Collaborate Disseminate
Nathan Van Buren was a police officer in rural Georgia. As such, he had lawful access to both the National Crime Information Computer (NCIC) and the Georgia Crime Information Center (GCIC) with the understanding that he could use the computer for “law… Continue reading Supreme Court Limits Scope of Computer Crime Law
For more than 30 years, the federal computer hacking statute has been used by companies to sue employees (and former employees), competitors and even customers and users who violate their rules on the use of computers, computer databases and data glea… Continue reading Supreme Court To Decide Scope of Federal Hacking Law
In order to get into court – particularly federal court – a party has to demonstrate that they have “standing” to sue — that is, that they have personally suffered some kind of concrete and demonstrable harm as a result of someone el… Continue reading When are Privacy Violations Sufficient to Sue?
The fourth quarter of 2020 has seen some significant legal developments when it comes to digital evidence. In this issue (which also happens to be the anniversary of the inaugural Forensic Focus Legal Update), we highlight:
Search warrant reform &he… Continue reading Forensic Focus Legal Update December 2020: Refining Search & Seizure; New Laws & Guidance
Several U.S. Supreme Court justices, including some of President Donald Trump’s appointees, skeptically questioned a broad interpretation of the main federal anti-hacking law during oral arguments Monday. The hearing represented one of the final steps in the biggest case to come before the nation’s highest court involving the Computer Fraud and Abuse Act (CFAA), written in the 1980s. The case centers on when an individual “exceeds authorized access” to a computer, as defined by that law. The law has long held a contentious place in the cybersecurity world, where it’s viewed as hopelessly vague, outdated and overly punitive. One CFAA prosecution that drew particular criticism was that of Aaron Swartz, an internet activist who took his own life before he was scheduled to stand trial for allegedly downloading articles from an academic database, in a case where he faced decades in prison if convicted. The case now before the Supreme Court involves defendant Nathan […]
The post Supreme Court considers scope of federal anti-hacking law in biggest cyber case to date appeared first on CyberScoop.
A group of high-profile cybersecurity specialists doesn’t want mobile voting firm Voatz to have the last word before the Supreme Court takes up a case with major implications for computer research. The security practitioners, including computer scientists and vulnerability disclosure experts, on Monday criticized Voatz’s argument that a federal anti-hacking law should only authorize researchers with clear permission to probe computer systems for vulnerabilities. An amicus brief filed by Voatz earlier this month, the security specialists charged, “fundamentally misrepresents widely accepted practices in security research and vulnerability disclosure.” At issue is the Computer Fraud and Abuse Act (CFAA), a more than 30-year-old law that legal experts say could be abused to target good-faith researchers who break systems while trying to them more secure. The Supreme Court is set to consider whether corporate terms of service can be considered an inviolable boundary under the CFAA when it resumes in October. Legal experts and technologists see the […]
The post Security researchers slam Voatz brief to the Supreme Court on anti-hacking law appeared first on CyberScoop.
Continue reading Security researchers slam Voatz brief to the Supreme Court on anti-hacking law
If the mobile voting firm Voatz actually is interested in working with security researchers who can examine their technology, the company sure has an odd way of showing it. Massachusetts-based Voatz on Thursday filed an amicus brief to the Supreme Court, arguing that only security researchers with clear permission should be authorized to probe systems for vulnerabilities. The filing came as part of a Supreme Court case in which justices are poised to reconsider the Computer Fraud and Abuse Act, a 1986 federal law that prohibits access to computers without the owner’s consent. Researchers have said the anti-hacking law is overly vague, and could criminalize activities ranging from innocuous internet habits, like sharing passwords, to important anti-discrimination research. A group of law scholars previously asked the court to allow ethical security tests. Voatz, which advertises an internet-based voting platform in a market dominated by more established voting machine manufacturers, has […]
The post Voatz urges Supreme Court to not protect ethical research from prosecution appeared first on CyberScoop.
Continue reading Voatz urges Supreme Court to not protect ethical research from prosecution
As the Supreme Court prepares to consider a controversial federal anti-hacking law, a group of prominent cybersecurity researchers and legal advocates is pleading with the court not to criminalize digital research in the public interest. In a brief filed with the court Wednesday led by digital rights group Electronic Frontier Foundation, the researchers warned that if violations of a company’s “terms of service” are deemed to be illegal, it risks chilling important research into voting systems, medical devices and other key equipment. “Despite widespread agreement about the importance of this work—including by the government itself— researchers face legal threat for engaging in socially beneficial security testing,” wrote the EFF, the nonprofit Center for Democracy & Technology, and cybersecurity companies Bugcrowd, Rapid7, SCYTHE and Tenable. Famous security researchers like Peiter “Mudge” Zatko and Chris Wysopal, who warned Congress of the internet’s insecurities in the 1990s as members of the L0pht hacking collective, […]
The post Researchers to Supreme Court: Terms of service violations shouldn’t be CFAA crime appeared first on CyberScoop.
Continue reading Researchers to Supreme Court: Terms of service violations shouldn’t be CFAA crime
The future of a long-controversial federal law could come down to how the U.S. Supreme Court interprets the way that a local police officer looked up information on an exotic dancer in a law enforcement database. The Supreme Court indicated on Monday it will hear a case involving the U.S. Computer Fraud and Abuse Act, a piece of legislation instituted in 1986 that internet freedom advocates have described as “the worst law in technology.” The CFAA makes it illegal for computer users to access another computer or exceed authorized access without authorization. Technologists and attorneys have argued that the law is so vaguely-worded that it could open well-intentioned security researchers up to prosecution for doing their job, or criminalize the use of work computers for personal purposes. In the best known case, internet pioneer Aaron Swartz took his own life before standing trial for allegedly downloading articles from a database […]
The post The CFAA will soon have its day before the Supreme Court appeared first on CyberScoop.
Continue reading The CFAA will soon have its day before the Supreme Court
If the government wants to track your location for hours, days, weeks, months or even years, it has various tools at its disposal: It can commit the resources of teams of detectives to follow you around. It can install a beeper tracker into some devic… Continue reading Supreme Court Cell Privacy Ruling Thwarted