Legal Aspects of Legal Aspects of Electronic PrivacyElectronic Privacy

CSCI 327

Workplace PrivacyWorkplace Privacy

you have essentially no right to privacy in the workplace

US v EUUS v EU EU

privacy is a human right laws broadly protect personal information

US privacy is insured via market pressure and

industry self regulation targeted regulations in specific domains

Cyberethics by Richard Spinello

European Union Directive on PrivacyEuropean Union Directive on Privacy

Adopted by EU Parliament in 1995

Article 1:"to protect fundamental rights and freedom of natural persons, and in particular the right to privacy with respect to the processing of personal data."

Article 6:data must be:

processed fairly and lawfully collected for specified, explicit, and legitimate purposes accurate and kept up to date

Article 7:only process data when data subject has provided his/her consent

Cyberethics by Richard Spinello

US Privacy LawsUS Privacy LawsFair Credit Reporting Act - 1970

credit reports only shared by written request by the individual by court order for legitimate 3rd party uses

FERPA - 1974

Cable Communication Policy Act - 1984 cable companies can not collect or disseminate info about your viewing habits

Video Privacy Protection Act - 1988 video stores cannot disclose the list of videos you rented

Driver's Privacy Protection Act - 1994 a state cannot sell your driver's license info

Children's Online Privacy Protection Act - 1998 web sites cannot collect data on children under age 13

HIPPA - 2001

Cyberethics by Richard Spinello

Is your right to privacy protected by the U.S. Constitution?

No. Well, maybe. ... 1st Amendment

Congress shall make no law respecting an establishment of religion, or prohibiting the free exercise thereof; or abridging the freedom of speech, or of the press; or …

14th Amendment No State shall deprive any person of life, liberty, or property, without

due process of law.

9th Amendment The enumeration in the Constitution, of certain rights, shall not be

construed to deny or disparage others retained by the people.

44thth Amendment Amendment

The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no warrants shall issue, but upon probable cause, supported by oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.

Olmstead v. United States

Olmstead ran a bootleg operation

prohibition officers tapped his phone via the basement without a warrant

they did not enter his apartment

in 1928, Supreme Court ruled Olmstead's rights were not violated

Federal Communications Act of 1934

illegal to intercept and reveal wire communications without a warrant

FBI still wiretapped phones during WWII for national security purposes

Katz v United States without a warrant, police placed a bug on the

outside of a public phone booth used by Katz to make illegal bets

In 1967, the US Supreme Court ruled Katz's rights were violated. Katz reasonably thought his conversation was private,

hence the recording was an illegal search and seizure the 4th amendment protects people, not places the 4th amendment governs seizure of tangible items,

as well as recording of oral statements

"reasonable expectation of privacy"

what society recognizes as reasonable, not your idea of reasonable

Reasonable: your home or hotel room public restroom

Unreasonable: garbage left on street normal aerial surveillance smells coming from your car

Wiretaps … 1968 - Crime Control and Safer Streets Act

wiretap warrants require probable cause annual report of wiretaps submitted to congress

1972 - US Supreme Court warrantless wiretaps illegal, even regarding national

security

1994 - Communication Assistance for Law Enforcement Act telecom companies must design their digital systems

to be tap-able

Electronic Communications Privacy Act enacted in 1986 ECPA was an amendment to Title III of the Omnibus Crime

Control and Safe Streets Act of 1968, which was primarily designed to prevent unauthorized government access to private electronic communications. Title I of ECPA protects electronic communications while in transit.

Title II of the ECPA, protects messages stored on computers.

Title III prohibits the use of pen register and/or trap and trace devices to record dialing, routing, addressing, and signaling information used in the process of transmitting wire or electronic communications.

http://en.wikipedia.org/wiki/Electronic_Communications_Privacy_Act

NSA and FISA Starting during WWII, the Signal Security Agency

monitored all telegrams entering and leaving the US The program was later used to

fight organized crime war on drugs monitor anti-Vietnam war groups

NSA ended that program in 1975

Foreign Intelligence Surveillance Act of 1978 (FISA) warrant required with 72 hours if "US person" involved amended by Patriot Act in 2001 to include terrorism

warrantless wiretaps of US citizens ended in 2007 replaced by Protect America Act of 2007, which expired replaced by FISA Amendments Act of 2008

granted immunity to telecoms that had helped the NSA

Patriot Act

allows officials to track emails without showing probable cause

allows roving surveillance for intelligence (not just crime investigation), tapped device does not have to be owned by the suspect

search warrants no longer have to be served warrants for records do not require probable

cause …

Uniting and Strengthening America by Providing Appropriate Tools Required to

Intercept and Obstruct Terrorism (USA PATRIOT)

Patriot Act Contents

Numerous amendments to existing laws

E.g. FERPAUniversities may supply student info to law

enforcement without student consent or notification

requires warrant related to terrorism

Monitoring of Foreign Students

Total Information AwarenessTotal Information Awareness

In January 2002, DARPA created the Information Awareness Office (IAO)

In February 2003, IAO began the Total Information Awareness program program director was Admiral Poindexter, who had

been convicted of lying to Congress and destroying documents during Iran-Contra

US v JonesUS v JonesJanuary 23, 2012

By a vote of 9 to 0: "the Government’s attachment of the GPS device to the vehicle, and its use of that device

to monitor the vehicle’s movements, constitutes a search under the Fourth Amendment."

The justices split 5-4 on the reasoning and the breadth of the ruling in opinions written by justices Scalia and Alito: Scalia argued that the appropriate ground for resolving Jones' case centered around the

government's physical trespass on a private citizen's "effect" (his car),

Alito argued that the majority opinion leaves open too many questions by avoiding the inevitable reasonable expectation of privacy inquiry that other cases will surely present. Furthermore, Alito predicted that the narrow grounds used for deciding the case may not apply to many of the future Fourth Amendment cases, where the police need not commit a physical trespass to use electronic surveillance to gather information.

http://en.wikipedia.org/wiki/United_States_v._Antoine_Jones

BCA agreed to FBI terms on secret cellphone trackingBy Abby Simons -- (Minneapolis MN) Star Tribune -- December 5, 2014

Minnesota’s top law enforcement agency agreed to terms set by the FBI to resist any attempts by the public to gain information about controversial cellphone-tracking technology, according to documents obtained by the Star Tribune.

…

In a heavily redacted 2012 contract signed by then-Assistant BCA Superintendent David Bjerga, the agency agreed to “immediately notify the FBI” of any request for information concerning the device’s manufacturer, Florida-based Harris Corp., under the Freedom of Information Act (FOIA), or under judicial, administrative or legislative requests.

Any court orders directing the BCA to reveal information about Harris Corp. “will immediately be provided to the FBI in order to allow sufficient time for the FBI to intervene to protect the equipment/technology and information from disclosure and potential compromise,” the contract reads.

Based on Vague Tip, the Feds can Surveil Anyone

by Cora Currier, The Intercept, Jan 31, 2017https://theintercept.com/2017/01/31/based-on-a-vague-tip-the-feds-can-surveil-anyone/

At its lowest level of investigative activity, on the basis of vague tips or broad intelligence interests, the FBI can follow people with airplanes, examine travel records, and analyze links between email, phone, and other records collected by intelligence agencies.

Assessments allow agents to look into tips or leads that don’t meet the standard for opening an investigation, which requires specific information or allegations of wrongdoing — an “articulable factual basis” for suspicion, as FBI rules put it. In an assessment, by contrast, an agent just needs to give an “authorized purpose” for their actions. …

When assessments were made an official category in the last months of the George W. Bush administration, civil liberties advocates warned that the change eroded limits imposed on the bureau after the abuses of J. Edgar Hoover’s FBI came to light in congressional investigations in the 1970s. Those limits set high standards for the FBI’s investigations, requiring them to be tied to evidence of wrongdoing and adding layers of oversight. Advocates now say that the standard for opening an assessment is just too low, allowing for enormous amounts of information to be collected and retained even when nothing turns up.

Question

Your Analysis? does the government have too much or too

little ability to conduct surveillance