Law Enforecement

A View to the Development of the FAA’s Ban on the Use of Galaxy 7 Phones on Airplanes.

Joshua Wold, MJLST Staffer

Samsung’s Galaxy Note 7 has problems. Under normal charging and use conditions, the battery in some devices can start on fire. As of September 1, Samsung reported that 35 of these problems had come to its attention, and more have been reported since that time. Samsung has already begun a recall—officially a “replacement program”—offering to replace the potentially dangerous devices with new ones. At the same time, US government agencies are also moving to prevent the harm that a malfunction from these devices could cause.

The Federal Aviation Administration (FAA) has not banned the device from airplanes. According to Matt Novak at Gizmodo, the FAA stated on September 6th that it was “working on guidance related to this issue,” and said, “If the device is recalled by the manufacturer, airline crew and passengers will not be able to bring recalled batteries or electronics that contain recalled batteries in the cabin of an aircraft, or in carry-on and checked baggage.” On September 8th, the FAA issued a statement “strongly” advising airline passengers to keep the devices off, not charge them while aboard, and to keep them out of checked baggage.

Then, on September 9th the Consumer Product Safety Commission (CPSC) put out a press release urging Galaxy Note 7 owners to power off the device, and not to charge or use it. The press release indicated that it was cooperating with Samsung “to formally announce an official recall of the devices, as soon as possible.”

Based on the comments made to Gizmodo, the FAA appeared unwilling to ban the device until the official recall was put into effect. This is understandable. Cell phones are a significant part of modern life. Nearly every person getting onto a plane is carrying at least one. TSA would thus be forced to distinguish between types of cell phones. Its task would be complicated by cases and other types of personalization which obscure the appearance of a cell phone.

Even more challenging, however, is the fact that some versions of the Note 7 have a battery which is not prone to overheating, and poses no threat. Unless these safe phones were to also be banned, security personnel would need to determine which battery was in a phone in order to know if it were permissible. People want to have their phones when they get wherever they are flying to, and banning a safe phone because it looks like an unsafe phone seems like a sure recipe for passenger dissatisfaction.

It may seem that a ban is be appropriate despite the difficulties. Certainly, the potential for harm is significant. A widely circulated photo of a Jeep engulfed in flames is evocative of the threat, and airline passengers have gotten used to restrictions on items which seem to pose even less risk than an exploding phone. FAA’s suggestion that those with Note 7 phones simply turn them off and not charge them may have had the potential to eliminate the threat. On the one hand, it was only a strong recommendation, and not a rule. On the other hand, with airlines repeating the FAA’s warning, it seems unlikely that many people would have failed to take it seriously.

On the 15th of September, the situation changed further, as the CPSC announced an official recall. With that decision, the ground mentioned to Gizmodo for not instituting a ban disappeared. Considering  some data (which can be found here), suggesting that people aren’t really taking Samsung’s warnings seriously, it seemed very likely that the FAA would decide to strengthen their recommendation against use to a prohibition on use, or even a prohibition on flying with the phones at all.

On the next day, September 16th, the FAA banned use of the phone on airplanes, but not the phones themselves. This new policy fits with the reality of modern cellphone use, that people rely on their phones, even if they are fire hazards. While this move takes the pressure off the TSA (which is probably a good move in terms of the overall happiness of air travelers), the regulation (which can be found here) doesn’t specifically mention the Galaxy Note 7, but refers instead to “defective or recalled” lithium batteries.

Of course, this creates the same sort of enforcement problems as appeared with earlier recommendations: can airline staff identify a Galaxy Note 7 with such “defective or recalled” lithium batteries? The FAA itself notes that it is difficult to distinguish between phones which have had the battery replaced and those which are still risked. The FAA’s recommendation on how to manage this problem is pretty general, and it essentially boils down to training of airline staff, and provision of information to airline passengers. One hopes that this is sufficient.


The Federal Government Wants Your iPhone Passcode: What Does the Law Say?

Tim Joyce, MJLST Staffer

Three months ago, when MJLST Editor Steven Groschen laid out the arguments for and against a proposed New York State law that would require “manufacturers and operating system designers to create backdoors into encrypted cellphones,” the government hadn’t even filed its motion to compel against Apple. Now, just a few weeks after the government quietly stopped pressing the issue, it almost seems as if nothing at all has changed. But, while the dispute at bar may have been rendered moot, it’s obvious that the fight over the proper extent of data privacy rights continues to simmer just below the surface.

For those unfamiliar with the controversy, what follows are the high-level bullet points. Armed attackers opened fire on a group of government employees in San Bernardino, CA on the morning of December 2, 2015. The attackers fled the scene, but were killed in a shootout with police later that afternoon. Investigators opened a terrorism investigation, which eventually led to a locked iPhone 5c. When investigators failed to unlock the phone, they sought Apple’s help, first politely, and then more forcefully via California and Federal courts.

The request was for Apple to create an authenticated version of its iOS operating system which would enable the FBI to access the stored data on the phone. In essence, the government asked Apple to create a universal hack for any iPhone operating that particular version of iOS. As might be predicted, Apple was less than inclined to help crack its own encryption software. CEO Tim Cook ran up the banner of digital privacy rights, and re-ignited a heated debate over the proper scope of government’s ability to regulate encryption practices.

Legal chest-pounding ensued.

That was the situation until March 28, when the government quietly stopped pursuing this part of the investigation. In its own words, the government informed the court that it “…ha[d] now successfully accessed the data stored on [the gunman]’s iPhone and therefore no longer require[d] the assistance from Apple Inc…”. Apparently, some independent governmental contractor (read: legalized hacker) had done in just a few days what the government had been claiming from the start was impossible without Apple’s help. Mission accomplished – so, the end?

Hardly.

While this one incident, for this one iPhone (the iOS version is only applicable to iPhone 5c’s, not any other model like the iPhone 6), may be history, many more of the same or substantially similar disputes are still trickling through the courts nationwide. In fact, more than ten other federal iPhone cases have been filed since September 2015, and all this based on a 227 year old act of last resort. States like New York are also getting into the mix, even absent fully ratified legislation. Furthermore, it’s obvious that legislatures are taking this issue seriously (see NYS’s proposed bill, recently returned to committee).

Although he is only ⅔ a lawyer at this point, it seems to this author that there are at least three ways a court could handle a demand like this, if the case were allowed to go to the merits.

  1. Never OK to demand a hack – In this situation, the courts could find that our collective societal interests in privacy would always preclude enforcement of an order like this. Seems unlikely, especially given the demonstrated willingness in this case of a court to make the order in the first place.
  2. Always OK to demand a hack – Similar to option 1, this option seems unlikely as well, especially given the First and Fourth Amendments. Here, the courts would have to find some rationale to justify hacking in every circumstance. Clearly, the United States has not yet transitioned to Orwellian dystopia yet.
  3. Sometimes OK to demand a hack, but scrutiny – Here, in the middle, is where it seems likely we’ll find courts in the coming years. Obviously, convincing arguments exist on each side, and it seems possible reconcile infringing personal privacy and upholding national security with burdening a tech company’s policy of privacy protection, given the right set of facts. The San Bernardino shooting is not that case, though. The alleged terrorist threat has not been characterized as sufficiently imminent, and the FBI even admitted that cracking the cell phone was not integral to the case and they didn’t find anything anyway. It will take a (probably) much more scary scenario for this option to snap into focus as a workable compromise.

We’re left then with a nagging feeling that this isn’t the last public skirmish we’ll see between Apple and the “man.” As digital technology becomes ever more integrated into daily life, our legal landscape will have to evolve as well.
Interested in continuing the conversation? Leave a comment below. Just remember – if you do so on an iPhone 5c, draft at your own risk.


“DRONE WARS”: THE BATTLE FOR MIDWESTERN SKIES

Travis Waller, MJLST Staffer

Given the new Star Wars: The Force Awakens film upcoming this December, introducing a discussion on recent policies involving drone regulation seemed like a worthwhile addition to this week’s blog.

While the robotic “drones” of our day and age are certainly not cut from the same titanium alloy as George Lucas’ quasi-humanoid “droid” characters in many of his films, North Dakota may well be on it’s way to starting it’s own “robotic army” of sorts.

A friend and colleague from the University of Connecticut School of Law brought to my attention an article by Ben Woods, discussing the 2015 ND House Bill proposing the arming of drones with “non-lethal weaponry” for police functions. With the shocking amount of police deaths reported in this country last year, North Dakota may well be leading the way in finding an innovative alternative to placing human officers in potentially dangerous confrontations. However, this benefit does not come without a cost. As presented in a segment by Ashley Maas of the NY Times, drone regulation is still up in the air (excuse the pun). Only within the last year has the FAA determined that they are able to take action against civilian violators of drone regulations.

Moreover, with recent reports involving the hacking of automated vehicles, as well as Maas’ examples of civilians using drone technology for less than constructive purposes, placing dangerous technology on these machines may well develop into a major public policy concern.

While it is this author’s humble opinion that a fair amount of time exists before we, as a people, need be concerned with an Invasion of Naboo type situation, this may be exactly the type of situation where more time is needed to allow for the security measures around the technology, as well as the legal infrastructure surrounding drone regulation, to catch up to the state legislatures hopes for drone usage. As the matter stands now, allowing drones to be used in a police capacity risks a host of possible problems, including potential 4th amendment violations, and even increasing an already shockingly high risk of civilian causalities related to police activity.

With the law having already gone into effect on August 1st of this year, we will just have to wait and see how these issues play out.

Until next time,

-Travis

*Special Thanks to Monica Laskos, University of Connecticut School of Law ’17, for the idea to pursue this topic.


Are Warrantless Cell Phone Searches Constitutional?

Jennifer Warfield, MJLST Staff

In “Constitutionalizing Email Privacy by Information Access” from Volume 9, Issue 1 of the Minnesota Journal of Law, Science, & Technology, Manish Kumar discussed the unique Fourth Amendment issues raised by governmental access to electronic communications, specifically emails. Similar privacy issues are now being analyzed and reviewed by the Supreme Court in the context of warrantless searches of cell phones by law enforcement in two cases: Riley v. California, No. 13-132 and United States v. Wurie, No. 13-212.

The courts have traditionally allowed warrantless searches pursuant to the Search of Person Incident to Arrest (SPIA) exception to the Fourth Amendment. Under this doctrine a police officer may search an arrestee’s person incident to the arrest and seize and search any personal property in his or her possession at the time of the arrest. Such searches are justified under the theory that they protect officers by allowing them to search for weapons and preserve evidence. The Fourth, Fifth, Seventh, and Tenth Circuits have upheld warrantless searches of cell phones under the SPIA doctrine on the grounds that a cell phone is analogous to a container like a backpack or wallet, which the Supreme Court has long deemed searchable. Other courts have held that modern cell phones cannot be compared to traditional containers given the vast amount of sensitive data contained within them, and that less intrusive measures can be used in the name of data preservation such as Faraday Bags or “airplane mode,” which both prevent internet signals from reaching a phone to prevent remote wiping.

The specific issues before the Supreme Court in Riley and Wurie are respectively: 1) whether the Defendant’s Fourth Amendment rights were violated when he was convicted for attempted murder based on the police’s search of his smartphone after he was pulled over for having an expired auto registration; and 2) whether evidence gathered after the police inspected a drug dealer’s call log should have been thrown out by the federal appeals court in Boston. These cases provide the Supreme Court an opportunity to clarify the meaning of the Fourth Amendment in the age of smartphones, and will shed light on how similar devices like tablets and laptops will be treated by courts and police officers in the future.


Breathalyzers v. Blood-Alcohol Tests

Jenny Nomura, MJLST Managing Editor

In the MJLST volume 11 spring edition, David Liebow discussed the difficulties of obtaining the source code of breathalyzers in DWI cases. In his note “DWI Source Code Motions after Underdahl” Liebow argues for easier breathalyzer source code access for DWI defendants. Obtaining the breathalyzer source code could help DWI defendants show the unreliability of the machine. In the years following the note, not much appears to have changed. And in some states it might not change for a long time, if ever.

The Minnesota Supreme Court received a case in which the source code of the Intoxilyzer 5000EN was in question (In re Source Code Evidentiary Hearings in Implied Consent Matters, 816 N.W.2d 525 (Minn. 2012)). The District Court had accepted the testimony of the state’s expert witness that the device was accurate, and the Minnesota Supreme Court affirmed that holding. In a dissent, Justice Page stated that “a defendant may not raise the source code as a potential cause of an inaccurate or deficient sample.” Other states have reached a very different conclusion: that maybe breathalyzers shouldn’t be relied on. In Pennsylvania, a county judge held breathalyzers were not accurate above a reading of 0.15.

So what does the future hold for breathalyzers? There is a tangle of recent case law that might play a role in determining whether police use breathalyzers or blood-alcohol tests. In Pennsylvania, police have switched from relying on breathalyzers to blood-alcohol tests in response to the county judge ruling. However, in a recent United States Supreme Court case, Missouri v. McNeely, 133 S. Ct. 1552 (2013), the Court held police must obtain a search warrant or have exigent circumstances to have a blood-alcohol test done for a person arrested for a DWI. That case seems to push police back to relying on breathalyzers. But the Minnesota Supreme Court held in Minnesota v. Brooks, 838 N.W.2d 563 (Minn. 2013) that Brooks gave consent voluntarily and freely at the time of the arrest to submit to the blood-alcohol test, and therefore the police didn’t need a search warrant or exigent circumstances.

If police officers are able to obtain a blood-alcohol test, then the prosecution might not need to rely on the breathalyzer results in order to obtain a conviction. If the breathalyzer results “don’t matter” (“don’t matter” in the sense that the results aren’t used as evidence in court) then maybe the source code of the breathalyzer machines also “doesn’t matter.” Maybe the new focus will be on the blood-alcohol tests.


It’s a bird, no, it’s a plane, no, it’s … an Amazon delivery-drone?

by Katelyn DeRuyter, UMN Law Student, MJLST Note and Comment Editor

I recently typed “legal issues drone usage” into Google and was surprised by what I found. Along with several articles on the U.S.’s drone program (as expected), I was also greeted by reports of an Amazon project to have unmanned aerial drones make deliveries. For those who don’t know, Amazon is an online retailer of … well, almost everything. This drone project, first announced on CBS’ ’60 Minutes’, is called “Prime Air” and may be viable in as few as 4-5 years. While there is wide speculation over whether this project is real or just a publicity stunt, it does present some interesting legal and law-enforcement considerations.

First, the reported facts:

The drones would be autonomous, meaning they would not be remotely piloted. Rather, the small rotorcrafts would use GPS technology to travel to and from delivery addresses. The drones currently being tested have a range of 10 miles and can lift packages weighing up to 5 lbs. Such packages account for approximately 86% of Amazon’s deliveries. It is easy to see the business advantages of such a delivery program. However, is this program currently legal?

The Legal Landscape:

Police and various governmental organizations are allowed to fly drones as long as they have obtained FAA approval. Non-governmental use of drones is limited to hobbyists and there are strict restrictions. For example, hobby drones cannot go above 400 feet and must stay within the operator’s sight. This will soon change. In early 2012, Congress passed the Reauthorization Act, a $63 billion funding bill for 4 years of FAA funding. One of the provisions of this Act is that the FAA must allow for the wider use of drones for both governmental and commercial use. Specifically, the FAA must allow for commercial use of drones by Sept. 30, 2015.

Given the Reauthorization Act, it seems probable that Amazon’s Prime Air, and other similar programs, may soon be legal. However, are such programs advisable? Along with potential liability issues if the drones malfunction and cause injury, there are broader policy issues to be addressed.

Law Enforcement Challenges:

The ability for drone deliveries may be a vast complication for law enforcement. By cutting out USPS, FedEx, UPS and other more “traditional” shipping methods, drone deliveries may also circumvent a lot of the screening and tracking that occurs with shipping. These screening and tracking systems are vital to law enforcement’s efforts to detect, stop and prosecute a variety of crimes – spanning from drug trafficking to bioterrorism.

If the law enforcement hurdles can be overcome, and I think it is likely that they can, drone-deliveries will probably become commonplace. It will be interesting to watch how the law adapts to fit this evolving technology.

Please feel free to leave any comments and thoughts!


Cybersecurity: Serious threat or “technopanic”?

by Bryan Dooley, UMN Law Student, MJLST Staff

Thumbnail-Bryan-Dooley.jpgWhile most would likely agree that threats to cybersecurity pose sufficient risk to warrant some level of new regulation, opinions vary widely on the scope and nature of an appropriate response. FBIwebsite-sm-border.jpgThe Cyber Intelligence Sharing and Protection Act, one of several proposed legislative measures intended to address the problem, has drawn widespread criticism. Concerns voiced by opponents have centered on privacy and the potential for misuse of shared information. Some fear the legislation creates the potential for additional harm by allowing or encouraging private parties to launch counterattacks against perceived security threats, with no guarantee they will always hit their intended targets.

In Technopanics, Threat Inflation, and the Danger of an Information Technology Precautionary Principle</strong>, published in Issue 14.1 of the Minnesota Journal of Law, Science & Technology, Adam Thierer discusses the danger of misguided regulation in response to new and potentially misunderstood technological developments. The discussion centers on what Thierer terms “technopanics”–hasty and often irrational pushes to address a problem in the face of uncertainty and misinformation, sometimes intentionally disseminated by parties who hope to benefit financially or advance a social agenda.

In the context of cyber security, Thierer argues that advocates of an aggressive regulatory response have exaggerated the potential for harm by using language such as “digital Pearl Harbor” and “cyber 9/11.” He argues technopanics have influenced public discourse about a number of other issues, including online pornography, privacy concerns associated with targeted advertising, and the effects of violent video games on young people. While these panics often pass with little or no real lasting effect, Thierer expresses concern that an underlying suspicion toward new technological developments could mature into a precautionary principal for information technology. This would entail a rush to regulate in response to any new development with a perceived potential for harm, which Thierer argues would slow social development and prevent or delay introduction of beneficial technologies.

It’s an interesting discussion. Whether or not cyber attacks pose the potential for widespread death and destruction, there is significant potential for economic damage and disruption, as well as theft or misuse of private or sensitive information. As in any case of regulation in the face of uncertainty, there is also clear potential that an overly hasty or inadequately informed response will go too far or carry unintended consequences.


Threats From North Korea: Switching Our Focus From Nuclear Weapons To Websites

by Bryan Morben, UMN Law Student, MJLST Staff

Thumbnail-Bryan-Morben.jpgThere has been a lot of attention on North Korea and the possibility of a nuclear war lately. In fact, as recently as April 4, 2013, news broke that the increasingly hostile country moved medium-range missiles to its east coastline. It is reported that the missiles do not have enough range to hit the U.S. mainland, but is well within range of the South Korean capital. Tensions have been running high for several months, especially when the North took the liberty to shred the sixty year old armistice that ended the Korean War, and warned the world that “the next step was an act of ‘merciless’ military retaliation against its enemies.”

But perhaps the use of physical force by leader Kim Jong Un is not the only, or even the most important threat, from North Korea that the United States and its allies should be worried about. Despite the popular impression that North Korea is technologically inept, the regime boasts a significant cyber arsenal. The country has jammed GPS signals and also reportedly conducted cyber terrorism operations against media and financial institutions in the South. North Korea employs a host of sophisticated computer hackers capable of producing anonymous attacks against a variety of targets including military, governmental, educational, and commercial institutions. This ability to vitiate identity is one of the most powerful and dangerous parts about cyber warfare that isn’t possible in the physical world.

Susan Brenner is an expert in the field cyberwar, cybercrime, and cyber terrorism. She has been writing about how and why the institutions modern nation-states rely on to fend off the threats of war, crime, and terrorism have become ineffective as threats have migrated into cyberspace for over half a decade. Her article, Cyber-threats and the Limits of Bureaucratic Control, in Issue 14.1 of the Minnesota Journal of Law, Science & Technology outlines why we need a new threat-control strategy and how such a strategy could be structured and implemented. A strategy like the one Brenner recommends could help protect us from losing a cyberbattle with North Korea that most people aren’t even aware could happen.


Time for a New Approach to Cyber Security?

by Kenzie Johnson, UMN Law Student, MJLST Managing Editor

Kenzie Johnson The recent announcements by several large news outlets including the New York Times, Washington Post, Bloomberg News, and the Wall Street Journal reporting that they have been the victims of cyber-attacks have yet again brought cyber security into the news. These attacks reportedly all originated in China and were aimed at monitoring news reporting of Chinese issues. In particular, the New York Times announced that Chinese hackers persistently attacked their servers for a period of four months and obtained passwords for reporters and other Times employees. The Times reported that the commencement of the attack coincided with a story it published regarding mass amounts of wealth accumulated by the family of Chinese Prime Minister Wen Jiabao.

It is not only western news outlets that are the targets of recent cyber-attacks. Within the past weeks, the United States Department of Energy and Federal Reserve both announced that hackers had recently penetrated their servers and acquired sensitive information.

This string of high-profile cyber-attacks raises the need for an improved legal and response structure to deal with the growing threat of cyber-attacks. In the forthcoming Winter 2013 issue of Minnesota Journal of Law, Science, and Technology, Susan W. Brenner discusses these issues in an article entitled “Cyber-Threats and the Limits of Bureaucratic Control.” Brenner discusses the nature, causes, and consequences of cyber-threats if left unchecked. Brenner also analyzes alternative approaches to the United States’ current cyber-threat control regime, criticizes current proposals for improvements to the current regime, and proposes alternative approaches. As illustrated by these recent cyber-attacks, analysis of these issues is becoming more important to protect sensitive government data as well as private entities from cyber-threats.


Free Consortium Event, Nov. 15: Should the Science of Adolescent Brain Development Inform Legal Policy?

by MJLST

mjlst-logo-button.pngStudies of adolescent brain development have influenced debates on issues such as the constitutionality of the juvenile death penalty, if sentencing juveniles to life without the possibility of parole is moral, to whether states should raise the legal driving age, to permitting minors to obtain an abortion without parental consent. In this lecture, Prof. Steinberg will examine whether burgeoning research on adolescent brain development should influence legal policy.

Prof. Laurence Steinberg, PhD, Distinguished University Professor and Laura H. Carnell Professor of Psychology at Temple University will offer an overview of the major changes in brain structure and function that take place during adolescence, and discuss what we do, and do not, gain with respect to our understanding of adolescence from neuroscience beyond what we already know from behavioral science. After applying this analysis to the specific case of adolescent criminal culpability, he will consider how developmental neuroscience might influence questions concerning the drawing of legal age boundaries more generally.

Commentators include Susanna Blumenthal, JD, Ph.D., Associate Professor of Law and History University of Minnesota and A. David Redish, PhD, Professor, Department of Neuroscience University of Minnesota. Moderators include Michael Georgieff, MD, Professor of Pediatrics and Child Psychology; Steve Kelley, JD, Senior Fellow, Humphrey School of Public Affairs; and Akshay Rao, PhD, Professor, Carlson School of Management

Thursday, November 15, 2012
11:30am-1pm
Coffman Memorial Union Theater