Support Our Journalism

Smart. Sharp. Funny. Fearless

Politics National News World Economy Lifestyle Store

Start your day with The National Memo Newsletter

Tag: encryption

Could Teleconferencing Spell Trouble For Your Trade Secrets?

Even before the pandemic, our society was dependent on technology. With 61 percent of mobile users refusing to visit a mobile site again if they feel it's slow or hard to navigate, it's clear that the digital tools we use have to keep up with user demand and behavior.

Of course, the challenges of the pandemic have made these needs even more pronounced. As millions of Americans continue to work remotely to combat COVID-19, we're now spending even more of our days online. That's led to some issues, particularly in regard to web security.

In the first half of 2019, data breaches exposed an estimated 4 billion records and experts estimate that those numbers have continued to reach new heights throughout our current health crisis. But unfortunately, that isn't the only way that proprietary information can fall into the wrong hands. While many of us depend on teleconferencing platforms to stay connected with colleagues as we work from home, the truth is that these programs can present a number of legal complications -- including the potential loss of trade secrets.

The United States Patent and Trademark Office defines a trade secret as information that has potential or actual independent financial value due to its general secrecy; offers value to those who can't legitimately access this information; and has been the subject of reasonable protective measures to control its access. Trade secrets can become "lost" if any of these three factors become compromised or eliminated. Since the passing of the Defend Trade Secrets Act of 2016, U.S. trade secret case filings increased from a range of 960 to 930 cases a year to a staggering 1,134 cases in 2017. While that's partially because the new law allowed federal courts to hear cases pertaining to trade secrets, it's also worth noting that there may now be more opportunities -- thanks to technology -- for trade secrets to come to light.

That may certainly be the case, as some business owners have found out the hard way, with popular teleconferencing platforms like Zoom. According to recent reports, a trash compacting company called Smash decided to hold several Zoom calls with prospective franchisees. During these calls, the company ended up revealing information that it later claimed was a protected trade secret. After attending these Zoom sessions, those potential franchisees ended up starting a business to directly compete with Smash. Although Smash sued, the court found that Smash lost its trade secret protection because the company failed to adequately safeguard its teleconferencing sessions for privacy. In fact, all of the meetings they held utilized the exact same Zoom link (which could have legally been shared with anyone). Not only that, but the meetings weren't password-protected. Smash couldn't even identify every person who attended the Zoom meetings, representing a massive privacy failure on their part. Interestingly, the use of a nondisclosure agreement (NDA) wasn't enough to uphold expectations of privacy.
Unsurprisingly, Smash lost the case -- though the court did find that the defendants acted with deception -- and willingly gave up its trade secrets.

Considering that Zoom reported having more than 200 million daily users in March 2020 and many American businesses continue to employ remote workforces, it's essential to take heed of this cautionary tale. Although teleconferencing has become just one part of our new normal, that doesn't mean you have no choice but to leave your business vulnerable.

Zoom does provide some layers of protection that Smash failed to use in this case. Creating different meeting links for each new session, and ensuring those sessions are password-protected, can help keep unwanted visitors out. It's also a good idea to use the waiting room feature in order to screen attendees for this reason. You can also disable the ability to record the session and remove those who aren't authorized to attend. In addition, you can request that attendees position themselves in a private space that won't be subject to eavesdropping. But you can also choose to use a more secure platform than Zoom, like Microsoft Teams or Cisco Webex Meetings, both of which offer end-to-end encryption.

Of course, a lot of trade secret protection comes down to user behavior rather than technological features. Ultimately, it's the business's responsibility to ensure their secrets stay secrets. Generally speaking, you should refrain from sharing trade secrets on any platform that doesn't provide a reasonable expectation of privacy, whether it's through an email or in a video meeting. It's up to you to keep that proprietary information under lock and key. And if you don't do your due diligence, you could find yourself losing a court case and losing what makes your business unique.

Terrorists and Their Privacy

One inevitable sequel to a terrorist attack is seeing the ugly mugs of creeps-turned-monsters thrust before us over a multitude of news cycles. Another is a debate over cellphone encryption.

Encryption is a means of turning information into secret code. Terrorists communicate through encrypted devices to hide their plans and protect the identities of their co-conspirators. For obvious reasons, law enforcement wants to know what’s being said and to whom.

The FBI had been demanding that Apple turn over an encryption key to crack the iPhone used by San Bernardino gunman Syed Rizwan Farook. Apple has refused, arguing that helping the FBI hack Farook’s iPhone would put the privacy of other iPhone users in jeopardy. That would be bad for business.

Apple’s case has always been morally and legally flawed, but now it may be moot. That’s because on the very day of the terrorist outrage in Brussels, the Justice Department announced it may now be able to get at the information in Farook’s iPhone without Apple’s input.

An unidentified third party has reportedly found a way to hack the phone. That method is being tested to ensure that it doesn’t destroy the valuable data in the process.

If it succeeds, Apple will have lost in three ways. No. 1: Consumers are no longer assured that iPhone data is invulnerable. No. 2: By forcing others to find a means of cracking an iPhone, Apple loses control over the process. And No. 3: Apple is left with having fought the bad fight.

All that goodwill Apple has amassed for its wonderful products could start draining away as Americans wonder what side it’s on. The rampage in San Bernardino took 14 lives and grievously injured 22 others. Survivors and relatives of the dead have protested Apple’s defense of a mass murderer’s cellphone data. That’s definitely bad for business.

Suppose Belgian investigators cleaning up the body parts came across an encrypted iPhone of a terrorist impressed by Apple’s promise of privacy. Would Apple refuse to help uncover accomplices in that bloodbath, as well?

Some argue that Farook’s iPhone 5c is easier to crack than the newer iPhones. Does Apple now want to bet that hacking the iPhone 6 or a later model can’t be done by a highly talented geek?

The Justice Department’s legal basis for requiring Apple to unlock an encrypted device is the 1789 All Writs Act. The law applies only if compliance is not an unreasonable burden. Apple claims invading Farook’s iPhone would be “unreasonably burdensome.”

With a search warrant based on probable cause, law enforcement may barge into your home, break into your metal file cabinets and look in your underwear drawer. (For further information, consult some “Law & Order” reruns.)

One’s cellphone is not a sacred space. Mobile phone users worried that police doing a warranted search might come across their third-grader’s math scores or a prescription for Viagra should not put such data onto their gadget in the first place.

The concern in Apple’s boardroom and elsewhere in the Silicon Valley is that governments less constrained by civil liberties than ours would demand the key to breaking the encryption. They already do, but that’s between the companies and the other countries. It’s really not the American public’s problem — unless you want to argue that tech company profits trump national security.

Apple’s position was insupportable. Now it may be irrelevant. A wise move for those in the tech industry would be to quietly work out some accommodation with law enforcement in the halls of Congress. Rest assured, they won’t want to hold such discussions in the heat of another, even more devastating terrorist attack.

Follow Froma Harrop on Twitter @FromaHarrop. She can be reached at fharrop@gmail.com. To find out more about Froma Harrop and read features by other Creators writers and cartoonists, visit the Creators Web page at www.creators.com.

Photo: A man displays a protest message on his iPhone at a small rally in support of Apple’s refusal to help the FBI access the cell phone of a gunman involved in the killings of 14 people in San Bernardino, in Santa Monica, California, United States, February 23, 2016. REUTERS/Lucy Nicholson

Apple, Public Safety And Selling Stuff

Federal investigators hold the iPhone of Syed Rizwan Farook, the terrorist who helped slaughter 14 innocents in San Bernardino, California. They want to look at its contents but can’t because the device is encrypted and Apple has refused to unlock it.

The matter ended up in federal court, where a magistrate judge ordered Apple to hack Farook’s cellphone. Apple has rejected the judge’s order, citing privacy concerns.

Apple is in the wrong. As Manhattan District Attorney Cyrus R. Vance points out, the government’s case rests on centuries of law holding that “no item — not a home, not a file cabinet and not a smartphone — lies beyond the reach of a judicial search warrant.”

There exists no “right of privacy” to withhold evidence of a crime. The idea that the cellphone is a privileged communications device that must be off-limits to law enforcement is nonsense.

The court’s not telling Apple to create what one critic of the judge’s order called a “design defect,” a backdoor that puts all users in danger of being hacked by identity thieves and other creeps. It has ordered Apple to help the Federal Bureau of Investigation get into a single iPhone.

To do this, Apple must create a hacking tool, which, some fret, could get into the wrong hands. But the decrypting could be done on Apple property by Apple people — and the tool kept in Apple’s famously secure vault.

While Apple’s stance is unacceptable, it is understandable from a limited business point of view. Apple worries that if it gives U.S. law enforcement access to encrypted cellphones, countries less sensitive to civil liberties would demand the same. Places like China and Russia could grab the technology for widespread use against their citizens. China is Apple’s second biggest market after the United States.

U.S. tech companies and civil libertarians are supporting Apple’s stance. Nuala O’Connor of the Center for Democracy and Technology expressed some of the fears. Cellphones “have become effectively a part of our bodies,” she wrote. Hers has contacts, medical records, kids’ report cards, pictures and so forth.

All the more reason not to carry all that information around in one’s handbag, we might say. But even if a master key for unlocking iPhones got on the loose, the brutes would still need to possess the physical iPhone and spend perhaps years trying to get past a strong password.

Full-disclosure time. Your writer is a voracious consumer of Apple products and an investor in Apple Inc. stock. She’s not selling her shares for the following reasons:

Before the recent iPhone decryption debate, China was already demanding a backdoor to its citizens’ computers and phones. Chinese consumers know the score.

And there are American sensibilities to consider. FBI Director James Comey spoke for many when he said national policy on confronting terrorism should not be left to “corporations that sell stuff for a living.” It shouldn’t matter how cool the stuff is.

Victims of the San Bernardino attack are filing a legal brief supporting the U.S. government’s position. And for what it’s worth, Donald Trump has called for a boycott of Apple products if the company does not cooperate.

No one said that drawing a line between privacy and security is simple — and new technology keeps moving that blurred border. But Comey is right. The job of setting national security priorities has not been outsourced to Silicon Valley boardrooms. It is a matter for our federal government.

Dear Apple: Frustrating efforts to track terrorists is not a great marketing strategy. Your wisest move would be to make some noise and then help the FBI break into a terrorist’s iPhone.

Photo: The Apple logo is pictured behind the clock at Grand Central Terminal in the Manhattan borough of New York, February 21, 2016. REUTERS/Carlo Allegri

FBI Head Criticizes Apple, Google Over Data Encryption

Washington (AFP) – Federal Bureau of Investigation director James Comey hit out at Apple and Google over new data-security measures designed to reassure customers wary of government prying.

Google and Apple this month announced they are hardening encryption tactics on devices powered by their mobile operating systems.

The move should mean that even if law enforcement agencies have court-issued search warrants, they will be blocked from getting hold of pictures, messages and other personal data stored on newer Android or Apple smartphones and tablets.

“I am a huge believer in the rule of law,” Comey told journalists.

“But I also believe that no one in this country is beyond the law. What concerns me about this is companies marketing something expressly to allow people to place themselves beyond the law.”

Comey said the FBI had had initial discussions with Apple and Google about the new security measures. He said law enforcement, with a search warrant, must have access to data on criminals’ smartphones.

In a reference to U.S. intelligence leaker Edward Snowden, the FBI head said that in a “post-Snowden world… this is an indication (some corporations) go too far.”

AFP Photo/Kimihiro Hoshino

        About The National Memo
    
The National Memo is a political newsletter and website that combines the spirit of investigative journalism with new technology and ideas. We cover campaigns, elections, the White House, Congress, and the world with a fresh outlook. Our own journalism — as well as our selections of the smartest stories available every day — reflects a clear and strong perspective, without the kind of propaganda, ultra-partisanship and overwrought ideology that burden so much of our political discourse.
TAGS

Created By

RebelMouse

About Masthead Terms of Service Privacy Statement Advertise Contact