Why wait two weeks? The phones are likely not
important to the investigation?
Authorities
serve Apple a warrant for Texas shooter’s iPhone
Two weeks ago today, 26 people were killed
by a gunman at First Baptist Church in Sutherland Springs, Texas.
Two phones were discovered at the scene: older push-button LG and
what local news described
as a “blood spattered” Apple iPhone SE. Now local law
enforcement has
served Apple with a search warrant in order to retrieve
information from the smartphone.
… The Tuesday following the murders, the FBI
held a press conference noting the existence of one of two phones,
without revealing the make, as it didn’t want to “tell every bad
guy out there what phone to buy.”
As reported
by The Washington Post, the mystery handset was indeed an
iPhone. Apple reached out to law enforcement after the press
conference, offering
technical assistance in getting onto the device. The company, it
seems, could have provided help early on, without much legal
wrangling or more software controversial backdoors.
I think this is a really bad idea unless you are
highly trained and have some good lawyers on staff. On the other
hand, it would open things up for my Ethical Hackers…
Hacking
Back in Black: Legal and Policy Concerns with the Updated Active
Cyber Defense Certainty Act
For years now, there has been a discussion
surrounding the feasibility of active cyber defense, and allowing
private entities or individuals to “hack back” against hostile
cyber activity, but there has not been a major push in Congress to
explicitly authorize such activity, or to propose changes or
exceptions under the current legal and statutory framework that would
enable it. But a proposal by Representatives Tom Graves (R-GA),
Kyrsten Sinema (D-AZ), titled the Active Cyber Defense Certainty Act
(ACDC) (H.R.
4036), is starting to change the conversation. The new draft
legislation provides an exception to liability under the Computer
Fraud and Abuse Act (CFAA) and, in essence, would authorize
individuals or organizations to go into networks outside of their own
to gather intelligence on hackers for attributional purposes. To
date, the proposal has undergone at least three rounds of public
scrutiny, after which, to the great credit of Graves’ office, the
draft language has been updated, and it now takes into account some
legitimate concerns and criticisms. Some of these critiques should
be examined carefully, from both a policy and legal perspective, as
the bill makes its way through committee.
It’s about time! (Welcome to the 1980s?)
Rising to
the risk: Cybersecurity top concern of corporate counsel
“Risk management is not just a compliance
exercise but an opportunity
to gain a competitive advantage. More than ever, legal
departments are playing a significant role in managing risk and
monitoring its effectiveness, especially in the critical area of
cybersecurity. Grant Thornton and Corporate Counsel
magazine recently surveyed over 190 corporate general counsel to
assess their views on the keys to business growth. The topics ranged
from regulatory risk management and risk assessments to cybersecurity
and data analytics. Below are a sampling of insights from Grant
Thornton’s 2017 Corporate General Counsel Survey:
-
58% of legal departments are highly involved in responding to data security risks; nearly a quarter have primary responsibility for the issue
-
Less than a quarter of counsel are very satisfied with their organizaton’s risk assessment
-
Nearly three-quarters of legal departments cite cyber issues as a top risk.
-
Of those very concerned about data security, only about a third feel adequately prepared
As a result of increasing risk concerns, the role
of the corporate general counsel continues to evolve to include new,
important areas of focus and responsibilities. While maintaining a
firm handle on the traditional functions of the legal department, the
survey reveals that their role is increasingly concerned with
regulation and compliance, as well as data privacy and related
cybersecurity issues.”
Apparently, Congress needs a lot more “education”
than we thought?
... Executives from Facebook, Google and Twitter
testified before lawmakers this month about Russian actors using
their platforms to influence the vote and tried to reassure them they
were taking steps to address the issue.
But lawmakers left the hearings frustrated and say
they want more details from the companies and concrete steps to
prevent interference in the future. Congress is also considering
legislation to toughen disclosure rules for online advertisements.
That threat of tougher regulation has tech firms
scrambling.
A business model for those who are first to
automate what they do well? (As long as we have to do it, can we
sell it?)
The newspaper
created a platform to tackle its own challenges. Then, with
Amazon-like spirit, it realized there was a business in helping other
publishers do the same.
… Since 2014, a new Post operation now called
Arc Publishing has offered the publishing system the company
originally used for WashingtonPost.com
as a service. That allows other news organizations to use the Post’s
tools for writers and editors. Arc also shoulders the responsibility
of ensuring that readers get a snappy, reliable experience when they
visit a site on a PC or mobile device. It’s like a high-end
version of Squarespace
or WordPress.com,
tailored to solve the content problems of a particular industry.
How can I stay
anti-social?
New on LLRX
– The Use and Abuse of Social Media in the Post-Truth Era
Via LLRX
– The
Use and Abuse of Social Media in the Post-Truth Era – Law
librarian and adjunct professor Paul
Gatz provides important guidance on social media
discourse and information literacy that is especially timely and
instructive as we are experiencing an escalating wave of highly
questionable news and data through sites such as Facebook.
No comments:
Post a Comment