THE NATURE OF THE REVOLUTION: RETHINKING RENO TO REFLECT THE REALITY THAT THE INTERNET IS PART OF THE PHYSICAL WORLD

Jul 10th, 2019 governance, regulation

No comments

ABSTRACT
When the government regulates the Internet, it is not regulating speech but rather a transportation system. The United States Supreme Court erred—albeit reasonably and understandably—in the early days of the Internet when it viewed the Internet as if it were solely a medium for speech. A more accurate paradigm for evaluating government regulation of the Internet is that of the interstate highway system and trucks moving payloads. Those are highly regulated activities. With this more technologically-informed understanding of this network of networks, the Court should view the Internet through the lens of affirmative grants of power such as the Commerce Clause or national security powers. Much like trucks on a highway might carry caustic acid or political tracts, the presence of expressions of human thoughts in some packets will rarely outweigh legitimate government interests in public safety and security. Viewed in this way, government regulation of the Internet generally should be upheld.

– William C. Snyder and Ryan D. White

Direct link: http://bc50ed2ddddaed3c0bb8-62ef5432bf9114061c2f55538807a4ef.r87.cf5.rackcdn.com/Snyder_White_Reno.pdf

Snyder_White_Reno

Tags: ,

Actual Assange Indictment

Apr 11th, 2019 Current Affairs, Cyber Espionage, cybersecurity, hackers

No comments

It is simple and powerful without any complex or hard-to-prove intents or mental states.  It charges unauthorized access resulting in obtaining information, plus the mighty federal conspiracy statute.

assangeind-1

Tags: , ,

Actual Indictment of Russian GRU Agents for cyber operations to interfere with the 2016 US. presidential election

Jul 13th, 2018 cybersecurity, National Security, Russia

No comments

The Indictment filed July 13, 2018, and signed by Robert Mueller, the Special Counsel:

full

Tags: , , ,

Professor comments on Carpenter decision – proceeding one step at a time

Jun 22nd, 2018 privacy

No comments

The Supreme Court’s decision today in Carpenter v. United States will have far-reaching impacts, because it extends Constitutional protections to cell-site location information and not just to the actual content or words and sounds of a cellphone call or text message.  That is, the Katz reasonable expectation of privacy test now applies Fourth Amendment protection not only to the contents of your phone call but also to some of its metadata.  The government now needs a warrant issued by a judge in order to obtain long-term, detailed records of the location of a cell phone.  The ruling also is significant because the Court reasons that Constitutional protections against unreasonable searches and seizures must change as technology advances – surely a sign that more change will come.  Also, the Court struck down Congress’s protections for cell-site location information.  The FBI had fully complied with the Stored Communications Act and obtained federal court orders requiring Sprint and another carrier to turn over the geolocation information, but the Supreme Court found them to be not good enough.  Those orders are less difficult for police to obtain than are search warrants.  Now, more stringent search warrants are required.

Nevertheless, the Court affirmed that “a person has no legitimate expectation of privacy in information he voluntarily turns over to third parties … even if the information is revealed on the assumption that it will be used only for a limited purpose.”  The so-called “Third Party Records Doctrine” survives; the Court just found that it does not apply to long-term “encyclopedic” geographic information generated by cell phones.  Striking down the Third Party Records Doctrine would have had enormous implications for government investigations, both for law enforcement and intelligence agencies.  The Court not only did not go that far, but it reaffirmed the basic principle that the Constitution does not protect evidence a person voluntarily provides to someone else.

These matters are complex.  The justices wrote 119 pages to explain their reasoning.  Also, the decision was 5-4, decided by just one vote.

Today’s decision is, in the words of the Court, “a narrow one.”  It is a step toward extending Constitutional protections in the cyber age, but only a step.  It points a direction, but the Court is proceeding one step at a time.

– statement by William C. Snyder, Teaching Professor of Law, Syracuse University

Tags: , ,

Congressional Research Service: Law Enforcement Access to Overseas Data under the CLOUD Act

May 3rd, 2018 cybersecurity

No comments

Below is a primer from the Congressional Research Service on the CLOUD Act. Earlier this week, a post on Lawfare set forth some suggestions for how to implement the legislation.

LSB10125

Tags:

Cyber Round Up: Congress Challenges FBI on Encryption; CTIIC’s Role in Cyber Security; Orangeworm Attacks Healthcare Sector

Apr 25th, 2018 Congress, cybersecurity, encryption

No comments

  • Congress wants answers on FBI’s ‘going dark’ problem in wake of DOJ IG report (CyberScoop):  Some members of Congress are challenging the FBI over its handling of the encryption battle with Apple, a recent article says.  Several lawmakers wrote a letter to FBI Director Chris Wray stating their concerns over both the San Bernardino incident and the director’s remarks that the FBI could not access 7,800 devices last year.  The letter seems to have been sparked by a recent report from the DOJ Inspector General. The full letter can be read below.

letter_to_fbi_dir_wray_re_going_dark

  • CTIIC’s Role in Keeping America Safe in Cyber (Cipher Brief):  An article earlier this month examined the role of the Cyber Threat Intelligence Integration Center (CTIIC) in relation to cyber security, focusing particularly on the WannaCry attack last May.  The article explains that the main focus of the Center during that time was to integrate and share information with the rest of the U.S. government.  The article draws parallels between the NCTC and the CTIIC, but note that one difference is that CTIIC’s success is largely due to information sharing with the private sector. The full article can be found here.

  • New Orangeworm attack group targets the healthcare sector in the U.S., Europe, and Asia (Symantec):  A new report from Symantec explains an emerging cyber threat in the global healthcare sector. The group called Orangeworm was first identified in 2015 and has been known to “conduct[] targeted attacks against organizations in related industries as part of a larger supply-chain attack in order to reach their intended victims. Known victims include healthcare providers, pharmaceuticals, IT solution providers for healthcare and equipment manufacturers that serve the healthcare industry . . . ” The article explains that the targets are not random and seem to be carefully chosen. The full report can be found here.

Tags: , , , , , ,

DOJ Inspector General: Special Inquiry Regarding iPhones and Encryption

Apr 20th, 2018 AppleVsFBI, encryption

No comments

A Special Inquiry Regarding the Accuracy of FBI Statements Concerning its Capabilities to Exploit an iPhone Seized During the San Bernardino Terror Attack Investigation

o1803

Tags:

Cyber Round Up: DHS to Provide Direct Cyber Services; Promise and Peril of Active Cyber Defense; Cyber Operations Stealing from Drone playbook

Apr 19th, 2018 Active Cyber Defense, cybersecurity, DHS

No comments

  • DHS Might Provide Cyber Services Directly To Industry Under New Strategy (Nextgov):  With a new DHS cyber strategy set to be released in the coming weeks, reports suggest that the agency could be taking on a new role in the cyber realm.  DHS Secretary Kirstjen Nielsen described the new system as “security as a service” and called it a “natural evolution.” The article says that Nielsen would not elaborate on the details of the new strategy but that it was consistent with ones from the Obama administration. The full article can be read here.

  • The promise and peril of active cyber defense (The Hill): A recent opinion piece on The Hill discusses the shortcomings of current cyber strategy in the U.S. and suggests adopting active cyber defense policies. The article makes clear that the options for this extend well beyond hackbacks that are illegal under U.S. law. The options “can include everything from honeynets and beacons to botnet takedowns and sanctions.” But the article also identifies the shortcomings of active cyber defense, including collateral damage to third parties. The full article and questions posed by the author can be read here.

  • How Obama’s drone playbook could influence future cyber operations (Fifth Domain):  The Department of Defense is considering utilizing cyber operations in places where the U.S. is not already engaged in conflict, according to a recent article.  Admiral Michael Rogers, head of U.S. Cyber Command, testified to Congress that the U.S. needs to adapt to better use its cyber capabilities “outside the designated areas of hostility.” The article explores how this new cyber policy parallels what happened in the Obama administration with drone strikes.  It also includes analysis from Bobby Chesney, who notes that cyber operations could inadvertently implicate a third nation’s sovereignty. The full article can be read here.

Tags: , ,

Advisory: Russian State-Sponsored Cyber Actors Targeting Network Infrastructure Devices

Apr 17th, 2018 critical infrastructure, cyberattack, cybersecurity

No comments

Russian State Sponsored Actor Advisory

Tags:

Cyber Round Up: Encryption is About Crime, Not Terrorism; Fight over Control of Cyber Command; Pentagon Cloud Contract

Apr 17th, 2018 AppleVsFBI, cybersecurity, Cyberwar, DOD, encryption

No comments

  • The Encryption Debate Isn’t About Stopping Terrorists, It’s About Solving Crime (Lawfare): A post last week on Lawfare added to the ongoing debate over encryption but with a different focus. The author said that regardless of any flaws with third party (which means government, according to the author) access, the biggest problem remains traditional crime, not terrorism. Speaking from his experience as a federal prosecutor dealing with not so savvy criminals, the author said that a switch to making encryption the default setting on apps such as Whatsapp will have a devastating impact on “ordinary crime” beyond the typical national security issues we hear about.  The full article can be found here.

  • Command and control: A fight for the future of government hacking (CyberScoop):  While the nation finally has a fully operational cyber force, new challenges have quietly emerged behind the scenes, according to an article last week. Several federal agencies from law enforcement, military, and defense have all been vying to shape the answer to one big question: “If the U.S. is going to strike back at foreign targets in cyberspace, when should the soldiers or the spies lead the charge?”  The article gives a lengthy history of the debate and suggests that the scales have recently titled away from the IC and in favor of the military. The full article can be read here.

  • Google is Pursuing the Pentagon’s Giant Cloud Contract Quietly, Fearing An Employee Revolt (Defense One):  Last year, Secretary of Defense Mattis took a trip to the West Coast to meet with executives from Amazon and Google, an article last week said.  A trip that began with skepticism ended with Mattis “convinced that the U.S. military had to move much of its data to a commercial cloud provider — not just to manage files, email, and paperwork but to push mission-critical information to front-line operators.” Now, the article says, the shift to the cloud is happening in the form of a $10 billion contract.  The article lists Microsoft, Amazon, and Google as the front runners and discusses what exactly the winner might be tasked with doing. The full article can be read here.

Tags: , , ,

Next Page »

Authors

Untitled Document
Professor William Snyder

Professor William C. Snyderis a member of the faculty of the Institute for National Security and Counter-terrorism at Syracuse University after fifteen years with the United States Department of Justice.

Ryan D. White

Ryan D. WhiteRyan is currently a third year law student at Syracuse University College of Law, and is also pursuing a Master of Public Administration degree from Syracuse’s Maxwell School of Citizenship and Public Affairs. Ryan spent time with Homeland Security Investigations while pursuing his undergraduate degree at Wesleyan University, and spent his first summer of law school as clerk for the U.S. Attorney’s Office in the Western District of New York. He is a member of Syracuse Law Review, the Journal on Terrorism and Security Analysis, and participates in the Veteran’s Legal Clinic. Full biography

Shelby E. Mann

Ryan D. WhiteShelby is a second year law student at the Syracuse University College of Law. She is the 2018-9 Editor in Chief of the Syracuse Law Review, as well as a member of the Journal on Terrorism and Security Analysis, and the senior editor for the Syrian Accountability Project. During her final year at the University of Missouri, she served as a full-time news producer for ABC 17 News. Shelby spent her first summer of law school at the Shelby County District Attorney General's Office in Memphis, Tenn., in the Public Corruption and Economic Crimes Unit. Full biography

Christopher w. FolkChristopher W. Folk

is a 2017 graduate of SU College of Law. A non-traditional student, Christopher returned to academia after spending nearly twenty years in the high tech industry. Christopher served in the Marine Corps, graduated from Cornell University with a B.S. In Applied Economics and Business Management, attended Northeastern University’s High-Tech MBA Program and received a M.S. In Computer Information Systems. Christopher previously worked in Software Engineering. Christopher is currently serving his second term as Town Justice for the Town of Waterloo. Christopher externed with a Cybersecurity firm in the Washington, D.C. area between his first and second year at SU College of Law. Full biography

Anna Maria Castillo

Anna Maria Castillois 2016 graduate of Syracuse College of Law. She also holds a Master of Arts in International Relations from Syracuse University's Maxwell School of Citizenship and Public Affairs. She has interned at a London-based think-tank that specializes in transnational terrorism and global security and at the legal department of a defense contractor. She served as an executive editor in the Syracuse Law Review. Full biography

Jennifer A. CamilloJennifer A. Camillo

is a 2015 graduate of Syracuse College of Law and is a prosecutor. She has served as a law clerk in the United States Attorney’s Office for the Northern District of New York and the Cayuga County District Attorney’s Office and as an extern in the Oneida County District Attorney’s Office. She was a member of the Syracuse National Trial Team and was awarded the Tiffany Cup by the New York Bar Association for her trial advocacy achievements.

Tara J. PistoreseTara J. Pistorese

holds Juris Doctor and Masters of Public Administration degrees from Syracuse University's Maxwell School of Citizenship and Public Affairs and its College of Law. She wrote for this blog when a student. She is now a member of the U.S. Army Judge Advocate General's Corps.

Benjamin Zaiser

is both a scholar and a Federal Agent of the Federal Criminal Police Office of Germany. (Opinions expressed here are his own and not any part of official duty.) Full biography

Recent Posts

Categories

Recent Comments

Tags

Anonymous AppleVsFBI China Chinese cyber-espionage CIA CISPA critical infrastructure cyber cyber-espionage cyberattack cyber attack Cyber Command cyber security cybersecurity cybersecurity legislation cyberspace cyberwar cyber war Department of Homeland Security DHS DOD FBI Google hackback hacker hacking internet governance Iran keith alexander National Strategy for Trusted Identities in Cyberspace NATO NIST NS-TIC NSA NSTIC Pentagon PIPA privacy Russia SOPA Stuxnet United States WCIT White House WikiLeaks

Archives

Meta

RSS
Follow by Email
Facebook
Twitter
LinkedIn