SlideShare a Scribd company logo

BSidesROC 2016 Keynote - Nate Cardozo - The State Of The Law

BSidesROC
BSidesROC

Strong end-to-end encryption is legal in the United States today, thanks to our victory in what’s come to be known as the Crypto Wars of the 1990s. But in the wake of Paris and San Bernardino, there is increasing pressure from law enforcement and policy makers, both here and abroad, to mandate so-called backdoors in encryption products. In this presentation, I will discuss in brief the history of the first Crypto Wars, and the state of the law coming into 2016. I will then discuss the current proposals to weaken or ban encryption, covering proposed and recently enacted laws in New York, California, Australia, India, and the UK. Finally, I will discuss possible realistic outcomes to the Second Crypto Wars, and give my predictions on what the State of the Law will be at the end of 2016. Obviously, the content may well change, based on what Magistrate Judge Pym does in San Bernardino!!!

Law
1 of 29
Download to read offline
The State of the Law: 2016 BSIDESROC Nate Cardozo, EFF 783A 8CC4 166D 1768 4E8E DAFD 2D76 4786 4AE6 3181
“The Net interprets censorship as damage and routes around it.” John Gilmore, ~1993
The First Crypto Wars
If all you have is a hammer…
And the Internet was a safer place for it!
•  We thought we had solved the field… – But thanks to Comey – More work remains
•  FBI Director Comey in 2014: “We also need a regulatory or legislative fix to create a level playing field, so that all communication service providers are held to the same standard and so that those of us in law enforcement, national security, and public safety can continue to do the job…”
2015 •  Conversation started with device encryption, but quickly moved to end-to-end encryption. •  UK PM Cameron: “Are we going to allow a means of communications which it simply isn't possible to read?”
What if we re-named back doors? •  Comey: “We aren’t seeking a back- door approach. We want to use the front door” •  Washington Post “a back door can and will be exploited by bad guys, too. However, with all their wizardry, perhaps Apple and Google could invent a kind of secure golden key”
Legislation •  Many countries around the world are considering legislation that would either – mandate backdoors, – mandate access to plaintext or – endanger encryption.
UK Snooper’s Charter •  Purports to regulate telecommunications operators all around the world •  § 189(4)(c): Operators may be obligated to remove “electronic protection” if they provided –  Could be interpreted to require weakening encryption, holding a key or banning end-to-end
Australia’s Defence Trade Controls Act •  Prohibits the “intangible supply” of encryption technologies. •  Many ordinary teaching and research activities could be subject to unclear export controls with severe penalties. •  International Association for Cryptologic Research organized petition against, signed 100s of experts
India Considers An Encryption Policy •  In September, India released a draft National Encryption Policy –  Everyone required to store plain text –  Info kept for 90 days –  Made available to law enforcement agencies as and when demanded •  Withdrawn after criticism
China’s Anti-Terrorism Law •  Passed last year •  Draft version required tech companies to hand over encryption codes •  Final version: “shall provide technical interfaces, decryption and other technical support”
Obama: No Backdoor Bill •  We “will not —for now—call for legislation requiring companies to decode messages for law enforcement.” •  But… –  Leaked National Security Council memo from Thanksgiving 2015
All Writs Act Litigation •  Apple v. FBI –  This is the San Bernardino iPhone case –  Also, a case in EDNY
Other Litigation •  Wiretap Act litigation may be coming –  New York Times report re: WhatsApp •  There may be FISA Court orders –  EFF just this week filed a FOIA case to get access to them
Burr-Feinstein Bill •  Would require providers to decrypt on demand –  Criminal and civil penalties •  Applies to comms, storage, and licensing –  This includes app stores and open source •  Not just e2e and FDE –  This would outlaw computers as we know them
Burr-Feinstein Bill •  Problematic on every level –  Unconstitutional –  Would break the Internet –  Would cripple American business – Would be totally ineffective!
2016 •  What are we looking at? –  Key escrow mandate •  I don’t think this is actually going to happen. – Burr-Feinstein •  This definitely won’t happen (in the current form) –  We don’t care how, just make plaintext available. •  Now I will go into prediction mode.
2016 •  But what is actually likely? –  Informal pressure –  No ban will reach FOSS crypto –  CALEA-like mandate –  India/Australia/UK may do dumb things –  It’s not going to stop anyone with even a modicum of sophistication from “going dark”
2016 Defaults, not primitives Backdoor pressure, not backdoor mandates Any mandate will affect only the masses We’ll get court rulings for the first time
Questions? Nate Cardozo Senior Staff Attorney, EFF nate@eff.org @ncardozo 783A 8CC4 166D 1768 4E8E DAFD 2D76 4786 4AE6 3181

Recommended

Internet censorship by ronak
Internet censorship by ronakInternet censorship by ronak
Internet censorship by ronak
Ronak Karanpuria
 
Internet privacy and laws
Internet privacy and lawsInternet privacy and laws
Internet privacy and laws
jcmonnett
 
Internet Censorship
Internet CensorshipInternet Censorship
Internet Censorship
Asya Karapetyan
 
Internet censorship
Internet censorshipInternet censorship
Internet censorship
mateo davis
 
Darknet
DarknetDarknet
Darknet
Hiro Oshikawa
 
Tor as an Attack Tool: Penetrating Firewalls in Repressive Regimes
Tor as an Attack Tool: Penetrating Firewalls in Repressive RegimesTor as an Attack Tool: Penetrating Firewalls in Repressive Regimes
Tor as an Attack Tool: Penetrating Firewalls in Repressive Regimes
D. Hill
 
National framework for digital forensics bangladesh context
National framework for digital forensics bangladesh context National framework for digital forensics bangladesh context
National framework for digital forensics bangladesh context
Bank Alfalah Limited
 
Presentación3
Presentación3Presentación3
Presentación3
Mikecdr
 

Recommended

Internet censorship by ronak
Internet censorship by ronakInternet censorship by ronak
Internet censorship by ronak
Ronak Karanpuria
 
Internet privacy and laws
Internet privacy and lawsInternet privacy and laws
Internet privacy and laws
jcmonnett
 
Internet Censorship
Internet CensorshipInternet Censorship
Internet Censorship
Asya Karapetyan
 
Internet censorship
Internet censorshipInternet censorship
Internet censorship
mateo davis
 
Darknet
DarknetDarknet
Darknet
Hiro Oshikawa
 
Tor as an Attack Tool: Penetrating Firewalls in Repressive Regimes
Tor as an Attack Tool: Penetrating Firewalls in Repressive RegimesTor as an Attack Tool: Penetrating Firewalls in Repressive Regimes
Tor as an Attack Tool: Penetrating Firewalls in Repressive Regimes
D. Hill
 
National framework for digital forensics bangladesh context
National framework for digital forensics bangladesh context National framework for digital forensics bangladesh context
National framework for digital forensics bangladesh context
Bank Alfalah Limited
 
Presentación3
Presentación3Presentación3
Presentación3
Mikecdr
 
Analysis of cyber crime bill 2016
Analysis of cyber crime bill 2016 Analysis of cyber crime bill 2016
Analysis of cyber crime bill 2016
Zohaib Arshid
 
A study on internet libel in the philippines (2)
A study on internet libel in the philippines (2)A study on internet libel in the philippines (2)
A study on internet libel in the philippines (2)
Geritt Contillo
 
I2P and the Dark Web
I2P and the Dark WebI2P and the Dark Web
I2P and the Dark Web
John Liu
 
Megaupload pp
Megaupload ppMegaupload pp
Megaupload pp
chrisrichhh
 
Cybercrime law legality report
Cybercrime law legality reportCybercrime law legality report
Cybercrime law legality report
Jonan Momo
 
Deep web power point presentation
Deep web power point presentationDeep web power point presentation
Deep web power point presentation
albafg55
 
The Deep Web, TOR Network and Internet Anonymity
The Deep Web, TOR Network and Internet AnonymityThe Deep Web, TOR Network and Internet Anonymity
The Deep Web, TOR Network and Internet Anonymity
Abhimanyu Singh
 
The Deep and Dark Web
The Deep and Dark WebThe Deep and Dark Web
The Deep and Dark Web
Swecha | స్వేచ్ఛ
 
State of the Internet
State of the InternetState of the Internet
State of the Internet
Charles Mok
 
How Much is My Information Worth on the Dark Web?
How Much is My Information Worth on the Dark Web?How Much is My Information Worth on the Dark Web?
How Much is My Information Worth on the Dark Web?
Mark Fisher
 
The dark web darwin de leon
The dark web darwin de leonThe dark web darwin de leon
The dark web darwin de leon
Darwin de Leon
 
Dark web markets: from the silk road to alphabay, trends and developments
Dark web markets: from the silk road to alphabay, trends and developmentsDark web markets: from the silk road to alphabay, trends and developments
Dark web markets: from the silk road to alphabay, trends and developments
Andres Baravalle
 
Hackbama Cyber Crimes Investigations
Hackbama Cyber Crimes InvestigationsHackbama Cyber Crimes Investigations
Hackbama Cyber Crimes Investigations
Kevin Cedeño, CISM, CISA
 
The Darknet and the Future of Everything*
The Darknet and the Future of Everything*The Darknet and the Future of Everything*
The Darknet and the Future of Everything*
PeterNBiddle
 
The Darknet Emerges
The Darknet EmergesThe Darknet Emerges
The Darknet Emerges
Andrew Delamarter
 
Darknet - Is this the future of Internet?
Darknet - Is this the future of Internet? Darknet - Is this the future of Internet?
Darknet - Is this the future of Internet?
Bangladesh Network Operators Group
 
Deep Dark Web - How to get inside?
Deep Dark Web - How to get inside?Deep Dark Web - How to get inside?
Deep Dark Web - How to get inside?
Anshu Prateek
 
GOVERNMENT SURVEILANCE
GOVERNMENT SURVEILANCEGOVERNMENT SURVEILANCE
GOVERNMENT SURVEILANCE
Yusuf Qadir
 
Darknet
DarknetDarknet
Darknet
Matthew Kwong
 
ARTICLE 4/27/12
ARTICLE 4/27/12ARTICLE 4/27/12
ARTICLE 4/27/12
freeantivirusdownload
 
Dark Side of the Net Lecture 4 TOR
Dark Side of the Net Lecture 4 TOR Dark Side of the Net Lecture 4 TOR
Dark Side of the Net Lecture 4 TOR
Marcus Leaning
 
2013.11.30.Brook-CSA_Congress_EU_Avoiding_US_Cloud_Providers
2013.11.30.Brook-CSA_Congress_EU_Avoiding_US_Cloud_Providers2013.11.30.Brook-CSA_Congress_EU_Avoiding_US_Cloud_Providers
2013.11.30.Brook-CSA_Congress_EU_Avoiding_US_Cloud_Providers
Jon-Michael C. Brook, CISSP
 

More Related Content

What's hot

Analysis of cyber crime bill 2016
Analysis of cyber crime bill 2016 Analysis of cyber crime bill 2016
Analysis of cyber crime bill 2016
Zohaib Arshid
 
A study on internet libel in the philippines (2)
A study on internet libel in the philippines (2)A study on internet libel in the philippines (2)
A study on internet libel in the philippines (2)
Geritt Contillo
 
I2P and the Dark Web
I2P and the Dark WebI2P and the Dark Web
I2P and the Dark Web
John Liu
 
Megaupload pp
Megaupload ppMegaupload pp
Megaupload pp
chrisrichhh
 
Cybercrime law legality report
Cybercrime law legality reportCybercrime law legality report
Cybercrime law legality report
Jonan Momo
 
Deep web power point presentation
Deep web power point presentationDeep web power point presentation
Deep web power point presentation
albafg55
 
The Deep Web, TOR Network and Internet Anonymity
The Deep Web, TOR Network and Internet AnonymityThe Deep Web, TOR Network and Internet Anonymity
The Deep Web, TOR Network and Internet Anonymity
Abhimanyu Singh
 
The Deep and Dark Web
The Deep and Dark WebThe Deep and Dark Web
The Deep and Dark Web
Swecha | స్వేచ్ఛ
 
State of the Internet
State of the InternetState of the Internet
State of the Internet
Charles Mok
 
How Much is My Information Worth on the Dark Web?
How Much is My Information Worth on the Dark Web?How Much is My Information Worth on the Dark Web?
How Much is My Information Worth on the Dark Web?
Mark Fisher
 
The dark web darwin de leon
The dark web darwin de leonThe dark web darwin de leon
The dark web darwin de leon
Darwin de Leon
 
Dark web markets: from the silk road to alphabay, trends and developments
Dark web markets: from the silk road to alphabay, trends and developmentsDark web markets: from the silk road to alphabay, trends and developments
Dark web markets: from the silk road to alphabay, trends and developments
Andres Baravalle
 
Hackbama Cyber Crimes Investigations
Hackbama Cyber Crimes InvestigationsHackbama Cyber Crimes Investigations
Hackbama Cyber Crimes Investigations
Kevin Cedeño, CISM, CISA
 
The Darknet and the Future of Everything*
The Darknet and the Future of Everything*The Darknet and the Future of Everything*
The Darknet and the Future of Everything*
PeterNBiddle
 
The Darknet Emerges
The Darknet EmergesThe Darknet Emerges
The Darknet Emerges
Andrew Delamarter
 
Darknet - Is this the future of Internet?
Darknet - Is this the future of Internet? Darknet - Is this the future of Internet?
Darknet - Is this the future of Internet?
Bangladesh Network Operators Group
 
Deep Dark Web - How to get inside?
Deep Dark Web - How to get inside?Deep Dark Web - How to get inside?
Deep Dark Web - How to get inside?
Anshu Prateek
 
GOVERNMENT SURVEILANCE
GOVERNMENT SURVEILANCEGOVERNMENT SURVEILANCE
GOVERNMENT SURVEILANCE
Yusuf Qadir
 
Darknet
DarknetDarknet
Darknet
Matthew Kwong
 
ARTICLE 4/27/12
ARTICLE 4/27/12ARTICLE 4/27/12
ARTICLE 4/27/12
freeantivirusdownload
 

What's hot (20)

Analysis of cyber crime bill 2016
Analysis of cyber crime bill 2016 Analysis of cyber crime bill 2016
Analysis of cyber crime bill 2016
 
A study on internet libel in the philippines (2)
A study on internet libel in the philippines (2)A study on internet libel in the philippines (2)
A study on internet libel in the philippines (2)
 
I2P and the Dark Web
I2P and the Dark WebI2P and the Dark Web
I2P and the Dark Web
 
Megaupload pp
Megaupload ppMegaupload pp
Megaupload pp
 
Cybercrime law legality report
Cybercrime law legality reportCybercrime law legality report
Cybercrime law legality report
 
Deep web power point presentation
Deep web power point presentationDeep web power point presentation
Deep web power point presentation
 
The Deep Web, TOR Network and Internet Anonymity
The Deep Web, TOR Network and Internet AnonymityThe Deep Web, TOR Network and Internet Anonymity
The Deep Web, TOR Network and Internet Anonymity
 
The Deep and Dark Web
The Deep and Dark WebThe Deep and Dark Web
The Deep and Dark Web
 
State of the Internet
State of the InternetState of the Internet
State of the Internet
 
How Much is My Information Worth on the Dark Web?
How Much is My Information Worth on the Dark Web?How Much is My Information Worth on the Dark Web?
How Much is My Information Worth on the Dark Web?
 
The dark web darwin de leon
The dark web darwin de leonThe dark web darwin de leon
The dark web darwin de leon
 
Dark web markets: from the silk road to alphabay, trends and developments
Dark web markets: from the silk road to alphabay, trends and developmentsDark web markets: from the silk road to alphabay, trends and developments
Dark web markets: from the silk road to alphabay, trends and developments
 
Hackbama Cyber Crimes Investigations
Hackbama Cyber Crimes InvestigationsHackbama Cyber Crimes Investigations
Hackbama Cyber Crimes Investigations
 
The Darknet and the Future of Everything*
The Darknet and the Future of Everything*The Darknet and the Future of Everything*
The Darknet and the Future of Everything*
 
The Darknet Emerges
The Darknet EmergesThe Darknet Emerges
The Darknet Emerges
 
Darknet - Is this the future of Internet?
Darknet - Is this the future of Internet? Darknet - Is this the future of Internet?
Darknet - Is this the future of Internet?
 
Deep Dark Web - How to get inside?
Deep Dark Web - How to get inside?Deep Dark Web - How to get inside?
Deep Dark Web - How to get inside?
 
GOVERNMENT SURVEILANCE
GOVERNMENT SURVEILANCEGOVERNMENT SURVEILANCE
GOVERNMENT SURVEILANCE
 
Darknet
DarknetDarknet
Darknet
 
ARTICLE 4/27/12
ARTICLE 4/27/12ARTICLE 4/27/12
ARTICLE 4/27/12
 

Similar to BSidesROC 2016 Keynote - Nate Cardozo - The State Of The Law

Dark Side of the Net Lecture 4 TOR
Dark Side of the Net Lecture 4 TOR Dark Side of the Net Lecture 4 TOR
Dark Side of the Net Lecture 4 TOR
Marcus Leaning
 
2013.11.30.Brook-CSA_Congress_EU_Avoiding_US_Cloud_Providers
2013.11.30.Brook-CSA_Congress_EU_Avoiding_US_Cloud_Providers2013.11.30.Brook-CSA_Congress_EU_Avoiding_US_Cloud_Providers
2013.11.30.Brook-CSA_Congress_EU_Avoiding_US_Cloud_Providers
Jon-Michael C. Brook, CISSP
 
Copyright infringement
Copyright infringementCopyright infringement
Copyright infringement
wcudsce
 
Lofty Ideals: The Nature of Clouds and Encryption
Lofty Ideals: The Nature of Clouds and EncryptionLofty Ideals: The Nature of Clouds and Encryption
Lofty Ideals: The Nature of Clouds and Encryption
Sean Whalen
 
Legal Research in the Age of Cloud Computing
Legal Research in the Age of Cloud ComputingLegal Research in the Age of Cloud Computing
Legal Research in the Age of Cloud Computing
Neal Axton
 
IoT is coming - now what?
IoT is coming - now what?IoT is coming - now what?
IoT is coming - now what?
Martin Spindler
 
The Challenges & Risks of New Technology: Privacy Law & Policy
The Challenges & Risks of New Technology: Privacy Law & PolicyThe Challenges & Risks of New Technology: Privacy Law & Policy
The Challenges & Risks of New Technology: Privacy Law & Policy
Dan Houser
 
E-Discovery: How do Litigation Hold, BYOD, and Privacy Affect You? - Course T...
E-Discovery: How do Litigation Hold, BYOD, and Privacy Affect You? - Course T...E-Discovery: How do Litigation Hold, BYOD, and Privacy Affect You? - Course T...
E-Discovery: How do Litigation Hold, BYOD, and Privacy Affect You? - Course T...
Cengage Learning
 
Have the Bad Guys Won the Cyber security War...
Have the Bad Guys Won the Cyber security War...Have the Bad Guys Won the Cyber security War...
Have the Bad Guys Won the Cyber security War...
Andrew Hammond
 
Quant & Crypto Gold
Quant & Crypto GoldQuant & Crypto Gold
Quant & Crypto Gold
Andrew Hammond
 
Cybersecurity Strategies - time for the next generation
Cybersecurity Strategies - time for the next generationCybersecurity Strategies - time for the next generation
Cybersecurity Strategies - time for the next generation
Hinne Hettema
 
Digital Repression and Techno-Authoritarianism
Digital Repression and Techno-AuthoritarianismDigital Repression and Techno-Authoritarianism
Digital Repression and Techno-Authoritarianism
Charles Mok
 
This Time, It’s Personal: Why Security and the IoT Is Different
This Time, It’s Personal: Why Security and the IoT Is DifferentThis Time, It’s Personal: Why Security and the IoT Is Different
This Time, It’s Personal: Why Security and the IoT Is Different
Justin Grammens
 
Gikii23 Marsden
Gikii23 MarsdenGikii23 Marsden
Gikii23 Marsden
Chris Marsden
 
Cybercrime
CybercrimeCybercrime
Cybercrime
RAJ ANAND
 
Cybercrime
CybercrimeCybercrime
Cybercrime
Vinil Patel
 
Prosecuting Cybercrime and Regulating the Web
Prosecuting Cybercrime and Regulating the WebProsecuting Cybercrime and Regulating the Web
Prosecuting Cybercrime and Regulating the Web
Darius Whelan
 
Infosecurity2013nl 131103184054-phpapp01
Infosecurity2013nl 131103184054-phpapp01Infosecurity2013nl 131103184054-phpapp01
Infosecurity2013nl 131103184054-phpapp01
Kenneth Carnesi, JD
 
2600 v19 n1 (spring 2002)
2600 v19 n1 (spring 2002)2600 v19 n1 (spring 2002)
2600 v19 n1 (spring 2002)
Felipe Prado
 
Privacy is an Illusion and you’re all losers! - Cryptocow - Infosecurity 2013
Privacy is an Illusion and you’re all losers! - Cryptocow - Infosecurity 2013Privacy is an Illusion and you’re all losers! - Cryptocow - Infosecurity 2013
Privacy is an Illusion and you’re all losers! - Cryptocow - Infosecurity 2013
Cain Ransbottyn
 

Similar to BSidesROC 2016 Keynote - Nate Cardozo - The State Of The Law (20)

Dark Side of the Net Lecture 4 TOR
Dark Side of the Net Lecture 4 TOR Dark Side of the Net Lecture 4 TOR
Dark Side of the Net Lecture 4 TOR
 
2013.11.30.Brook-CSA_Congress_EU_Avoiding_US_Cloud_Providers
2013.11.30.Brook-CSA_Congress_EU_Avoiding_US_Cloud_Providers2013.11.30.Brook-CSA_Congress_EU_Avoiding_US_Cloud_Providers
2013.11.30.Brook-CSA_Congress_EU_Avoiding_US_Cloud_Providers
 
Copyright infringement
Copyright infringementCopyright infringement
Copyright infringement
 
Lofty Ideals: The Nature of Clouds and Encryption
Lofty Ideals: The Nature of Clouds and EncryptionLofty Ideals: The Nature of Clouds and Encryption
Lofty Ideals: The Nature of Clouds and Encryption
 
Legal Research in the Age of Cloud Computing
Legal Research in the Age of Cloud ComputingLegal Research in the Age of Cloud Computing
Legal Research in the Age of Cloud Computing
 
IoT is coming - now what?
IoT is coming - now what?IoT is coming - now what?
IoT is coming - now what?
 
The Challenges & Risks of New Technology: Privacy Law & Policy
The Challenges & Risks of New Technology: Privacy Law & PolicyThe Challenges & Risks of New Technology: Privacy Law & Policy
The Challenges & Risks of New Technology: Privacy Law & Policy
 
E-Discovery: How do Litigation Hold, BYOD, and Privacy Affect You? - Course T...
E-Discovery: How do Litigation Hold, BYOD, and Privacy Affect You? - Course T...E-Discovery: How do Litigation Hold, BYOD, and Privacy Affect You? - Course T...
E-Discovery: How do Litigation Hold, BYOD, and Privacy Affect You? - Course T...
 
Have the Bad Guys Won the Cyber security War...
Have the Bad Guys Won the Cyber security War...Have the Bad Guys Won the Cyber security War...
Have the Bad Guys Won the Cyber security War...
 
Quant & Crypto Gold
Quant & Crypto GoldQuant & Crypto Gold
Quant & Crypto Gold
 
Cybersecurity Strategies - time for the next generation
Cybersecurity Strategies - time for the next generationCybersecurity Strategies - time for the next generation
Cybersecurity Strategies - time for the next generation
 
Digital Repression and Techno-Authoritarianism
Digital Repression and Techno-AuthoritarianismDigital Repression and Techno-Authoritarianism
Digital Repression and Techno-Authoritarianism
 
This Time, It’s Personal: Why Security and the IoT Is Different
This Time, It’s Personal: Why Security and the IoT Is DifferentThis Time, It’s Personal: Why Security and the IoT Is Different
This Time, It’s Personal: Why Security and the IoT Is Different
 
Gikii23 Marsden
Gikii23 MarsdenGikii23 Marsden
Gikii23 Marsden
 
Cybercrime
CybercrimeCybercrime
Cybercrime
 
Cybercrime
CybercrimeCybercrime
Cybercrime
 
Prosecuting Cybercrime and Regulating the Web
Prosecuting Cybercrime and Regulating the WebProsecuting Cybercrime and Regulating the Web
Prosecuting Cybercrime and Regulating the Web
 
Infosecurity2013nl 131103184054-phpapp01
Infosecurity2013nl 131103184054-phpapp01Infosecurity2013nl 131103184054-phpapp01
Infosecurity2013nl 131103184054-phpapp01
 
2600 v19 n1 (spring 2002)
2600 v19 n1 (spring 2002)2600 v19 n1 (spring 2002)
2600 v19 n1 (spring 2002)
 
Privacy is an Illusion and you’re all losers! - Cryptocow - Infosecurity 2013
Privacy is an Illusion and you’re all losers! - Cryptocow - Infosecurity 2013Privacy is an Illusion and you’re all losers! - Cryptocow - Infosecurity 2013
Privacy is an Illusion and you’re all losers! - Cryptocow - Infosecurity 2013
 

Recently uploaded

Energizing Communities, Fostering Growth, Sustaining Futures
Energizing Communities, Fostering Growth, Sustaining FuturesEnergizing Communities, Fostering Growth, Sustaining Futures
Energizing Communities, Fostering Growth, Sustaining Futures
USDAReapgrants.com
 
fnaf lore.pptx ...................................
fnaf lore.pptx ...................................fnaf lore.pptx ...................................
fnaf lore.pptx ...................................
20jcoello
 
Presentation (1).pptx Human rights of LGBTQ people in India, constitutional a...
Presentation (1).pptx Human rights of LGBTQ people in India, constitutional a...Presentation (1).pptx Human rights of LGBTQ people in India, constitutional a...
Presentation (1).pptx Human rights of LGBTQ people in India, constitutional a...
SKshi
 
Receivership and liquidation Accounts Prof. Oyedokun.pptx
Receivership and liquidation Accounts Prof. Oyedokun.pptxReceivership and liquidation Accounts Prof. Oyedokun.pptx
Receivership and liquidation Accounts Prof. Oyedokun.pptx
Godwin Emmanuel Oyedokun MBA MSc PhD FCA FCTI FCNA CFE FFAR
 
Guide on the use of Artificial Intelligence-based tools by lawyers and law fi...
Guide on the use of Artificial Intelligence-based tools by lawyers and law fi...Guide on the use of Artificial Intelligence-based tools by lawyers and law fi...
Guide on the use of Artificial Intelligence-based tools by lawyers and law fi...
Massimo Talia
 
Sangyun Lee, 'Why Korea's Merger Control Occasionally Fails: A Public Choice ...
Sangyun Lee, 'Why Korea's Merger Control Occasionally Fails: A Public Choice ...Sangyun Lee, 'Why Korea's Merger Control Occasionally Fails: A Public Choice ...
Sangyun Lee, 'Why Korea's Merger Control Occasionally Fails: A Public Choice ...
Sangyun Lee
 
From Promise to Practice. Implementing AI in Legal Environments
From Promise to Practice. Implementing AI in Legal EnvironmentsFrom Promise to Practice. Implementing AI in Legal Environments
From Promise to Practice. Implementing AI in Legal Environments
ssusera97a2f
 
The Art and Science of Cryptoforensic Investigation: Best Practices and Tools
The Art and Science of Cryptoforensic Investigation: Best Practices and ToolsThe Art and Science of Cryptoforensic Investigation: Best Practices and Tools
The Art and Science of Cryptoforensic Investigation: Best Practices and Tools
Milind Agarwal
 
原版制作(PSU毕业证书)宾州州立大学公园分校毕业证学历证书一模一样
原版制作(PSU毕业证书)宾州州立大学公园分校毕业证学历证书一模一样原版制作(PSU毕业证书)宾州州立大学公园分校毕业证学历证书一模一样
原版制作(PSU毕业证书)宾州州立大学公园分校毕业证学历证书一模一样
osenwakm
 
Matthew Professional CV experienced Government Liaison
Matthew Professional CV experienced Government LiaisonMatthew Professional CV experienced Government Liaison
Matthew Professional CV experienced Government Liaison
MattGardner52
 
Lifting the Corporate Veil. Power Point Presentation
Lifting the Corporate Veil. Power Point PresentationLifting the Corporate Veil. Power Point Presentation
Lifting the Corporate Veil. Power Point Presentation
seri bangash
 
Synopsis On Annual General Meeting/Extra Ordinary General Meeting With Ordina...
Synopsis On Annual General Meeting/Extra Ordinary General Meeting With Ordina...Synopsis On Annual General Meeting/Extra Ordinary General Meeting With Ordina...
Synopsis On Annual General Meeting/Extra Ordinary General Meeting With Ordina...
Syed Muhammad Humza Hussain
 
Genocide in International Criminal Law.pptx
Genocide in International Criminal Law.pptxGenocide in International Criminal Law.pptx
Genocide in International Criminal Law.pptx
MasoudZamani13
 
V.-SENTHIL-BALAJI-SLP-C-8939-8940-2023-SC-Judgment-07-August-2023.pdf
V.-SENTHIL-BALAJI-SLP-C-8939-8940-2023-SC-Judgment-07-August-2023.pdfV.-SENTHIL-BALAJI-SLP-C-8939-8940-2023-SC-Judgment-07-August-2023.pdf
V.-SENTHIL-BALAJI-SLP-C-8939-8940-2023-SC-Judgment-07-August-2023.pdf
bhavenpr
 
2015pmkemenhub163.pdf. 2015pmkemenhub163.pdf
2015pmkemenhub163.pdf. 2015pmkemenhub163.pdf2015pmkemenhub163.pdf. 2015pmkemenhub163.pdf
2015pmkemenhub163.pdf. 2015pmkemenhub163.pdf
CIkumparan
 
Incometax Compliance_PF_ ESI- June 2024
Incometax Compliance_PF_ ESI- June 2024Incometax Compliance_PF_ ESI- June 2024
Incometax Compliance_PF_ ESI- June 2024
EbizfilingIndia
 
San Remo Manual on International Law Applicable to Armed Conflict at Sea
San Remo Manual on International Law Applicable to Armed Conflict at SeaSan Remo Manual on International Law Applicable to Armed Conflict at Sea
San Remo Manual on International Law Applicable to Armed Conflict at Sea
Justin Ordoyo
 
Business Laws Sunita saha
Business Laws Sunita sahaBusiness Laws Sunita saha
Business Laws Sunita saha
sunitasaha5
 
What are the common challenges faced by women lawyers working in the legal pr...
What are the common challenges faced by women lawyers working in the legal pr...What are the common challenges faced by women lawyers working in the legal pr...
What are the common challenges faced by women lawyers working in the legal pr...
lawyersonia
 
Search Warrants for NH Law Enforcement Officers
Search Warrants for NH Law Enforcement OfficersSearch Warrants for NH Law Enforcement Officers
Search Warrants for NH Law Enforcement Officers
RichardTheberge
 

Recently uploaded (20)

Energizing Communities, Fostering Growth, Sustaining Futures
Energizing Communities, Fostering Growth, Sustaining FuturesEnergizing Communities, Fostering Growth, Sustaining Futures
Energizing Communities, Fostering Growth, Sustaining Futures
 
fnaf lore.pptx ...................................
fnaf lore.pptx ...................................fnaf lore.pptx ...................................
fnaf lore.pptx ...................................
 
Presentation (1).pptx Human rights of LGBTQ people in India, constitutional a...
Presentation (1).pptx Human rights of LGBTQ people in India, constitutional a...Presentation (1).pptx Human rights of LGBTQ people in India, constitutional a...
Presentation (1).pptx Human rights of LGBTQ people in India, constitutional a...
 
Receivership and liquidation Accounts Prof. Oyedokun.pptx
Receivership and liquidation Accounts Prof. Oyedokun.pptxReceivership and liquidation Accounts Prof. Oyedokun.pptx
Receivership and liquidation Accounts Prof. Oyedokun.pptx
 
Guide on the use of Artificial Intelligence-based tools by lawyers and law fi...
Guide on the use of Artificial Intelligence-based tools by lawyers and law fi...Guide on the use of Artificial Intelligence-based tools by lawyers and law fi...
Guide on the use of Artificial Intelligence-based tools by lawyers and law fi...
 
Sangyun Lee, 'Why Korea's Merger Control Occasionally Fails: A Public Choice ...
Sangyun Lee, 'Why Korea's Merger Control Occasionally Fails: A Public Choice ...Sangyun Lee, 'Why Korea's Merger Control Occasionally Fails: A Public Choice ...
Sangyun Lee, 'Why Korea's Merger Control Occasionally Fails: A Public Choice ...
 
From Promise to Practice. Implementing AI in Legal Environments
From Promise to Practice. Implementing AI in Legal EnvironmentsFrom Promise to Practice. Implementing AI in Legal Environments
From Promise to Practice. Implementing AI in Legal Environments
 
The Art and Science of Cryptoforensic Investigation: Best Practices and Tools
The Art and Science of Cryptoforensic Investigation: Best Practices and ToolsThe Art and Science of Cryptoforensic Investigation: Best Practices and Tools
The Art and Science of Cryptoforensic Investigation: Best Practices and Tools
 
原版制作(PSU毕业证书)宾州州立大学公园分校毕业证学历证书一模一样
原版制作(PSU毕业证书)宾州州立大学公园分校毕业证学历证书一模一样原版制作(PSU毕业证书)宾州州立大学公园分校毕业证学历证书一模一样
原版制作(PSU毕业证书)宾州州立大学公园分校毕业证学历证书一模一样
 
Matthew Professional CV experienced Government Liaison
Matthew Professional CV experienced Government LiaisonMatthew Professional CV experienced Government Liaison
Matthew Professional CV experienced Government Liaison
 
Lifting the Corporate Veil. Power Point Presentation
Lifting the Corporate Veil. Power Point PresentationLifting the Corporate Veil. Power Point Presentation
Lifting the Corporate Veil. Power Point Presentation
 
Synopsis On Annual General Meeting/Extra Ordinary General Meeting With Ordina...
Synopsis On Annual General Meeting/Extra Ordinary General Meeting With Ordina...Synopsis On Annual General Meeting/Extra Ordinary General Meeting With Ordina...
Synopsis On Annual General Meeting/Extra Ordinary General Meeting With Ordina...
 
Genocide in International Criminal Law.pptx
Genocide in International Criminal Law.pptxGenocide in International Criminal Law.pptx
Genocide in International Criminal Law.pptx
 
V.-SENTHIL-BALAJI-SLP-C-8939-8940-2023-SC-Judgment-07-August-2023.pdf
V.-SENTHIL-BALAJI-SLP-C-8939-8940-2023-SC-Judgment-07-August-2023.pdfV.-SENTHIL-BALAJI-SLP-C-8939-8940-2023-SC-Judgment-07-August-2023.pdf
V.-SENTHIL-BALAJI-SLP-C-8939-8940-2023-SC-Judgment-07-August-2023.pdf
 
2015pmkemenhub163.pdf. 2015pmkemenhub163.pdf
2015pmkemenhub163.pdf. 2015pmkemenhub163.pdf2015pmkemenhub163.pdf. 2015pmkemenhub163.pdf
2015pmkemenhub163.pdf. 2015pmkemenhub163.pdf
 
Incometax Compliance_PF_ ESI- June 2024
Incometax Compliance_PF_ ESI- June 2024Incometax Compliance_PF_ ESI- June 2024
Incometax Compliance_PF_ ESI- June 2024
 
San Remo Manual on International Law Applicable to Armed Conflict at Sea
San Remo Manual on International Law Applicable to Armed Conflict at SeaSan Remo Manual on International Law Applicable to Armed Conflict at Sea
San Remo Manual on International Law Applicable to Armed Conflict at Sea
 
Business Laws Sunita saha
Business Laws Sunita sahaBusiness Laws Sunita saha
Business Laws Sunita saha
 
What are the common challenges faced by women lawyers working in the legal pr...
What are the common challenges faced by women lawyers working in the legal pr...What are the common challenges faced by women lawyers working in the legal pr...
What are the common challenges faced by women lawyers working in the legal pr...
 
Search Warrants for NH Law Enforcement Officers
Search Warrants for NH Law Enforcement OfficersSearch Warrants for NH Law Enforcement Officers
Search Warrants for NH Law Enforcement Officers
 

BSidesROC 2016 Keynote - Nate Cardozo - The State Of The Law

  • 1. The State of the Law: 2016 BSIDESROC Nate Cardozo, EFF 783A 8CC4 166D 1768 4E8E DAFD 2D76 4786 4AE6 3181
  • 2. “The Net interprets censorship as damage and routes around it.” John Gilmore, ~1993
  • 4.
  • 5.
  • 6.
  • 7.
  • 8. If all you have is a hammer…
  • 9. And the Internet was a safer place for it!
  • 10. •  We thought we had solved the field… – But thanks to Comey – More work remains
  • 11.
  • 12. •  FBI Director Comey in 2014: “We also need a regulatory or legislative fix to create a level playing field, so that all communication service providers are held to the same standard and so that those of us in law enforcement, national security, and public safety can continue to do the job…”
  • 13. 2015 •  Conversation started with device encryption, but quickly moved to end-to-end encryption. •  UK PM Cameron: “Are we going to allow a means of communications which it simply isn't possible to read?”
  • 14. What if we re-named back doors? •  Comey: “We aren’t seeking a back- door approach. We want to use the front door” •  Washington Post “a back door can and will be exploited by bad guys, too. However, with all their wizardry, perhaps Apple and Google could invent a kind of secure golden key”
  • 15.
  • 16. Legislation •  Many countries around the world are considering legislation that would either – mandate backdoors, – mandate access to plaintext or – endanger encryption.
  • 17. UK Snooper’s Charter •  Purports to regulate telecommunications operators all around the world •  § 189(4)(c): Operators may be obligated to remove “electronic protection” if they provided –  Could be interpreted to require weakening encryption, holding a key or banning end-to-end
  • 18. Australia’s Defence Trade Controls Act •  Prohibits the “intangible supply” of encryption technologies. •  Many ordinary teaching and research activities could be subject to unclear export controls with severe penalties. •  International Association for Cryptologic Research organized petition against, signed 100s of experts
  • 19. India Considers An Encryption Policy •  In September, India released a draft National Encryption Policy –  Everyone required to store plain text –  Info kept for 90 days –  Made available to law enforcement agencies as and when demanded •  Withdrawn after criticism
  • 20. China’s Anti-Terrorism Law •  Passed last year •  Draft version required tech companies to hand over encryption codes •  Final version: “shall provide technical interfaces, decryption and other technical support”
  • 21. Obama: No Backdoor Bill •  We “will not —for now—call for legislation requiring companies to decode messages for law enforcement.” •  But… –  Leaked National Security Council memo from Thanksgiving 2015
  • 22. All Writs Act Litigation •  Apple v. FBI –  This is the San Bernardino iPhone case –  Also, a case in EDNY
  • 23. Other Litigation •  Wiretap Act litigation may be coming –  New York Times report re: WhatsApp •  There may be FISA Court orders –  EFF just this week filed a FOIA case to get access to them
  • 24. Burr-Feinstein Bill •  Would require providers to decrypt on demand –  Criminal and civil penalties •  Applies to comms, storage, and licensing –  This includes app stores and open source •  Not just e2e and FDE –  This would outlaw computers as we know them
  • 25. Burr-Feinstein Bill •  Problematic on every level –  Unconstitutional –  Would break the Internet –  Would cripple American business – Would be totally ineffective!
  • 26. 2016 •  What are we looking at? –  Key escrow mandate •  I don’t think this is actually going to happen. – Burr-Feinstein •  This definitely won’t happen (in the current form) –  We don’t care how, just make plaintext available. •  Now I will go into prediction mode.
  • 27. 2016 •  But what is actually likely? –  Informal pressure –  No ban will reach FOSS crypto –  CALEA-like mandate –  India/Australia/UK may do dumb things –  It’s not going to stop anyone with even a modicum of sophistication from “going dark”
  • 28. 2016 Defaults, not primitives Backdoor pressure, not backdoor mandates Any mandate will affect only the masses We’ll get court rulings for the first time
  • 29. Questions? Nate Cardozo Senior Staff Attorney, EFF nate@eff.org @ncardozo 783A 8CC4 166D 1768 4E8E DAFD 2D76 4786 4AE6 3181