Presentation is loading. Please wait.

Presentation is loading. Please wait.

Paul Ohm Associate Professor, CU Law Initiative Director, Silicon Flatirons December 4, 2009.

Published byCandice Truelove Modified over 10 years ago

Similar presentations

Presentation on theme: "Paul Ohm Associate Professor, CU Law Initiative Director, Silicon Flatirons December 4, 2009."— Presentation transcript:

1 Paul Ohm Associate Professor, CU Law Initiative Director, Silicon Flatirons December 4, 2009

2 Background and History Wiretap Act and Pen Register and Trap and Trace Act Stored Communications Act

3 Background and History Wiretap Act and Pen Register and Trap and Trace Act Stored Communications Act

4 1928: Olmstead v. United States 1934: Communications Act 1967: Katz v. United States 1968: Omnibus Crime Control and Safe Street Acts: Title IIIWiretap Act 1986: Electronic Communications Privacy Act 2001: USA PATRIOT Act

5 Privacy on telephone and data networks Rules for government access Rules for sharing by providers Criminalizes certain privacy invasions

6 Background and History Wiretap Act and Pen Register and Trap and Trace Act Stored Communications Act

7 The Wiretap Act governs monitoring in real-time Traditional telephone wiretaps Internet packet sniffers

8 The Wiretap Act prohibits the interception of wire or electronic communications Five-year felony Unless an exception applies

9 Dozens Several used commonly in criminal investigations Court order Consent of a party to the communication Provider self defense

10 Wiretap order permits interception Many hurdles Super warrant Probable cause Limited time Minimization Necessity

11 Interception allowed if a party to the communication has given prior consent to such interception Possible sources: Banner Terms of service Employment agreements

12 Provider can monitor to protect the rights or property of the provider Provider can share results of past monitoring with law enforcement

13 The Pen Register and Trap and Trace Act governs real-time collection of non- content information about a user such as: Addresses on inbound/outbound email Internet addresses for websites visited by a user List of addresses from which visitors to website originate Does not include content Almost no hurdle for government whatsoever

14 Background and History Wiretap Act and Pen Register and Trap and Trace Act Stored Communications Act

15 The Stored Communications Act governs stored information held by certain communications providers

16 Type of Provider To the public versus only non-public Providing communications versus storage/processing services Providing those services versus other services For Content Fresh versus stale Unopened email versus opened email For Non-content Detailed transactional records versus basic subscriber information

17 Electronic Communications Services Email Phone IM Text messages Remote Computing Services Computer storage Online backup services, photo hosting Processing services Amazons EC2

18 Google search Google books CNN.com Amazon / eBay

19

20 Basic Subscriber Information can be obtained with a mere subpoena Means Name & address Local and LD telephone toll billing records Telephone number or other account identifier (such as username or screen name) Length & type of service provided Session times and duration Temporarily assigned network address Means and source of payment

21 Everything that is not basic subscriber information but is also not content Means Audit trails / logfiles Identities of e-mail correspondents Can be obtained with a court order 2703(d) order specific and articulable facts showing that there are reasonable grounds to believe that [the requested records] are relevant and material to an ongoing criminal investigation

22 Rules are somewhat in flux due to Theofel v. Farey-Jones, 341 F.3d 978 (9th Cir. 2003) Some contents require a search warrant Pre-Theofel: Unopened email Theofel: All email

23 Some contents obtainable with mere subpoena Pre-Theofel: Opened email Theofel: Almost no email Also: Non-email stored files, stale email Subpoena must include notice to subscriber May be delayed 90 days

24 Providers not to the public may disclose anything to anyone. Unregulated by SCA Providers to the public must look to statutory exceptions

25 Public providers may voluntarily share non-content with any non-governmental party for any reason

26 Public providers may voluntarily share non-content and content with government only when: Consent to do so exists (terms of service) To protect rights and property If provider, in good faith, believes that an emergency involving danger of death or serious physical injury to any person requires disclosure

27 Three panels Two on ECPA reform

Download ppt "Paul Ohm Associate Professor, CU Law Initiative Director, Silicon Flatirons December 4, 2009."

Similar presentations

1 Online Criminal Investigations: The USA Patriot Act, ECPA, and Beyond Mark Eckenwiler Computer Crime and Intellectual Property Section U.S. Department.

1 Online Criminal Investigations: The USA Patriot Act, ECPA, and Beyond Mark Eckenwiler Computer Crime and Intellectual Property Section U.S. Department.
Electronic Surveillance, Security, and Privacy Professor Peter P. Swire Ohio State University InSITes -- Carnegie Mellon February 7, 2002.

Electronic Surveillance, Security, and Privacy Professor Peter P. Swire Ohio State University InSITes -- Carnegie Mellon February 7, 2002.
Key New Surveillance Provisions Professor Peter P. Swire Ohio State University Privacy 2001 Conference October 4, 2001.

Key New Surveillance Provisions Professor Peter P. Swire Ohio State University Privacy 2001 Conference October 4, 2001.
Privacy Laws and First Amendment Content Professor Peter P. Swire Ohio State University John Marshall Symposium on Copyright & Privacy Conference November.

Privacy Laws and First Amendment Content Professor Peter P. Swire Ohio State University John Marshall Symposium on Copyright & Privacy Conference November.
SEARCH AND SEIZURE: COMPLICATED BY TECHNOLOGY

SEARCH AND SEIZURE: COMPLICATED BY TECHNOLOGY
Richard Warner USA Patriot Act: Money Laundering Provisions.

Richard Warner USA Patriot Act: Money Laundering Provisions.
1 Louisiana Department of Health and Hospitals Basic HIPAA Privacy Training: Policies and Procedures 01/09/2009 0.

1 Louisiana Department of Health and Hospitals Basic HIPAA Privacy Training: Policies and Procedures 01/09/
Electronic Communications Privacy Act (ECPA)

Electronic Communications Privacy Act (ECPA)
Cyber Security - the Laws that Govern Incident Response Joel Michael Schwarz Department of Justice Computer Crime and Intellectual Property Section Criminal.

Cyber Security - the Laws that Govern Incident Response Joel Michael Schwarz Department of Justice Computer Crime and Intellectual Property Section Criminal.
©The USA PATRIOT Act and You: A Legal Update Jennifer Stisa Granick, Esq. Stanford Law School Center for Internet & Society 559 Nathan Abbott Way Stanford,

©The USA PATRIOT Act and You: A Legal Update Jennifer Stisa Granick, Esq. Stanford Law School Center for Internet & Society 559 Nathan Abbott Way Stanford,
Data Protection.

Data Protection.
Copyright 2005 - 2009: Hi Tech Criminal Justice, Raymond E. Foster Police Technology Police Technology Chapter Fourteen Police Technology Wiretaps.

Copyright : Hi Tech Criminal Justice, Raymond E. Foster Police Technology Police Technology Chapter Fourteen Police Technology Wiretaps.
Criminal Procedure for the Criminal Justice Professional 11 th Edition John N. Ferdico Henry F. Fradella Christopher Totten Prepared by Tony Wolusky Searches.

Criminal Procedure for the Criminal Justice Professional 11 th Edition John N. Ferdico Henry F. Fradella Christopher Totten Prepared by Tony Wolusky Searches.
Legal Considerations in Obtaining Electronic Evidence in Online Investigations CSC 486/586 1.

Legal Considerations in Obtaining Electronic Evidence in Online Investigations CSC 486/586 1.
The Patriot Act And computing. /criminal/cybercrime/PatriotAct.htm US Department of Justice.

The Patriot Act And computing. /criminal/cybercrime/PatriotAct.htm US Department of Justice.
Cyber Security - the laws that protect your systems and govern incident response Joel Michael Schwarz Department of Justice Computer Crime and Intellectual.

Cyber Security - the laws that protect your systems and govern incident response Joel Michael Schwarz Department of Justice Computer Crime and Intellectual.
USA PATRIOT ACT USA PATRIOT ACT

USA PATRIOT ACT USA PATRIOT ACT
Responding to Cybercrime in the Post-9/11 World Scott Eltringham Computer Crime and Intellectual Property Section U.S. Department of Justice (202) 353-7848.

Responding to Cybercrime in the Post-9/11 World Scott Eltringham Computer Crime and Intellectual Property Section U.S. Department of Justice (202)
1 ISPs and Federal Privacy Law: Everything You Need to Know About the Electronic Communications Privacy Act (ECPA) Mark Eckenwiler Computer Crime and Intellectual.

1 ISPs and Federal Privacy Law: Everything You Need to Know About the Electronic Communications Privacy Act (ECPA) Mark Eckenwiler Computer Crime and Intellectual.
Chapter 10 Privacy and the Police State. Governmental Intrusion into Individual Privacy Affects written and oral communications Data-GPS coordinates Fourth.

Chapter 10 Privacy and the Police State. Governmental Intrusion into Individual Privacy Affects written and oral communications Data-GPS coordinates Fourth.

Similar presentations

Ads by Google