“This is ironically one of those areas that doesn’t necessarily fall on ideological lines,” said Jennifer Daskal, a professor at American University Washington College of Law. “This is not a place where it’s obvious what the likely leanings of the next justice are going to be.”
Kennedy’s own leanings on privacy are hard to put in a box. While the court overall in recent years has recognized broader digital privacy rights as technologies have advanced, Kennedy has showed ambivalence about how far those protections should stretch.
In the 2012 case United States v. Jones, he sided with the court’s other justices in finding that law enforcement officers typically need a warrant to track people using GPS devices. And he joined another unanimous opinion in Riley v. California in 2014 declaring warrantless cellphone searches unconstitutional in most cases. Both decisions were hailed by privacy advocates and represented significant expansions of Fourth Amendment protections.
But in other cases, Kennedy bucked majorities on the court that voted to boost privacy rights in the face of increasingly sophisticated surveillance tools. In 2001, he was part of a minority in Kyllo v. United States that argued Fourth Amendment rights didn't apply to when law enforcement used a thermal-imaging device to scan a property in a criminal investigation. And just last week, Kennedy dissented in Carpenter v. United States, a landmark case in which the court’s majority ruled that police generally must get a warrant to access the troves of location information wireless carriers collect on customers.
“Kennedy was mixed in terms of how much he understood, and he grappled with the ways in which the Internet and digital communications change the application of existing doctrine,” Daskal told me.
Whoever takes Kennedy’s place probably will have the opportunity to decide a range of new privacy-related cases, privacy experts said. For example, the high court has yet to rule on whether police need a warrant to access location data from cell towers over short periods of time or comb through records generated by Internet of things devices such as smartwatches. The court is also poised to hear cases involving searches of digital devices at the U.S. border, surveillance from drones and security cameras, and collection of biometric data, experts said.
“There’s definitely space for whoever replaces Kennedy to come in with potentially more knowledge and respect for the impact that technology is having on privacy,” said Amie Stepanovich, U.S. policy manager at the digital rights group Access Now. “There’s going to be a lot of room to do good by the court in the privacy space because we’re only going to see more cases heading in that direction as we see tech tools advance.”
But even if Trump taps someone opposed to expanding privacy rights, it may not be enough in the near term to dramatically alter the court’s general trajectory on digital privacy. On those issues, Kennedy had less power to shift the court than he did on other issues such as abortion rights or same-sex marriage.
“Privacy and surveillance issues were not one of the areas where Justice Kennedy was one of the so-called swing votes,” said Nathan Wessler, a staff attorney with the American Civil Liberties Union’s Speech, Privacy and Technology Project who represented the plaintiffs in the Carpenter case. “I’m not sure that we’ll see an immediate change in the direction of the court’s jurisprudence wherever [Trump’s nominee] falls on the spectrum.”
|You are reading The Cybersecurity 202, our must-read newsletter on cybersecurity policy news.|
|Not a regular subscriber?|
PINGED: The intelligence community's 2017 assessment of Russia's far-reaching efforts to interfere in the U.S. presidential election “is a sound intelligence product,” according to the Senate Intelligence Committee. The committee also said on Tuesday that it agrees with the intelligence community that Russian President Vladimir “Putin and the Russian Government developed a clear preference” for Donald Trump over Hillary Clinton in the 2016 campaign. The panel reviewed conclusions from the CIA, the FBI and the National Security Agency that were presented in January 2017 and released on Tuesday “initial findings” of its review of those agencies' work.
Sen. Richard Burr (R-N.C.), the committee's chairman, said in a statement that the Senate panel “sees no reason to dispute the conclusions” of the intelligence community. “As numerous intelligence and national security officials in the Trump administration have since unanimously re-affirmed, the ICA findings were accurate and on point,” Sen. Mark R. Warner (D-Va.), the committee's vice chairman, said in a statement. “The Russian effort was extensive and sophisticated, and its goals were to undermine public faith in the democratic process, to hurt Secretary Clinton and to help Donald Trump.”
The committee also addressed the difference among the three intelligence agencies in their levels of confidence about the assessment that the Kremlin sought to help elect Trump. According to the Intelligence Community Assessment, the CIA and FBI had “high confidence” in this conclusion while the NSA had “moderate confidence.” The Senate panel said this variation in degrees of confidence “appropriately represents analytic differences and was reached in a professional and transparent manner.” “In all the interviews of those who drafted and prepared the ICA, the Committee heard consistently that analysts were under no politically motivated pressure to reach any conclusions,” the committee said. “All analysts expressed that they were free to debate, object to content, and assess confidence levels, as is normal and proper for the analytic process.”
PATCHED: “Federal prosecutors concluded an 18-month investigation into a former congressional technology staffer on Tuesday by publicly debunking allegations — promoted by conservative media and President Trump — suggesting he was a Pakistani operative who stole government secrets with cover from House Democrats,” The Washington Post's Shawn Boburg and Spencer S. Hsu reported. Trump tweeted last month that the Justice Department should not let Imran Awan “off the hook” and suggested that Awan somehow had something to do with the hacking of the Democratic National Committee, my colleagues wrote.
"Particularly, the Government has found no evidence that your client illegally removed House data from the House network or from House Members’ offices, stole the House Democratic Caucus Server, stole or destroyed House information technology equipment, or improperly accessed or transferred government information, including classified or sensitive information,” federal prosecutors wrote, as quoted by Boburg and Hsu. Awan pleaded guilty to an unrelated charge of making a false statement on an application for a home-equity loan, and prosecutors said they won't advise that he be jailed, according to my colleagues.
PWNED: The Palestinian militant group Hamas carried out a cyber campaign aiming to infiltrate Israel's military by seeking to entice young recruits into downloading mobile apps for dating or following the soccer World Cup from the Google Play Store, The Post's Ruth Eglash reported Tuesday. “The army official, who spoke on the condition of anonymity in keeping with military protocol, said Hamas operatives posing online as young, attractive and, in most cases, female Israelis attempted to lure young Israeli recruits via Facebook and WhatsApp to download the apps,” Eglash wrote. “Once embedded in a person’s phone, the malware in the apps can read text messages, view visual content and other documentation stored on the device, as well as allow outside sources to listen in on conversations and take photographs remotely.”
About 400 to 500 users have downloaded the applications but not all of those people are part of the military, according to the Israeli army, my colleague reported. The army found at least three apps — Wink Chat and Glance Love for dating and Golden Cup to keep up with the soccer tournament — and they were removed from the Google Play Store, according to Eglash. The Israeli army said roughly 2 percent of the hundreds of soldiers who said they were contacted on Facebook ended up accepting to download the apps, Eglash wrote.
More cybersecurity news:
— The Democratic National Committee is training its staffers as well as state parties and campaigns with DNC support to improve their cybersecurity practices to avoid a rerun of the hacking of the party's computer network, CyberScoop's Chris Bing reports. "Since September of last year — primarily through a phishing simulation platform named Wombat — the DNC’s tech team has been targeting co-workers as part of a broad effort to evaluate internal cybersecurity risks," Bing writes. "Staffers are graded on their ability to spot, report and avoid emails that in a real-world scenario might carry malware."
— The office of New York's Special Narcotics Prosecutor successfully applied for an authorization to use the GrayKey software from the company Grayshift to access two locked iPhones in a drugs case, Forbes's Thomas Fox-Brewster reported Tuesday. “Legal representation for the suspect, whose name has not been revealed, said they believed GrayKey was successful in gaining access to the client’s iPhones,” Fox-Brewster wrote. “Jerome Greco, staff attorney at the Legal Aid Society, told Forbes his team was waiting to learn what data was actually obtained from the devices.”
— Developers who create apps for the National Geospatial-Intelligence Agency are required to submit their source code for security vetting, according to Wired's Lily Hay Newman. Engility, a private company, handles the code review, Wired reports. "The brokered vetting process means that the government never holds developers' source code directly," Hay Newman writes. "The inspection is always mediated by Engility, which signs nondisclosure agreements with developers and isn't a software maker itself.”
— More cybersecurity news from the public sector:
— A University of Cambridge researcher looked inside one of the USB fans that were provided to journalists covering the meeting last month in Singapore between Trump and North Korean leader Kim Jong Un and it seems like the device wasn't a spying tool in the end, The Post's Hamza Shaban reports. “This particular sample of USB fan does not have any computer functionality on USB interface,” researcher Sergei Skorobogatov wrote in an analysis. “It can only be used for driving the motor from USB power. However, this does not eliminate the possibility of malicious or Trojan components wired to USB connector in other fans, lamps and other end-user USB devices.”
But just because the device that Skorobogatov analyzed didn't contain malware doesn't mean that other fans handed out to reporters in Singapore weren't harmless, my colleague reports. “Jake Williams, founder of the cybersecurity firm Rendition InfoSec and a former member of the National Security Agency’s hacking group, was also circumspect about the USB fans,” Shaban writes. “He said that malicious actors could have narrowly targeted one reporter who was of special interest out of 100, meaning that most fans may have appeared harmless even as some might have been used to target specific journalists.”
— More cybersecurity news from overseas:
— Trump on Tuesday attempted to tie the deletion of call detail records that the NSA announced last week with the Russia investigation even though nothing indicates that those two things are related, The Post's Shane Harris reported. The NSA said in a June 28 statement that it had started in May to delete call detail records “acquired since 2015 under Title V of the Foreign Intelligence Surveillance Act (FISA)." “Officials explained that telecom companies had provided more information about Americans’ communications than the NSA was legally entitled to receive,” Harris wrote.
“The president routinely calls the special-counsel investigation, led by Robert S. Mueller III, a witch hunt,” Harris wrote. “But the NSA program to which the president referred is used primarily for counterterrorism. The president offered no evidence to suggest how the program was connected to Mueller’s probe.” Sen. Ron Wyden (D-Ore.), who has long expressed concerns about some government surveillance programs, seized on Trump's tweet and told the president that “we should talk.”
The American Civil Liberties Union tweeted that Trump should support overhauling the NSA:
Several journalists also commented on Trump's tweet.
From CNN's Jenna McLaughlin:
From Mother Jones's David Corn:
From BuzzFeed News's Kevin Collier:
From Politico's Kyle Cheney:
- National Homeland Security Conference in New York on July 9 through July 12.
- IoT Global Innovation Forum in Portland, Ore., on July 10 through July 11.
- Senate Rules and Administration Committee hearing on election security on July 11.
- House Homeland Security Committee hearing on the protection of election systems and other critical infrastructure on July 11.
- Two House Homeland Security subcommittees hold a joint hearing on supply chain threats on July 12.
- National Association of Secretaries of State 2018 Summer Conference in Philadelphia on July 13 through July 16.
“Major incident” in town near former Russian spy poisoning:
Trump compares immigration enforcement to “liberating a town” in combat:
Trapped Thai soccer team receives dive lessons: