Senators want warrant protections for US email stored overseas

A new bill in Congress would require U.S. law enforcement agencies to obtain court-ordered warrants before demanding the emails of the country's residents when they are stored overseas.

The International Communications Privacy Act, introduced Wednesday by three senators, would close a loophole that allows law enforcement agencies to request emails and other electronic documents without warrants. 

Congress has been working since 2010 to rework the 1986 Electronic Communications Privacy Act (ECPA), a law that sets down rules for law enforcement access to electronic communications, but the focus has been on requiring warrants for emails and other communications stored in the cloud for longer than 180 days.

To read this article in full or to leave a comment, please click here

Continue reading »

Celebrity hacker Guccifer’s confession gives us all a lesson in security

The activity of Romanian hacker Guccifer, who has admitted to compromising almost 100 email and social media accounts belonging to U.S. government officials, politicians, and other high-profile individuals, is the latest proof that humans are the weakest link in computer security.

Marcel Lehel Lazar, 44, is not a hacker in the technical sense of the word. He’s a social engineer: a clever and persistent individual with a lot of patience who a Romanian prosecutor once described as “the obsessive-compulsive type.” By his own admission, Lazar has no programming skills. He didn’t find vulnerabilities or write exploits. Instead, he’s good at investigating, finding information online and making connections.

To read this article in full or to leave a comment, please click here

Continue reading »

US agency releases privacy ‘best practices’ for drone use

The National Telecommunications & Information Administration released Thursday a list of voluntary privacy best practices for commercial and non-commercial drone users, in the wake of concerns that drones could encroach on individual privacy and open a new front in the collection of personal data for commercial use.

The privacy guidance, arrived at in consensus with drone organizations and companies like Amazon and Google’s parent Alphabet, recommends that drone operators who collect personal data should have a privacy policy that explains what personally identifiable information they will collect, for what purpose the data is collected and if it will be shared with others, including in response to requests from law enforcement agencies.

To read this article in full or to leave a comment, please click here

Continue reading »

Got privacy? If you use Twitter or a smartphone, maybe not so much

The notion of online privacy has been greatly diminished in recent years, and just this week two new studies confirm what to many minds is already a dismal picture.

First, a study reported on Monday by Stanford University found that smartphone metadata—information about calls and text messages, such as time and length—can reveal a surprising amount of personal detail.

To investigate their topic, the researchers built an Android app and used it to retrieve the metadata about previous calls and text messages—the numbers, times, and lengths of communications—from more than 800 volunteers’ smartphone logs. In total, participants provided records of more than 250,000 calls and 1.2 million texts.

To read this article in full or to leave a comment, please click here

Continue reading »

Senators will introduce a bill to limit government hacking warrants

A U.S. senator will introduce legislation to roll back new court rules that allow judges to give law enforcement agencies the authority to remotely hack computers.

Senator Ron Wyden, an Oregon Democrat, will introduce a bill that would reverse a court procedure rules change, approved by the U.S. Supreme Court last month, that would allow lower judges to issue remote hacking warrants.

The rules change, requested by the Department of Justice, expands the geographical reach of police hacking powers beyond local court jurisdictions now allowed through court-ordered warrants. Previously, the Federal Rules of Criminal Procedure prohibited a federal judge from issuing a search warrant outside his or her district.

To read this article in full or to leave a comment, please click here

Continue reading »