EFF to Court: Forcing Someone to Unlock and Decrypt Their Phone Violates the Constitution

Linked by Paul Ciano


First, the compelled entry of a memorized passcode forces a person to reveal the contents of their mind to investigators—contents that are absolutely privileged by the Fifth Amendment. As far as the Fifth Amendment is concerned, there’s no difference between forcing a person to type their passcode directly into their phone and forcing them to say it out loud to an investigator. The trial judge in this case understood that and found that typing in a passcode was a “testimonial act.” So just by forcing the defendant to unlock his phone, the investigators violated his Fifth Amendment right.

Second, the process of decryption itself is testimonial because it involves translating unintelligible, encrypted evidence into a form that can be used and understood by investigators—again relying on the contents of the suspect’s mind.

Injustice at the Border: How to Protect Your Data (Part 3)

Last time, I covered the first part of the Electronic Frontier Foundation's (EFF) Digital Privacy at the U.S. Border guide. Now, I am going to cover the second part of their series, which focuses on the legal framework around searches and seizures at the border.

Keep in mind, this is only meant to be a primer. If you have deep concerns about these issues and need a greater level of detail, it might be best to consult a lawyer.

Continue reading Injustice at the Border: How to Protect Your Data (Part 3)

Want to Improve Data Quality, Reduce Liability, and Gain Consumer Trust? Try Deleting.

Linked by Paul Ciano


Uber’s situation illustrates the disconnect between what data deletion means to companies and how users understand the concept. To users, deletion is an act of finality that ends their relationship with a company and destroys their information. To most companies, a deletion command is more likely to send a copy of the user’s information to cloud storage for potential retrieval.

In CDT’s newest white paper, “Should it stay or should it go? The legal, policy, and technical landscape around data deletion,” we explore this disconnect and the reasons why commercial data stores have grown. We make the case that it is neither in a company’s nor a customer’s best interest to hold onto large amounts of data.

How Stripe Teaches Employees to Code

Linked by Paul Ciano

Ella Grimshaw, Stripe:

It’s easy for familiarity with code to become a barrier between different groups within a technology company: lots of companies have an upper tier of code-wrangling wizards that are supported by the rest of the company, sometimes known as the non-engineers. From the beginning, we’ve tried hard to avoid this at Stripe. In seating, we mix engineering teams with non-engineering teams. When we hire, we seek out engineers who are excited about problems beyond code itself. When we communicate internally, we make sure our engineering work is open and comprehensible to all Stripes, and that each improvement to our platform and even internal infrastructure is shared widely.

Continue reading How Stripe Teaches Employees to Code