Author: Paul Ohm


Mind the Gap (Symposium on Configuring the Networked Self)

Julie Cohen has written a great book, perhaps the most important Cyberlaw book since Code. I say this even though I recognize the many virtues of Cyberlaw books written by Jonathan Zittrain, Tim Wu, Yochai Benkler, and Barbara van Schewick, privacy books written by Dan Solove, Lior Strahilevitz, Viktor Mayer-Schönberger, and many other books published recently. But not since Code has one book challenged the way we conceptualize and try to solve technology problems as much or as well as this book does.

In this post, I want to focus on “semantic discontinuity,” the label Cohen gives to the most novel and interesting construct in the book. Semantic discontinuity is one of three “principles that should inform the design of legal and technical architectures,“ along with “access to knowledge” and “operational transparency.” In her words, “semantic discontinuity is the opposite of seamlessness. . . . It is a function of interstitial complexity within . . . institutional and technical frameworks.” It serves a “vital” function, “creat[ing] space for the semantic indeterminacy that is a vital and indispensable enabler of the play of everyday practice.” (Kindle location 4288)

In other words, semantic discontinuity valorizes noise, inefficiency, constraints, and imperfections. As this list illustrates, the most striking thing about this book is the size of the herd of sacred cows it leads to the slaughter.

Read More


Jones is a Near-Optimal Result

Thanks to Danielle for inviting me to post my thoughts. I’ll try to come up with some new, original thoughts in a later post, but to start, let me offer an abridged version of what I posted yesterday on my home blog, Freedom to Tinker.

I think the Jones court reached the correct result, and I think that the three opinions represent a near-optimal result for those who want the Court to recognize how its present Fourth Amendment jurisprudence does far too little to protect privacy and limit unwarranted government power in light of recent advances in surveillance technology. This might seem counter-intuitive. I predict that many news stories about Jones will pitch it as an epic battle between Scalia’s property-centric and Alito’s privacy-centric approaches to the Fourth Amendment and quote people expressing regret that Justice Alito didn’t instead win the day. I think this would focus on the wrong thing, underplaying how the three opinions–all of them–represent a significant advance for Constitutional privacy, for several reasons:

  1. Justice Alito?
  2. Maybe I’m not a savvy court watcher, but I did not see this coming. The fact that Justice Alito wrote such a strong privacy-centric opinion suggests that future Fourth Amendment litigants will see a well-defined path to five votes, especially since it seems like Justice Sotomayor will likely provide the fifth vote in the right future case.

  3. Justice Scalia and Thomas showed restraint.
  4. The majority opinion goes out of its way to highlight that its focus on property is not meant to foreclose privacy-based analyses in the future. It uses the words “at bottom” and “at a minimum” to hammer home the idea that it is supplementing Katz not replacing it. Maybe Justice Scalia did this to win Justice Sotomayor’s vote, but even if so, I am heartened that neither Justice Scalia nor Justice Thomas thought it necessary to write a separate concurrence arguing that Katz’s privacy focus should be replaced with a focus only on property rights.

  5. Justice Sotomayor does not like the third-party doctrine.
  6. It’s probably best here just to quote from the opinion:

    More fundamentally, it may be necessary to reconsider the premise that an individual has no reasonable expectation of privacy in information voluntarily disclosed to third parties. E.g., Smith, 442 U.S., at 742; United States v. Miller, 425 U.S. 435, 443 (1976). This approach is ill suited to the digital age, in which people reveal a great deal of information about themselves to third parties in the course of carrying out mundane tasks. People disclose the phone numbers that they dial or text to their cellular providers; the URLs that they visit and the e-mail addresses with which they correspond to their Internet service providers; and the books, groceries, and medications they purchase to online retailers. Perhaps, as JUSTICE ALITO notes, some people may find the “tradeoff” of privacy for convenience “worthwhile,” or come to accept this “dimunition of privacy” as “inevitable,” post, at 10, and perhaps not. I for one doubt that people would accept without complaint the warrantless disclosure to the Government of a list of every Web site they had visited in the last week, or month, or year. But whatever the societal expectations, they can attain constitutionally protected status only if our Fourth Amendment jurisprudence ceases to treat secrecy as a prerequisite for privacy. I would not assume that all information voluntarily disclosed to some member of the public for a limited purpose is, for that reason alone, disentitled to Fourth Amendment protection.

    Wow. And Amen. Set your stopwatches: the death watch for the third-party doctrine has finally begun.

  7. The wrong case for a privacy overhaul of the Fourth Amendment.
  8. Most importantly, I’ve had misgivings about using Jones as the vehicle for fixing what is broken with the Fourth Amendment. GPS vehicle tracking comes laden with lots of baggage–practical, jurisprudential and atmospheric–that other actively litigated areas of modern surveillance do not. GPS vehicle tracking happens on public streets, meaning it runs into dozens of Supreme Court pronouncements about assumption of risk and voluntarily disclosure. It faces two prior precedents, Karo and Knotts, that need to be distinguished or possibly overturned. It does not suffer (as far as we know) from a long history of use against innocent people, but instead seems mostly used to track fugitives and drug dealers.

    For all of these reasons, even the most privacy-minded Justice is likely to recognize caveats and exceptions in crafting a new rule for GPS tracking. Imagine if Justice Sotomayor had signed Justice Alito’s opinion instead of Justice Scalia’s. We would’ve been left with a holding that allowed short-term monitoring but not long-term monitoring, without a precise delineation between the two. We would’ve been left with the possible new caveat that the rules change when the police investigate “extraordinary offenses,” also undefined. These unsatisfying, vague new rules would have had downstream negative effects on lower court opinions analyzing URL or search query monitoring, or cell phone tower monitoring, or packet sniffing.

    Better that we have the big “reinventing Katz” debate in a case that isn’t so saddled with the confusions of following cars on public streets. I hope the Supreme Court next faces a surveillance technique born purely on the Internet, one in which “classic trespassory search is not involved.” If the votes hold from Jones, we might end up with what many legal scholars have urged: a retrenchment or reversal of the third-party doctrine; a Fourth Amendment jurisprudence better tailored to the rise of the Internet; and a better Constitutional balance in this country between privacy and security.


The Master Switch Symposium: Network Neutrality and Human Flourishing

Since launching the Network Neutrality debate, Tim Wu has continued to play an invaluable role, constantly reminding us that the debate is about more than just economics. Too many experts on both sides of the debate view things solely through an economic lens, which has led us to intractable differences. As I have argued elsewhere, because respected economists line up on both sides, it is very hard to tell whether mandatory network neutrality will, on net, enhance or reduce innovation.

In The Master Switch, a fascinating and important book, Wu argues powerfully that policies like net neutrality are necessary also to protect noneconomic ideals like free speech. (He highlights other benefits of neutrality, most importantly the way it helps us resist tyranny, in his chapter on AT&T’s role in the NSA wiretapping program, but he left me wanting more from this example.) Although free speech is of paramount importance, I think this book provides a welcome opportunity to focus on other noneconomic benefits and values beyond free speech that are also today at risk in the battlefields of neutrality.

Read More


My Work Here Is Done

Now that Verizon and AT&T have pledged not to track customer web behavior without explict consent, I feel like my work here is done. 😉 (Too bad DOJ still has yet to indict anybody for the Palin e-mail breach.)

Thanks again to Dan and the other Concurrers (?) for allowing me to visit again. There is much more I wanted to say, but I’ll save it for next time.

In the meantime, I have signed on to blog permanently over at Ed Felten’s Freedom to Tinker, so if you’re interested in tech policy, please add us to your RSS feed reader. (Although Ed introduced me over a week ago, I’ve been too busy to introduce myself to the ftt readers yet.)

I’d be interested to hear from anybody who has thoughts about the relative pros and cons of blogging on a website read mostly by non-lawyers. Although I’ll miss the deep comments section conversations about ECPA, I welcome the opportunity to speak directly to (and learn from) the computer science community reading Ed’s blog. Besides, I hope I can come back here from time to time to scratch my ECPA itch.


Big Breaks in the Palin E-mail Breach Investigation

The odds that the Feds will find the person who broke into Sarah Palin’s e-mail account are considerably better than I had thought they would have been, because someone who claims to have committed the crime has bragged about it to the infamous 4chan image hosting site. (Quick CoOp aside, every day I better appreciate how the paper by new permablogger Danielle Citron–who first introduced me to 4chan–on Cyber Civil Rights will be a must-read in this day of 4chan and Jason Fortuny.) Although the posts have been deleted, Kim Zetter has reproduced them for Wired’s Threat Level blog. First, the user known as “Rubico” bragged about how he had breached the Yahoo account by providing Governor Palin’s supposedly private answers to the questions posed by Yahoo’s password recovery scheme:

it took seriously 45 mins on wikipedia and google to find the info, Birthday? 15 seconds on wikipedia, zip code? well she had always been from wasilla, and it only has 2 zip codes (thanks online postal service!)

the second was somewhat harder, the question was “where did you meet your spouse?” did some research, and apparently she had eloped with mister palin after college, if youll look on some of the screenshits that I took and other fellow anon have so graciously put on photobucket you will see the google search for “palin eloped” or some such in one of the tabs.

I found out later though more research that they met at high school, so I did variations of that, high, high school, eventually hit on “Wasilla high” I promptly changed the password to popcorn and took a cold shower…

Oh, and about Rubico’s screenshots? They apparently reveal the URL bar of Rubico’s browser, which in turn reveals that Rubico had not been browsing Yahoo directly but had instead been using an anonymizing proxy service called Ctunnel. Good idea, right?, because Yahoo no doubt captures and preserves the IP addresses used to recover passwords. But although using Ctunnel may have been a good idea, advertising that fact on a screenshot, it turns out, was not:

Gabriel Ramuglia who operates Ctunnel, the internet anonymizing service the hacker used to post the information from Palin’s account to the 4chan forum, told Threat Level this morning that the FBI had contacted him yesterday to obtain his traffic logs. Ramuglia said he had about 80 gigabytes of logs to process and hadn’t yet looked for the information the FBI was seeking but planned to be in touch with the agents today.

Apparently, providing the screenshot in this case was a particularly dumb move. In another interview Ramuglia notes:

Usually, this sort of thing would be hard to track down because it’s Yahoo email, and a lot of people use my service for that . . . . Since they were dumb enough to post a full screenshot that showed most of the [] URL, I should be able to find that in my log.

There are more lessons here than are worth listing. A few, after the jump:

Read More


The Sarah Palin E-mail Privacy Act of 2009

As has been widely reported, Sarah Palin’s Yahoo e-mail account has been breached, and its contents have been posted to wikileaks. is posting excerpts from the e-mail messages including photographs.

As usual, Orin Kerr (with some assists from his merry band of commenters) is doing a great job fleshing out the legal analysis. A crime has been committed, there can be no doubt, and Yahoo!’s lawyers will probably be kept up late tonight receiving and responding to incoming subpoenas and court orders.

I wanted to come at this story from a slightly different angle: I predict that some day we will look back on this breach as a watershed event in the history of statutory Internet privacy. As Dan and many others have noted in their articles, Congress often enacts privacy protecting legislation only in the wake of salient, sensationalized, harmful privacy breaches. Thus, Judge Bork’s video rental records begat the Video Privacy Protection Act and the murder of actress Rebecca Schaeffer by a stalker with DMV records led, eventually, to the Drivers’ Privacy Protection Act.

Compared to these examples, the breach of Sarah Palin’s e-mail account is on a higher plane of salience and sensationalization. The most scrutinized woman in the country has dozens of her private correspondences pasted all over the blogs. Even if nothing is found in these messages which damages her or the campaign, and whether or not the perpetrators are caught, many will call for tougher privacy laws, and Congress and state legislatures will feel great pressure to deliver. And they won’t just be targeting the breachers–many will criticize the Gawkers and Wikileaks for helping disseminate the e-mail messages (if not the Kerrs and Ohms and Washington Posts for linking to Gawker), so expect a fierce First Amendment debate. I can even see calls to make IP addresses easier to track. Mandatory data retention, anyone?

If I am right about this, expect the E-mail Privacy Act of 2009, and expect it to be a blockbuster. If you’re an activist, government lawyer, e-mail provider, or scholar with an interest in information privacy, I advise you to start putting together your statutory wish lists.


Photos of Tumbling Stock Markets

It appears there are only so many ways to use photos to illustrate tumbling stock markets, because a few moments ago, the front page of the New York Times website carried this photo from Frankfurt taken by Daniel Roland/AP as its main image:


and the Washington Post highlighted this photo of a trader in Shanghai from Reuters:


There’s something particularly Hitchcockian about the photo from Frankfurt, with the menacing line graph creeping up from behind the harried trader.

Maybe this is the start of a new meme? If you spot other “traders in anguish in front of giant, depth-of-field-blurred, plummeting line graphs,” post them here.


The Greatest Threat to Privacy Part II: Why I Worry More About ISPs Than Google

In a prior post, I began to explain why ISPs pose the greatest threat to privacy in modern life. I argued that many ISPs are likely to begin to experiment with new, more invasive forms of surveillance relying, in part, on so-called Deep-Packet Inspection technology. I am grateful for the vigorous debate which followed in the comments, and I know my article will be much stronger once I incorporate what I have learned reading and responding to these comments.

The last post led only to the conclusion that ISPs pose a great threat to privacy, but to call this the greatest threat in society, I need to answer the question, “compared to what?” In particular, the most common response to my article I have heard is, “Doesn’t Google threaten privacy more?” In this post, let me explain why I worry more about the threat to privacy from ISPs than from Google.

Read More


Department Stores, Computer Forensics, and the Private Police


The September 1st issue of the New Yorker includes a fascinating article (not yet available online, but here’s the abstract) by John Colapinto about the high-tech, mini-police departments being set up by department store chains to catch shoplifters. The article, which focuses in particular on Target, veers for a brief moment into one of my areas of interest–computer forensics. Target has hired a “senior computer investigator” named Brent Pack, a former Army computer crime investigator who helped analyze the Abu Ghraib photographs. Why does Target need a computer investigator? Mr. Pack

analyzes digital storage devices seized from suspected retail-crime gangs–BlackBerrys, photo memory cards, cell phones, business servers, and desktop computers. . . . At the moment, Pack was analyzing a hard drive seized by the police in a phony-check-writing operation that had victimized Target stores. “I’m going through here and looking for any evidence of check-writing software on any of their hard drives,” he said, pointing to the computer screen, which showed a JPEG of a blank check

Is it proper for the police to delegate its forensic work to Target? The FBI agents I used to work with as a DOJ computer crimes prosecutor kept a tight leash on the data they had seized and were reluctant to share data with state and local cops, much less private parties. They justifiably worried about ensuring that non-FBI analysts were staying within the scope of the warrant, because courts have suppressed electronic evidence obtained outside of the scope of the warrant and have even thrown out all of the evidence obtained if the warrant was executed in flagrant disregard of its terms. I’m not saying that the use of a third-party forensic analyst should automatically result in a flagrant disregard ruling, but it will invite scrutiny.

And even if one can justify the use of private forensics specialists generally, shouldn’t the police refrain from giving 500 gigabytes of personal information to victims of crimes? Because victims–even corporate victims–have a strong incentive to solve the crimes committed against them, might they not feel more pressure than a cop to look beyond the scope of warrants, peering deeply into the private lives of data owners?

I am even more worried about a much more troubling possibility: Is Target seizing cellphones and laptops from suspected shoplifters? Discussing another, anonymous store, not Target, Colapinto describes how suspected shoplifters get hauled into interrogation rooms and questioned at length by former law enforcement agents. In addition to this, are store security personnel frisking suspects and seizing electronic devices? I can understand how a department store might be entitled to engage in a limited search to look for its stolen property, but does this justify the seizure, retention, and subsequent analysis of cell phones and laptops?

Reading this Article kept bringing me back to David Sklansky’s excellent article, The Private Police, 46 UCLA L. Rev. 1165 (1999) (abstract). A decade ago, Sklansky traced the rise of private police forces, focusing in particular on neighborhood patrol services starting with Pinkertonism in the 1800’s. He noted that as these entities play a greater role in policing society, this might give rise to the kind of invasions the Fourth (and Fifth and Sixth) Amendment was intended to prevent. If Target is seizing cell phones from suspected thieves–and I must stress that it is not clear from this article that they are–it realizes Sklansky’s fears.


The Greatest Threat to Privacy: The Internet Service Provider

I have recently posted on SSRN the article that ate my summer, The Rise and Fall of Invasive ISP Surveillance. I make many claims in this article, but the principal one, and the one I want to spend a few posts elaborating and defending, is found in the first sentence of the abstract: “Nothing in society poses as grave a threat to privacy as the Internet Service Provider (ISP).” In this first post, let me explain why ISPs pose an enormous threat to privacy:

Simply put, your ISP has the means, motive, and opportunity to scrutinize nearly every communication departing from and arriving to your Internet-connected computer:

Opportunity: Because your ISP serves as the gateway between your computer and the rest of the Internet, every e-mail message, IM, and tweet you send and receive; every web page and p2p-traded file you download; and every VoIP call you place travels first through your ISP’s routers.

Means: A decade ago, your ISP lacked the tools to efficiently analyze every communication crossing its network, because computers were relatively slow and networks were relatively fast. I use the analogy of the policeman on the side of the road, scrutinizing the passing cars. If the policeman is slow and the road is wide and full of speeding cars, the policeman won’t be able to keep up.

Over the past decade, while network bandwidth has increased, computer processing power has increased at a faster rate, and your ISP can now analyze more information, more inexpensively than before. The roads are wider today, but the policemen are smarter and more efficient. An entire industry–the deep-packet inspection industry–has arisen to provide hardware and software tools for massive, widespread, automated surveillance.

Motive: Third-parties are placing pressure on ISPs to spy on users in unprecedented ways. Advertisers are willing to pay higher rates for behavioral advertising. For example, Ikea will pay more to place an ad in front of people who have been recently surfing furniture websites. To enable behavioral advertising, companies like NebuAd and Phorm have been trying to convince ISPs to collect user web-surfing data they do not collect today. Similarly, the copyrighted content industries seem willing to pay ISPs to detect, report, and possibly block the transfer of copyrighted works.

Because of these three factors, ISPs are scrutinizing more information–and different forms of information–than they ever have before. AT&T has begun to consider monitoring for copyright violations; Charter Communications signed up with NebuAd, sparking a firestorm of publicity and legislative interest which pushed Charter to abandon the deal; and a few British ISPs have begun to use Phorm’s services. I predict that these examples presage a coming storm of unprecedented, invasive ISP monitoring.

In the next post, I will compare the threat to privacy from ISP monitoring to the threat from other entities, in particular, Google and Microsoft.