas Motion to exclude evidence Bivens action Are these satisfactory?