Related Posts

“Hacking Back” a Recipe for Digital Arms Race

“Malicious hacking”—using technological means to penetrate or manipulate the networks, data, or devices of others without permission is a threat to the Internet and to the health of the Internet infrastructure companies that serve as its backbone. “Hacking back” would make us all more vulnerable to more sophisticated and frequent attacks. Our focus should be on protecting networks from intrusion, rather than making them more vulnerable by turning the Internet ecosystem into a digital war zone.

Read More

5 Takeaways from the New DHS Privacy Guidance

To comply with the executive order, DHS released new policy guidance on April 27. The new policy acknowledges that DHS can no longer extend statutory Privacy Act protections to non-U.S. persons, but it also explains what the agency must do to continue to protect the privacy of non-U.S. persons. It’s still early to tell how the policy will work in practice, but here are a few takeaways.

Read More

Another Invasive, Costly DHS Proposal Chilling Free Speech At the Border

Earlier this year, DHS proposed to begin requesting information pertaining to Chinese visitors’ social media identifiers. This is not the first time we have seen this type of proposal from DHS. In 2016, CDT and over 30 other organizations raised concerns that a DHS proposal asking people traveling to the U.S. through the Visa Waiver Program to volunteer information about their “online presence” and social media use amounted to an expansion of surveillance of U.S. visitors and residents alike. Last week, CDT argued that the new proposal would raise the same issues.

Read More

“The Cyber” Part II: Cybersecurity Research and the Role of the Enforcer

In CDT’s white paper, we look at whether there are other steps the Department of Justice, in particular, could take to better improve the consistency and fairness of CFAA prosecution to avoid any repeat of something like the Swartz case. For instance, we ask whether the DOJ could release more detailed guidance (similar to, for instance, regulations governing foreign investment review at the Treasury Department) with illustrative examples of cases where security research will not prompt investigation or prosecution.

Read More

“The Cyber:”  Everything You Need to Know About Computer Security Research and More

Of all of this attention to cybersecurity issues, however, too little is being paid to arguably the most important constellation in the cyber universe: the thousands of researchers who toil, often in obscurity, to identify and mitigate cybersecurity vulnerabilities. And yet, this research is more important than many of us not in this world can appreciate. We’ve released a comprehensive white paper that we hope will help frame these conversations going forward. Our paper, titled “The Cyber: Hard Questions in the World of Computer Security Research,” takes a deep dive into four areas of focus.

Read More

Trump Tower Claims Debunked, But Overbroad Surveillance Still Cause for Concern

It has now been confirmed by FBI Director Jim Comey, both of Congress’s intelligence committees, and the Speaker of the House that President Trump did not have his “wires tapped” at Trump Tower by the Obama administration prior to the president’s election. But here are some thoughts about why, while the president’s wiretapping claims are without merit, we should still be concerned about how communications intercepted for foreign intelligence purposes can now be shared more broadly across the intelligence and thus possibly misused to target people in the United States who have nothing to do with spying or terrorism.

Read More