Alexander Berengaut

Subscribe to all posts by Alexander Berengaut

Coercive and Non-Coercive Surveillance Authorities

When the U.S. government conducts electronic surveillance, there are a variety of legal authorities on which it relies.  The Wiretap Act, for example, authorizes the government to conduct live telephone wiretaps in certain criminal investigations; for electronic data, the Act also permits the government to acquire electronic communications in real time.  The Stored Communications Act … Continue Reading

Department of Justice Releases White Paper on CLOUD Act

On Wednesday, the U.S. Department of Justice released a white paper and FAQ on the Clarifying Lawful Overseas Use of Data (“CLOUD”) Act, which was enacted in March 2018 and creates a new framework for government access to data held by technology companies worldwide.  The paper, titled “Promoting Public Safety, Privacy, and the Rule of … Continue Reading

Reaching for the CLOUD

This article originally appeared in Global Data Review on March 29, 2019 Last year, the US passed legislation expanding the geographic reach of certain legal process, including search warrants, issued to technology providers seeking customer data. Under the Clarifying Lawful Overseas Use of Data (CLOUD) Act, warrants issued by US courts can force certain types … Continue Reading

Litigation Options For Post-Cyberattack ‘Active Defense’

[This article also was published in Law360.] In March 2017, Rep. Tom Graves, R-Ga., introduced a draft bill titled the Active Cyber Defense Certainty Act. The bill would amend the Computer Fraud and Abuse Act to enable victims of cyberattacks to employ “limited defensive measures that exceed the boundaries of one’s network in order to … Continue Reading

Covington Webinar: Examining the CLOUD Act

Covington’s Alex Berengaut and Kate Goodloe today hosted a webinar on the Clarifying Lawful Overseas Use of Data (“CLOUD”) Act.  The CLOUD Act was signed into law in March and creates a new framework for government access to data held by technology companies worldwide.  The webinar, hosted with DataGuidance, is available here.  The webinar expands … Continue Reading

Supreme Court’s Carpenter Decision Requires Warrant for Cell Phone Location Data

In a decision that defines how the Fourth Amendment applies to information collected in the digital age, the Supreme Court today held that police must use a warrant to obtain from a cell phone company records that detail the location and movements of a cell phone user.  The opinion in Carpenter v. United States limits … Continue Reading

Government’s Response to Malware Defendant’s Constitutional Challenge Falls Short

Last summer, Marcus Hutchins, the security researcher who stopped the “WannaCry” malware attack, was arrested and charged for his role in allegedly creating and conspiring to sell a different piece of malware, known as Kronos.  As we have previously discussed on this blog, however, the indictment was notable for its lack of allegations connecting Hutchins … Continue Reading

Malware Defendant Raises Constitutional Challenge to Indictment

Last August, the Department of Justice arrested and indicted Marcus Hutchins, the security researcher who accidentally discovered the “kill switch” that stopped the “WannaCry” malware attack.  Hutchins was not charged for anything to do with WannaCry, but rather for creating and conspiring to sell a different piece of malware, the “Kronos Banking trojan.”  Apart from … Continue Reading

CLOUD Act Creates New Framework for Cross-Border Data Access

On March 23, 2018, Congress passed, and President Trump signed into law, the Clarifying Lawful Overseas Use of Data (“CLOUD”) Act, which creates a new framework for government access to data held by technology companies worldwide. The CLOUD Act, enacted as part of the Consolidated Appropriations Act, has two components. Part I:  Extraterritorial Reach of … Continue Reading
LexBlog