Author: jennifer

Last week’s news that Google’s Street View cars collected the content of messages flowing over open wireless networks while mapping the location of those access points is a privacy wake-up call to the company and wireless users alike.

Google had previously represented that it did not collect or store what it calls “payload data” and what EFF and the law call communications “content” — the actual information that was being transmitted by users over the unprotected networks. But on Friday the company admitted that its audit of the software deployed in the Street View cars revealed that the devices actually had been inadvertently collecting content transmitted over non-password protected Wi-Fi networks. To its credit, Google publicly admitted the error.

There’s no reason to doubt Google’s claim of mistake, but at this point in their growth and sophistication, Google should not be making these kinds of privacy errors. Google programmers wrote the Street View Wi-Fi access mapping code and Google employees used that code to collect about 600 gigabytes of extra data. Someone at the company should also have ensured that the code, both as written and in practice was (1) collecting only the data necessary for the project, (2) collecting only the data that Google represented that it was collecting, and (3) otherwise in compliance with the law.

Google is too mature to be making these kinds of rookie privacy mistakes. When you are in the business of collecting and monetizing other people’s personal data — as Google and so many other internet businesses are — clear standards and comprehensive auditing are essential to protect against improper collection, use or leakage of private information. Google’s failure to make enforceable promises to implement such safeguards is one of the reasons for EFF’s opposition to the Google Books settlement.

Following this unfortunate privacy breach, Google will likely have to face European and U.S. regulators as well as the inevitable lawsuits. Notably, Google’s potential liability under U.S. law is not clear. Penalties for wiretapping electronic communications in the federal Electronic Communications Privacy Act (ECPA) only apply to intentional acts of interception, yet Google claims it collected the content by accident. Further, the scope of legal protections for unencrypted wireless communications are uncertain. There is an exception to ECPA’s general prohibition on content interception when the intercepted communications are “readily accessible to the general public.” This exception was not written with Wi-Fi in mind and the courts have not yet directly grappled with the issue, but Google may assert that unencrypted Wi-Fi signals fit that exception.

Open Wi-Fi is a great public service, but users must take the initiative if they care about the confidentiality of information traveling over their open wireless networks. With legal protections unclear, the only privacy safeguards are technological. If you want any security, you need to encrypt your packets.

As for the Street View debacle, the first priority should be to secure the private information that was already improperly collected. Google has set forth a solid plan to accomplish this: it commissioned an independent third party to review the software at issue, confirm that Google segregated the data and made it inaccessible, and to figure out how to prevent these problems in the future.

Google must eventually destroy the data, though it will have to wait for approval from relevant regulators investigating the incident and from courts in which lawsuits are pending. If access to the communications is necessary for civil or criminal investigations or for discovery in a lawsuit, then care must be taken to protect user privacy in the meantime. In particular, calls from some quarters for Google to simply turn over the data to the U.S. or other governments are wrong-headed. To allow a government to investigate a privacy breach by further violating privacy is senseless.

The second priority should be for Google, and everyone else in the data collection business, to closely examine their data collection practices to ensure that they are actually doing what they have promised. In addition, companies should re-evaluate their data retention policies. While not directly related to the Wi-Fi gaffe, Google’s long-term retention of search data creates an unnecessary risk to users that the data will be disclosed, as Jules Polonetsky of the Future of Privacy Forum recently pointed out:

Yahoo has been able to implement a three-month retention period for its search and ad-serving log data without any impact on the quality of search results or ad-serving capabilities. Why can’t other companies follow Yahoo’s lead? The Article 29 Working Group of European regulators have advised that six months is the maximum time period for search data retention in their jurisdiction, and Microsoft has already started deleting full IP addresses from their search logs after six months.

In contrast to Yahoo and Microsoft, Google only partially anonymizes the IP addresses linked to your search queries at nine months, rather than at three or six months, and never completely deletes them. Yet, as the clear market leader when it comes to search, Google should have the best privacy practices in the business. With great success comes great responsibility. Google isn’t a little start-up anymore. Even when it doesn’t make mistakes, it regularly handles personal, intimate information from billions of people around the world. It’s time for Google to lead the way in responsible data collection and retention practices.

In yesterday’s post, we asserted that the REACT high tech task force search of Gizmodo editor Jason Chen’s home and seizure of his computers and other property as part of their investigation of that blog’s reporting on the iPhone 4G prototype was almost certainly illegal. That claim caused some to question whether the California shield law and the federal Privacy Protection Act (PPA) apply if the reporter himself is suspected of criminal activity.

Both statutory provisions likely apply here, and for good reason. The First Amendment does not excuse illegal activities, but it certainly provides safeguards to ensure that free speech interests are not trampled along the way.

Regarding the PPA, as we said in our original post, “[t]he PPA includes an exception for searches targeting criminal suspects (which Chen may or may not be), but that exception does not apply ‘if the offense to which the materials relate consists of the receipt, possession, communication, or withholding of such materials or the information contained therein.’” If Chen’s property was seized under the theory that he or Gizmodo might be guilty of, say, receiving stolen property for taking possession of the iPhone about which the blog reported, even if he had reason to believe that it was stolen, then the seizure likely violated Chen’s PPA rights because the alleged crime would be one covered by the federal statute.

The California law is more stark. Penal Code section 1524(g) says sets forth that “no warrants shall issue” for unpublished “notes, outtakes, photographs, tapes or other data of whatever sort” if that information was “obtained or prepared in gathering, receiving or processing of information for communication to the public.” There is no statutory exception for cases in which the journalist is the one under investigation. If the California legislature intended such an exemption, it could easily have included one, as it did in another part of the same Penal Code section 1524, subdivision (c), which prohibits search warrants targeting physicians, psychotherapists, and members of the clergy, with an explicit exception if they are “reasonably suspected of engaging or having engaged in criminal activity related to the documentary evidence for which a warrant is requested.” (For a review of the respective histories of Penal Code subsections 1524(c) and (g), see PSC Geothermal Services Co. v. Superior Court, 25 Cal. App. 4th 1697, 1705 (Cal. Ct. App. 1994).)

Notwithstanding the clear language of the statute, some observers have pointed to the case of Rosato v. Superior Court, 51 Cal.App.3d 190 (1975), arguing that it stands for the proposition that California’s state shield law “wouldn’t apply to subpoenas or searches for evidence of such criminal activity.” The Rosato decision, however, addresses whether a constitutional right (in that case the right to receive a fair trial) could trump the Evidence Code under certain circumstances. One problem with relying on Rosato is that the reporter’s privilege is now a constitutional and not merely a statutory right, having been overwhelmingly approved by voters in 1980 (after the Rosato decision). See, e.g., Liggett v. Superior Court (Gregerson), 260 Cal. Rptr. 161 (Cal. App. Ct. 1989) (“The purpose of adding the shield law to the Constitution was ostensibly to trump the reasoning of Rosato and Farr and to further insulate the shield law from judicial tampering.”) (vacated on other grounds). If the reporter’s privilege is to give way to a competing right, that right must be constitutional in nature, as the California Supreme Court noted in Miller v. Superior Court, 21 Cal. 4th 883, 898 (Cal. 1999):

[T]here is nothing illogical in interpreting “the people[‘s] … right to due process” not to include the right to compel the press through the sanctions of contempt-incarceration and substantial fines-to supply unpublished information obtained in the newsgathering process. The fact that the assertion of this immunity might lead to the inability of the prosecution to gain access to all the evidence it desires does not mean that a prosecutor’s right to due process is violated, any more than the assertion of established evidentiary privileges against the prosecution would be a violation.

A bigger problem is that Rosato had nothing to say about the warrant restrictions Penal Code section 1524(g) sets forth to ensure that police investigations involving reporters do not disturb the confidentiality of sources or other unpublished information.

Protections for journalists implicate not only the journalist’s right to speak but also the public’s interest in obtaining information. That is why the First Amendment protects reporters who publish truthful information, even when it was illegally gathered. See, e.g., Bartnicki v. Vopper, 532 U.S. 514, 527-28, 533-35 (2001) (First Amendment barred imposition of civil damages under wiretapping law for publishing contents of conversation relevant to matter of public concern); Smith v. Daily Mail Pub. Co., 443 U.S. 97 (1979) (First Amendment barred prosecution under state statute for publishing name of a juvenile defendant). These protections apply even when the reporter has arguably stolen commercial trade secrets or otherwise violated the law. See, e.g., Proctor & Gamble Co. v. Bankers Trust Co., 78 F.3d 219 (6th Cir. 1996) (overturning an injunction preventing Business Week from publishing information about a court case even though the District Court had found that the magazine had “knowingly violated the protective order” by obtaining the documents that necessarily reflected “trade secrets or other confidential research, development or commercial information….”); CBS Inc v. Davis, 510 U.S. 1315 (1994) (permitting broadcast of footage of a meat-packing operations obtained through “calculated misdeeds.”).

To be sure, if Gizmodo or Chen did break the law, the First Amendment will likely not affect their potential civil or criminal liability. (The police have as of yet not identified what crime was allegedly committed, who allegedly committed that crime, and what evidence supports such an allegation.) But even in instances in which a reporter may have violated the law, and could be subject to criminal or civil liability for that violation, the First Amendment still applies, as do the procedural safeguards in California law and the federal PPA. Simply put, while a court may conclude that under particular facts and circumstances that a reporter must divulge sources or unpublished materials, or that he is liable for his misdeeds, police may not decide on their own to ignore free speech protections for journalists merely by claiming that the reporter may have committed a crime.

ACLU National, ACLU of Wisconsin, and EFF have filed an amicus brief in the Wisconsin Supreme Court arguing that the law of that state prohibits police from installing a GPS device on you or your car without first getting a warrant from a judge. A growing number of state high courts have decided that their citizens should be protected from suspicionless GPS tracking, recognizing that uninterrupted around-the-clock surveillance is qualitatively different from ordinary police observations of a suspect. In the Wisconsin case, People v. Sveum, we ask the court to follow the example of Washington, New York, and Massachusetts and find that GPS tracking is a search that requires a warrant. EFF participated as amicus in the New York case, People v. Weaver, and is awaiting a decision under the federal Constitution in U.S. v. Jones, a GPS tracking case pending in the Court of Appeals for the District of Columbia. As more and more states find that their residents have a reasonable expectation that they will not be digitally tracked with surreptitiously installed devices, the federal courts must take note. The Fourth Amendment protects legitimate expectations of privacy.

EFF is also actively litigating several location privacy cases involving government use of cell phone tower information to track the location of mobile handsets. These cases involve the same creepy surreptitious pervasive electronic tracking as GPS tracking, but somewhat different legal issues in part because a complex statutory scheme protects data generated by cell phones. We recently argued one such case in the Third Circuit Court of Appeals. For an in depth analysis of the legal issues in that cell tracking case, see our amicus brief.

For more information, see: State v. Jackson, 150 Wash. 2d 251, 76 P.3d 217 (2003) (installation of a GPS tracking device on defendant’s car required a warrant), People v. Weaver, 12 N.Y.3d 433, 909 N.E.2d 1195 (2009) (same), and Commonwealth v. Connolly, 454 Mass. 808, 913 N.E.2d 356 (2009) (installation and monitoring of a GPS tracking device on defendant’s minivan was a seizure).

EFF has long fought for the privacy of your laptop and other digital devices at the border. U.S. Customs and Border Protection has implemented program that authorizes searches of the contents of travelers’ laptop computers and other electronic storage devices at border crossings, notwithstanding the absence of probable cause, reasonable suspicion or any indicia of wrongdoing.

In U.S. v. Arnold we fought for a requirement that customs agents have some reason before searching your computer and in our FOIA work on border searches, we have pushed the government to reveal its policies and practices in this area.

Now, another civil rights group, the National Association of Criminal Defense Lawyers is seeking potential plaintiffs for a lawsuit challenging suspicionless laptop searches. As a first step in this effort, NACDL is seeking to identify defense lawyers who have had their laptops searched at the border and are willing to serve as individual plaintiffs. In order to demonstrate the effect of this policy on members of the criminal defense bar and to support the constitutional challenge, NACDL plans to assemble a group of individual plaintiffs who will develop affidavits describing the harm they suffer by having their electronic information exposed to government officials.

This lawsuit will not seek monetary damages for individuals who have been searched; instead, it will focus exclusively on fixing the unconstitutional policy. Participating members will be represented at no charge by NACDL and ACLU attorneys.

EFF supports the NACDL and ACLU’s joint effort. To determine whether you may qualify as a plaintiff, please consider the following:

1. Have you ever had your laptop, cell phone or camera searched when entering or exiting the U.S.?
2. Have you ever had the contents of your laptop, cell phone or camera copied when entering or exiting the U.S.?
3. Have you ever had your laptop, cell phone or camera seized when entering or exiting the U.S.?
4. If you are employed by someone else, does your employer have a policy about traveling internationally with laptops, cell phones or cameras?
5. Do you avoid carrying confidential business or personal information on your laptop, cell phone or camera due to the suspicion-less search policy?

If you answered ‘yes’ to any of these questions, and might be interested in joining the NACDL suit, please contact Michael Price, NACDL’s National Security Coordinator, at (202) 872-8600 x258 or [email protected].

Following a hearing in the San Francisco Superior Court today, DJs and party guests Justin Credible and Matthew Higgins had their illegally seized laptops returned to them. This is great news, and a real relief to the pair who have been without their machines for over a month. It started on Halloween, when San Francisco police officers broke up a private party and took the computers — even though neither laptop was being used to play music. The police department attorney conceded at today’s hearing that no charges would ever be filed against Credible or Higgins, which was clear from the very beginning.

San Francisco law currently requires after-hours parties with live DJs to get a permit, and failure of those throwing the party to do so can be punished as a misdemeanor. But DJing an unpermitted party is not a crime, and certainly not one for which one’s laptop could be forfeited and held. EFF brought witnesses from the Halloween party and other events to testify that what happened to our clients was part of a pattern of illegal police practices, including rifling through purses and backpacks to find and seize laptops by people who were not even DJing. Both the SF Guardian and the SF Weekly have covered the story. The Court said EFF’s offer to prove that the laptop seizures were both illegal and for the improper purpose of punishing after-hours party guests should be heard by another judge at a later time.

Side A of our efforts: accomplished. Stay tuned for Side B of our effort to protect the privacy of San Franciscans’ laptops.