An Ongoing Lack Of Technical Prowess Is Resulting In Bad Laws, Bad Prosecutions, And Bad Judicial Decisions
from the ignorance-of-what-the-law-affects-is-the-perfect-excuse dept
Everyone in government is talking cyber-this and cyber-that, even though a majority of those talking don’t have the technical background to back up their assertions. This leads to dangerous lawmaking. The CFAA, easily one of the most abused computer-related laws, came into being thanks to some skittish legislators who’d seen one too many 80’s hacker films. (“WarGames,” to be specific.)
Faulty analogies have led to other erroneous legislative conclusions — like the comparison of email to snail mail — which has led to the government treating any unopened email as “abandoned” and accessible without a warrant.
But the problem goes further than the legislative branch. The executive branch hasn’t been much better in its grasp of technical issues, and the current slate of presidential candidates guarantees this won’t change for at least another four years.
The judicial branch has its own issues. On both sides of the bench, there’s very little technical knowledge. As more and more prosecutions become reliant on secretive, little-understood technical tools like cell tower spoofers, government-deployed malware, and electronic device searches, unaddressed problems will only multiply as tech deployment ramps up and infusions of fresh blood into the judicial system fail to keep pace.
Garrett M. Graff of Politico — in a piece written for the Washington Post — discusses how the government prosecutors’ lack of tech expertise is resulting in bogus investigations and Constitutional violations.
Last year, the FBI nearly destroyed the life of an innocent physicist. In May 2015, agents arrested Xi Xiaoxing, the chairman of Temple University’s physics department, and charged that he was sneaking Chinese scientists details about a piece of restricted research equipment known as a “pocket heater.” An illustrious career seemed suddenly to implode. A few months later, though, the Justice Department dropped all the charges and made an embarrassing admission: It hadn’t actually understood Xi’s work. After defense experts examined his supposed “leaks,” they pointed out that what he’d shared with Chinese colleagues wasn’t a restricted engineering design but in fact a schematic for an altogether different type of device.
It’s not just prosecutors. Graff notes that there’s no “pipeline” of lawyers who can read and understand code heading to either side of prosecutions, which means defendants will be at the mercy of judges’ interpretations of evidence and arguments. That’s bad news as well.
As documents have surfaced thanks to the Snowden leaks and the government being more forthcoming with FISA court decisions, it’s become apparent that judges issuing orders haven’t been fully apprised of the technical details of the NSA’s domestic surveillance programs.
The fallout from Edward Snowden’s revelations exposed numerous instances in which agency lawyers miscommunicated to courts about what the government was doing. There are two possible explanations: Either they willfully exploited judges’ lack of technical knowledge, or the lawyers themselves couldn’t fathom the programs they were trying to explain.
Irritated FISC judges have come down hard on the agency periodically, pointing out serious misrepresentations by the NSA’s lawyers. Unfortunately, these discoveries have always come well after the fact. In the periods between judicial benchslaps, the agency has acted with autonomy. Forgiveness is better than permission, especially when the person approving surveillance requests either doesn’t have all the information they need or is unable to interpret the information they’ve been provided.
The lack of expertise — and the lack of new talent flowing in — means this sort of thing will continue to happen far too often. Judges will be duped. Defendants will end up jailed because of the ignorance surrounding them. Bad analogies will shore up inadequate explanations. And, if you’re the sort who believes “accused” means “guilty,” the shortage of knowledgeable prosecutors will result in jaw-dropping “technicalities” returning suspected criminals to the streets.
In one recent prosecution of a security researcher accused of illegal hacking, an assistant U.S. attorney summarized the case to the court by saying, “He had to download the entire iOS system on his computer, he had to decrypt it, he had to do all of these things I don’t even understand.” The government ultimately lost the case.
So, what can be done to fix it? Not much. Only a few law schools offer classes in cybersecurity, coding, or other tech fields. Those that do have long waiting lists. The upside is that a technically-proficient law school grad should find plenty of opportunities awaiting them. The downside is that there’s not nearly as much money in the public sector as there is in the private. This may mean criminal defense will see a boost in knowledge, but that will only help those who can afford to hire top-tier lawyers.
The government, meanwhile, will likely continue to stumble over its own ignorance. Fortunately for government prosecutors, most judges are willing to cut government prosecutors a lot of slack, something only exacerbated by lawmakers pushing legislation targeting things they don’t even understand.
Filed Under: expertise, law, policy, politics, technology
Comments on “An Ongoing Lack Of Technical Prowess Is Resulting In Bad Laws, Bad Prosecutions, And Bad Judicial Decisions”
When you assume everyone else is guilty of something, its easy to build a case.
Re: Re:
Unless the person is under 3 years old, it’s probably a safe assumption that they are guilty of something.
Re: Re: Re:
Being an infant will not make any difference to these people.
Re: Re: Re:
Did you miss the story about the 8 month old denied boarding privileges because the name matched the list?
I wish McAfee had gotten the Libertarian nom. He’s a ding-dong, but at least he understands how computers work.
(I mean, yeah, he’s said some fairly dumb things, but I think most of those were intended as jokes. Like, when he said he was going to use social engineering to get into the San Bernardino shooter’s phone — obviously a joke, but the media reported it as if he’d been serious.)
I used to think that, as my generation got older and became lawmakers, lawyers, and judges, that would lead to a better understanding of technology among the people making, enforcing, and interpreting the laws.
Then I went to work at a university computer store. After a few months dealing, on a more-than-daily basis, with college-aged customers who didn’t know the difference between Windows and Office, it became quite clear to me that most people my age don’t understand computers any better than my grandparents do.
Sergey Aleynikov, case in point.
While he is cleared currently the prosecution clearly misunderstood what he did. The fact that the foss files were not Goldman Sachs property nor would GS files be useful in the new company (different structures, different machines, different – aka, not the same) was ignored – or more likely not understood by the legal sides.
According to wikipedia a new law was added to make his actions illegal, even if they still do not understand what happened. Trade secrets cannot involve foss. And they simply cannot understand that.
The current mindset of our government is punish any that they want to. Regardless of the facts.
Add to that the basis of his work is/was math which cannot be protected.
Re: Sergey Aleynikov, case in point.
The current mindset of our government is punish any that they want to. Regardless of the facts.
Never let facts get in the way of a good prosecution.
A matter of priorities
When all you care about is getting as many prosecutions as possible ignorance only becomes a problem when it decreases that number, and since that’s very much not the case then prosecutors don’t exactly have any reason to educate themselves.
It seems that stupidity *is* an excuse...
when you’re a part of the legal system. But, of course, ignorance of the law is no excuse for those outside of it.
Bunch of hypocrites.
Ridiculous patent
A Pocket Heater is patentable???? Wow!
Dear Uncle Sam: Way to Streisand!
I have kind of grown to hate the word “technical”. It’s definition has come to mean anything someone can’t be bothered to understand.
It’s called cyberbullshit.
Wargames
The funny thing about the nod to Wargames is how amazingly apt it is to the discussion at hand. Consider this:
The government creates a piece of technology that its own users (the US Air Force) does not actually understand. When it functions in a way that wasn’t intended, every solution the government proposes won’t work:
– Unplug it
– Just tell it to stop
– Explain to this machine the difference between reality and a game
And the solution that actually fixes the problem is a 100% technical solution borne from an understanding of the actual technology itself:
(spoiler…)
– Make it play tic-tac-toe against itself to teach it futility.
It really is a microcasm of what’s wrong with the government interfering with technology that it doesn’t understand – and why technical solutions, not legal ones, are the only options that actually work, and why you need technical people, not congressmen, to invent and implement them.
Of course, then they can’t campaign on the “success” of their law to “protect the children” on the “big bad internet” (mostly form themselves rather than any actual danger…) while conveniently omitting that their magical law totally broke the internet itself.
Re: Wargames
I’ve always found it annoying how they demonstrated Joshua’s brute forcing: how does the machine know the first digit is ‘C’ before having cracked the entire code? Wouldn’t it have been better to count down the number of tested permutations?
Re: Re: Wargames counting down.
They all did it back then. None of them understood the concept but they had to show something on the screen. Because movie.
The thing that is really funny is Ronnie The Ray Gun bought this hook line and sinker. One wonders if the Air Force used pass codes that worked like in the movie.
Re: Re: Wargames
True. Though that would’ve also totally confused the hell out of most (nearly all) of the audience.
People often forget how brute force code cracking actually works (or usually just don’t know in the first place.) The odds that the code would actually be the very LAST code that it tried are nearly 0%. But it would’ve been a very strange sense of dramatic tension for the movie if it was humming along, trying 10k attempts/second, and when it got around 5% through, boom, it has the code. Even though in a technically accurate movie, that’s WAY more likely to happen (the code began with a C, so since it’s a cipher with only upper case letters and numbers, it’s about 5% into the potential codes table.)
All that said, my point was simply to illustrate that Wargames, even if perhaps unintentionally, is actually a very apt analogy for why the government should stay the hell out of the technology space unless or until they get people in government who actually understand the technology they’re legislating about (i.e. the point of the article.) Wargames is like a cautionary tale of what could very well happen (and on a non-nuclear scale, HAS happened) when the government just expects technology people to “nerd harder” while passing laws that often make any attempt to do so illegal (anti-reverse-engineering clause anyone?)
Re: Re: Re: Wargames
Actually, the odds that the code would be the very last code that they tried are about 100%. Why would you keep trying after you have found the code? It’s like how your keys are always found in the last place that you looked. It has a 100% probability because if you cease an activity after achieving your goal of finding something, then there is a 100% probability that the last place you look will have the item you’re searching for.
Let’s face it here, our nation is ran by stupid people.
The Cyber Is To Important Too Be Left To The Cyberers
I see you techo types want to be teh ECXLUSIVE HIGH PREISTS and GATEKEEPERS of the Cyber World. But thank God the LAWMAKERS AND POLITICIANS WONT LET YOU!!! Because theres one thing they have plenty of and you dont, and thats COMMON SENCE!! Like this whole Encryption baloney. WE KNOW YOUR GANGING UP AGAINST LAW ENFORCEMENT!! As if good, law-abiding math cant tell the difference between lawful Govermnent agents trying to enforce teh law, and TERRORISTS!!
Cant do it? Maybe your using TERRORIST MATH!!!
Your trying to keep a Cabal. Well, WERE GOING TO CUT THE CABAL!!!!
Re: The Cyber Is To Important Too Be Left To The Cyberers
I think my terrorist maths beats your copyright maths.
🙂
So, nu?
“…lawmakers pushing legislation targeting things they don’t even understand.”
A.k.a., “representative democracy.”
well
why does this surprise anyone?
I’ll quote what my darling spouse has said online in numerous occasions (it explains EVERYTHING)
“Have you met people?”
Re: well
Just because a thing is unsurprising doesn’t mean we shouldn’t talk about it.
The problem with govt and technology is that every govt solution involves money, maps, walls, or guns. Technology advances outside those spheres. The judiciary, legislature and executive misunderstand and misuse technology. Technology is criminally managed by our govt which rides along on sovereign immunity. Explaining tech to a civil servant is like explaining calculus to a fish. Even the exceptions vary from Alsup to McAfee. One fix might be to require competency tests like driving or amateur radio.