Department of Justice

The Department of Justice has released a draft bill to amend Section 230 of the Communications Decency Act of 1996, joining the chorus of voices seeking to limit the statute’s liability protections (covered here, here, here, and here).  The DOJ’s draft bill incorporates recommendations from its June 2020 report analyzing Section 230, as well as President Trump’s Executive Order on Preventing Online Censorship.  According to Attorney General William Barr, DOJ’s proposal “recalibrates Section 230 immunity,” aiming to “incentivize online platforms to better address criminal content on their services and to be more transparent and accountable when removing lawful speech.”
Continue Reading DOJ Proposes Legislation to Limit Section 230 Immunity

In a speech delivered at the United States Naval Academy on October 10, Deputy Attorney General Rod Rosenstein waded into the public debate between data privacy and law enforcement interests.  As part of a discussion moderated by former Covington cybersecurity attorney Jeff Kosseff, Rosenstein’s remarks discussed cyber issues facing law enforcement with a particular focus on the advent of “warrant-proof” encryption.  In his view, warrant-proof encrypted data and devices are unable to be intercepted or unlocked by law enforcement, even with a court order.

Noting that “[p]rivate sector entities are crucial partners” in the fight against cyber threats, Rosenstein expressed concerns about the role played by tech companies in advancing warrant-proof encryption.  While recognizing the need to balance important privacy interests against law enforcement priorities, Rosenstein argued that “[w]arrant-proof encryption defeats the constitutional balance by elevating privacy above public safety.”  He emphasized the threat posed to public safety when technology developers deprive law enforcement of “crucial investigative tools.”  Rosenstein advocated for “responsible encryption,” recognizing that this approach would not be one-size-fits-all and that solutions would likely look different depending on the company and technology at issue. 
Continue Reading Deputy Attorney General Rod Rosenstein Warns Against Warrant-Proof Encryption

Last week, the U.S. Department of Justice (“DOJ”) released a voluntary framework for organizations to use in the development of a formal program to receive reports of network, software, and system vulnerabilities, and to disclose vulnerabilities identified in other organizations’ environments.  This framework provides private entities a series of steps
Continue Reading Department of Justice Releases Guidance for Vulnerability Disclosure Programs

In an interview with Politico (link requires a subscription), EU Justice Commissioner Věra Jourová, one of the principal architects of the EU-U.S. Privacy Shield, indicated that she plans to visit the U.S. once the Trump Administration is in place to assess the state of the new administration’s commitment to the Privacy Shield.  In the interview, Jourová indicated that she would seek to ensure that the U.S. maintains a “culture of privacy” under the new administration, and that the U.S. government would continue to adhere to its commitments with regard to U.S. law enforcement and surveillance activities that were included within the Privacy Shield framework.

The Privacy Shield was based in part on a series of letters published by various Obama Administration officials relating to oversight and enforcement of the Privacy Shield Principles by the U.S. government.  These letters were included as annexes to the Commission Implementing Decision that forms the legal basis for the Privacy Shield in the EU, and are posted to the U.S. Department of Commerce’s Privacy Shield website.  They include a letter from the Department of State to Commissioner Jourová describing the new Privacy Shield Ombudsperson designated to field inquiries from the EU regarding U.S. signals intelligence practices, and letters from the Office of the Director of National Intelligence (Letter 1; Letter 2) and the Department of Justice describing safeguards and limitations applicable to U.S. national security authorities and law enforcement authorities, respectively.
Continue Reading EU Commissioner Plans to Assess U.S. Privacy Shield Commitments

As protests have continued across the nation in the wake of back-to-back decisions by grand juries in Missouri and New York not to indict white police officers for their involvement in the deaths of unarmed black citizens, civil rights advocates, along with state leaders and the federal government, are exploring measures to better relationships between law enforcement and communities of color.  Just last week, the Department of Justice released a revised version of its Guidance Regarding the Use of Race by Federal Law Enforcement Agencies.  Yesterday afternoon, President Obama signed an Executive Order to create the Task Force on 21st Century Policing, and following the Michael Brown jury decision, the President proposed a three-year $263 million investment package to increase, among other things, the use of body-worn cameras.

In light of the events leading to Eric Garner’s death, however, which were captured by mobile video in their entirety, there has been skepticism about the efficacy of body-worn cameras in preventing such fatal interactions with the police and also in providing sufficient evidence to juries.  Privacy advocates, along with police officers, have expressed concern about the new technology as well.  On the one hand, body cameras have greater potential to invade privacy if they are used in homes or to film bystanders, suspects, and victims during what can be volatile and extreme encounters.  On the other hand, cameras could reduce police use of force while protecting officers from false accusations of misconduct.  Moreover, cameras could provide vital data used over time to monitor, measure, and improve departments’ institutional practices.  On balance, video cameras on police officers seem to be a good thing with short- and longer-term benefits, but only if they are deployed within a policy framework that prioritizes citizens’ privacy.
Continue Reading Looking at Police-Community Relations Through the Lens of Body-Worn Cameras

By David Fagan and Sumon Dantiki

Last week the Antitrust Division of the Department of Justice (“DOJ”) issued a business review letter in response to a request by CyberPoint International LLC (“CyberPoint”).   At issue in the request was whether a proposed cyber threat information sharing system among possible competitors (“the TruSTAR platform”) raised antitrust concerns.  Following a review, DOJ announced in the letter that it had no intention of challenging the TruSTAR  platform under antitrust laws.

The TruSTAR letter is significant for multiple reasons.  First, the letter generally reaffirms the joint “Antitrust Policy Statement on Sharing of Cybersecurity Information,” set forth by the DOJ and Federal Trade Commission (FTC) earlier this year on April 10.  In fact, in a press release accompanying the TruSTAR letter, the DOJ cited to the Policy Statement to emphasize that the “antitrust laws are not an impediment to legitimate private-sector initiatives to share specific information about cyber incidents and mitigation techniques.”Continue Reading Department of Justice Clears Cybersecurity Information Sharing Platform

Tomorrow, the Senate Judiciary Subcommittee on Privacy, Technology and the Law will hold a hearing on legislation reintroduced in March by Senator Al Franken (D-MN), the Location Privacy Protection Act of 2014.  The bill would regulate the development, operation, and sale of “stalking apps” and also would require companies

Continue Reading Senate Judiciary Subcommittee To Examine “Stalking Apps”

A group of senators announced on Wednesday that they would renew their push for federal legislation to limit the ability of federal authorities to compel journalists to reveal information about or obtained from confidential sources, after the U.S. Department of Justice announced it would tighten its own standards for when to seek such information.

The bill, the Free Flow of Information Act of 2013, is an updated version of a reporters’ shield bill that was considered in 2009. Sen. Charles Schumer (D-NY) reintroduced the bill in mid-May of this year, co-sponsored by Sen. Lindsey Graham (R-SC). The Obama administration asked Schumer to reintroduce the bill after the U.S. Justice Department disclosed that it had obtained call records for more than 20 telephone extensions of Associated Press journalists.

The bill generally would prevent federal authorities from compelling journalists to identify confidential sources or reveal information obtained under a promise of confidentiality, unless a court determines that the government has exhausted all reasonable alternative sources of the information and the government’s need for the information outweighs the public interest in the free flow of information.Continue Reading Senators, Justice Department Voice Support for Expanding Journalists’ Protections

On Wednesday, April 6, the Senate Judiciary Committee held a hearing to examine ECPA, the Electronic Communications Privacy Act.  The hearing, which focused on the federal government’s perspective on ECPA reform, followed up on a hearing held last September and Sen. Patrick Leahy’s (D-VT) January 2011 pledge that “[t]he Judiciary

Continue Reading Senate Judiciary Committee Continues ECPA Review

In testimony before a House Judiciary subcommittee on Tuesday, Jason Weinstein (Deputy Assistant Attorney General for the DOJ Criminal Division) emphasized the importance of data retention from internet and cell phone service providers in fighting crime.  He invited Congress to consider legislation that would strengthen data retention standards.  Weinstein offered

Continue Reading Department of Justice Calls for Enhanced Data Retention from Service Providers