Internet & Online Privacy - Legal Technology - Technologist
Technologist - The FindLaw Legal Technology Blog

Recently in Internet & Online Privacy Category

This is not your traditional summer camp. There are no ghost stories around the fire, no hiking through the woods, no macrame. Instead, the middle and high school students attending the NSA's summer camp learn how to decrypt passwords, exploit network security flaws, and build robots.

That's right, the NSA has a summer camp -- and it's turning America's youth into an army of hackers. What could go wrong?

Hackers have stolen the personal information of millions of users of Ashley Madison, the dating website for married people looking to have an affair. The hackers, who call themselves The Impact Team, are demanding that the website shut down -- or else they'll release the stolen customer data, including real names and addresses, revealing the identity of millions of potential adulterers.

Is nothing sacred anymore?

The Office of Personel Management announced last week that it had been hacked -- hard. The OPM is essentially the human resources department for the entire federal government, which just happens to be the largest employer in the nation. The personal information of over 22 million people, or almost seven percent of the entire U.S. population, was stolen.

The information stolen included almost 20 million background investigation forms, over 1 million fingerprint records, and thousands of confidential security clearance dossiers. The fallout from the OPM hack promises to last for years, threatening the federal government, individuals, and even national security.

Recognizing the connection between national security and cybersecurity, China is proposing strong new cybersecurity laws. China is often accused of waging cyberattacks on other governments, including the recent hacking of the Office of Personnel Management's database which effected the information of 22.1 million Americans. But, the country says it is also a frequent victim of "cyberwarfare," and its new laws seek to beef up the nation's defenses.

As an added bonus, the new laws will also give the Chinese government increased control over its citizens' Internet use.

The Cloud is the future, we're told -- over and over. There's a good reason. Cloud computing, which uses remote servers to store, manage and process data, promises to offer affordability, scalability, and reduced costs.

But the cloud is a nebulous place, both legally and technologically. When sensitive data, stored on the cloud, gets hacked, who can be liable for the breach?

Uber has had a rough go of it recently. Two weeks ago, the California Labor Commission ruled that at least one driver was an Uber employee, not the independent contractor Uber had claimed. Last week, taxi drivers in Paris, where Uber is largely illegal, staged violent protests against the company, followed quickly by the arrest of Uber executives. The latest thorn in the ride-hailing app's side? Perhaps the Federal Trade Commission.

The Electronic Privacy Information Center filed a formal legal complaint with the FTC, alleging that Uber's updated business practices and privacy policy violate consumer's privacy. EPIC is asking the FTC to investigate Uber for unfair and deceptive trade practices and to enjoin the implementation of the company's new policy.

The FCC's net neutrality rules go into effect this Friday, June 12th. The FCC's net neutrality rules prohibit three main practices: blocking, throttling, and paid prioritization. The goal is to provide an "open Internet" where all content is treated equally by internet service providers.

Telecom companies are scrambling to get their ducks in a row and settle disputes that could end up before the FCC. But, as the rules get ready to go into effect, some roadblocks remain.

In the age of instant messaging, the longest thing you may read in a day is the text of the "Terms of Service" for some new software or web service. Oh, wait, I forgot: no one actually reads those.

It's a frightening thought that even lawyers don't read boilerplate contracts. The general consensus seems to be: even if I did read the terms of service for any given site or application, I would still sign up anyway. So, what's the point?

Remember all those Internet privacy class action lawsuits that once made headlines? You don't hear much about them these days. The privacy class action first took off 15 years ago, booming in the late aughts. Many were often filed in the Northern District of California, home to Silicon Valley and tech companies such as Apple, Facebook, and Google. But a review by The Recorder shows that privacy litigation in N.D. Cal. has dried up faster than the state's water reserves.

Indeed, only one privacy lawsuit has been filed against the big S.V. tech companies in 2015. Where have all the lawsuits gone?

San Bernardino Sheriff Used Stingray 300 Times: Ars Technica

The Stingray, you'll recall from our many stories about it, is one of our favorite bits of nefarious surveillance technology. Many of the details about the device are kept secret, but we do know that it tricks nearby cell phones into thinking it's a cell tower, and when the phones connect to it, the Stingray intercepts all the data the phone sends.

Ars Technica reported earlier this week on another wrinkle in the ongoing saga of the Stingray: A law enforcement agency in California has used it over 300 times in the last year, thanks to questionable warrant applications.