In the final days of 2022, President Biden signed into law the “Quantum Computing Cybersecurity Preparedness Act”. The Act recognizes that current encryption protocols used by the federal government might one day be vulnerable to compromise as a result of quantum computing, which could allow adversaries of the United States to steal sensitive encrypted data. To address these concerns, the Act will require an inventory and prioritization of vulnerable information technology in use by federal agencies; a plan to migrate existing information technology systems; and reports to Congress on the progress of the migration and funding required.
Senators Lindsey Graham (R-S.C.), Tom Cotton (R-Ark.) and Marsha Blackburn (R-Tenn.) have introduced the Lawful Access to Encrypted Data Act, a bill that would require tech companies to assist law enforcement in executing search warrants that seek encrypted data. The bill would apply to law enforcement efforts to obtain data at rest as well as data in motion. It would also apply to both criminal and national security legal process. This proposal comes in the wake of the Senate Judiciary Committee’s December 2019 hearing on encryption and lawful access to data. According to its sponsors, the purpose of the bill is to “end the use of ‘warrant-proof’ encrypted technology . . . to conceal illicit behavior.”…
Continue Reading Lawful Access to Encrypted Data Act Introduced
In a decision that defines how the Fourth Amendment applies to information collected in the digital age, the Supreme Court today held that police must use a warrant to obtain from a cell phone company records that detail the location and movements of a cell phone user. The opinion in Carpenter v. United States limits the application of the third-party doctrine, holding that a warrant is required when an individual “has a legitimate privacy interest in records held by a third party.”
The 5-4 decision, written by Chief Justice John Roberts, emphasizes the sensitivity of cell phone location information, which the Court described as “deeply revealing” because of its “depth, breadth, and comprehensive reach, and the inescapable and automatic nature of its collection.” Given its nature, “the fact that such information is gathered by a third party does not make it any less deserving of Fourth Amendment protection,” the Court held.
Continue Reading IoT Update: Supreme Court’s Carpenter Decision Requires Warrant for Cell Phone Location Data