EFF to Court: Forcing Someone to Unlock and Decrypt Their Phone Violates the Constitution

Linked by Paul Ciano


First, the compelled entry of a memorized passcode forces a person to reveal the contents of their mind to investigators—contents that are absolutely privileged by the Fifth Amendment. As far as the Fifth Amendment is concerned, there’s no difference between forcing a person to type their passcode directly into their phone and forcing them to say it out loud to an investigator. The trial judge in this case understood that and found that typing in a passcode was a “testimonial act.” So just by forcing the defendant to unlock his phone, the investigators violated his Fifth Amendment right.

Second, the process of decryption itself is testimonial because it involves translating unintelligible, encrypted evidence into a form that can be used and understood by investigators—again relying on the contents of the suspect’s mind.

Injustice at the Border: How to Protect Your Data (Part 3)

Last time, I covered the first part of the Electronic Frontier Foundation's (EFF) Digital Privacy at the U.S. Border guide. Now, I am going to cover the second part of their series, which focuses on the legal framework around searches and seizures at the border.

Keep in mind, this is only meant to be a primer. If you have deep concerns about these issues and need a greater level of detail, it might be best to consult a lawyer.

Continue reading Injustice at the Border: How to Protect Your Data (Part 3)

Injustice at the Border: How to Protect Your Data (Part 2)

Since I wrote the first part of this series, the Electronic Frontier Foundation (EFF) has released a superlative guide on digital privacy at the U.S. Border. They have done things like this before, but since the legal context around these issues is somewhat labile, it is important to make sure you are getting up-to-date information.

Before I move on to my own technical solution for moving across borders, I think it is beneficial to review the EFF's Guide. Their post about this guide can be found here. It is broken up into 3 parts:

  1. Digital Privacy Guide for Travelers
  2. Constitutional Rights, Government Policies, and Privacy at the Border
  3. The Technology of Privacy Protection

Here, I am going to focus on the first 2 parts, and the last part of this series will basically be my take on part 3 of their guide.

Much of the information presented will be useful to any traveler, but I am writing this from the perspective of a deeply concerned U.S. citizen, and will correspondingly focus on aspects that affect this cohort.

Continue reading Injustice at the Border: How to Protect Your Data (Part 2)

A School Librarian Caught In The Middle of Student Privacy Extremes

Linked by Paul Ciano


In search of a middle ground that serves students, Angela is asking hard, fundamental questions. “We can use technology to do this, but should we? Is it giving us the same results as something non-technological?” Angela asked. “We need to see the big picture. How do we take advantage of these tools while keeping information private and being aware of what we might be giving away?”

School librarians are uniquely positioned to navigate this middle ground and advocate for privacy, both within the school library itself and in larger school- or district-wide conversations about technology. Often, school librarians are the only staff members trained as educators, privacy specialists, and technologists, bringing not only the skills but a professional mandate to lead their communities in digital privacy and intellectual freedom. On top of that, librarians have trusted relationships across the student privacy stakeholder chain, from working directly with students to training teachers to negotiating with technology vendors.

Let’s Encrypt 2016 In Review

Linked by Paul Ciano

Let’s Encrypt:

At the start of 2016, Let’s Encrypt certificates had been available to the public for less than a month and we were supporting approximately 240,000 active (unexpired) certificates. That seemed like a lot at the time! Now we’re frequently issuing that many new certificates in a single day while supporting more than 20,000,000 active certificates in total. We’ve issued more than a million certificates in a single day a few times recently. We’re currently serving an average of 6,700 OCSP responses per second. We’ve done a lot of optimization work, we’ve had to add some hardware, and there have been some long nights for our staff, but we’ve been able to keep up and we’re ready for another year of strong growth.

Injustice at the Border: How to Protect Your Data (Part 1)

If you follow this site, you most likely know that a large part of the content focuses on privacy and security. About 2 years ago, I said what I had to say on these subjects. From then on, I decided to continue linking to those who remained vigilant in these areas.

However, current events compel me to speak up once more.

Continue reading Injustice at the Border: How to Protect Your Data (Part 1)