Op-Ed

[Commentary] When the government engages in prospective cell-site surveillance, it obtains a court order requiring a cell provider to provide the phone’s location at that moment in “real time.” That contrasts with collection of historical cell-site records, when the government obtains a court order requiring the provider to hand over stored records retained by a cell provider in the ordinary course of business from some time in the past. Although every circuit court and state supreme court to rule on historical cell-site collection has concluded it is not a search, the Florida Supreme Court ruled in Tracey v. Florida that prospective cell-site surveillance is a search. Importantly, Tracey went out of its way to say that it was ruling only on prospective surveillance and not on historical collection. On May 22, the U.S. Court of Appeals for the Fifth Circuit ruled in United States v. Wallace that the reasoning of its precedents on historical collection applies equally to prospective cell-site surveillance. In Wallace, the Texas Department of Safety had a warrant out for the arrest of a gang member. The police knew the suspect’s cell phone number, so they obtained what the opinion calls a “Ping Order” authorizing the police to determine the locations of cell site towers being accessed by a number.

[Kerr is the Fred C. Stevenson Research Professor at The George Washington University Law School]

Wael Ghonim’s anonymous Facebook page helped start a revolution in Egypt. Here is what he concluded about social media today

[Commentary] A fridge that puts milk on your shopping list when you run low. A safe that tallies the cash that is placed in it. A sniper rifle equipped with advanced computer technology for improved accuracy. A car that lets you stream music from the Internet. All of these innovations sound great, until you learn the risks that this type of connectivity carries. The early Internet was intended to connect people who already trusted one another, like academic researchers or military networks. It never had the robust security that today’s global network needs. As the Internet went from a few thousand users to more than three billion, attempts to strengthen security were stymied because of cost, shortsightedness and competing interests. Connecting everyday objects to this shaky, insecure base will create the Internet of Hacked Things. This is irresponsible and potentially catastrophic. It may be hard to fix security on the digital Internet, but the Internet of Things should not be built on this faulty foundation. Responding to digital threats by patching only exposed vulnerabilities is giving just aspirin to a very ill patient. It isn’t hopeless. We can make programs more reliable and databases more secure. Critical functions on Internet-connected objects should be isolated and external audits mandated to catch problems early. But this will require an initial investment to forestall future problems — the exact opposite of the current corporate impulse. It also may be that not everything needs to be networked, and that the trade-off in vulnerability isn’t worth it. [Tufekci is an assistant professor at the School of Information and Library Science at the University of North Carolina]