A View from Erica Naone

Black Hat: Legal Pitfalls of Investigating Mobile

Researchers studying mobile devices often find themselves on shaky ground.

  • August 5, 2011

Hackers today are testing mobile devices ever more strenuously, but the work often stands on shaky legal ground, according to Jennifer Granick, an attorney for ZwillGen, a law firm that specializes in legal issues related to the Internet. Granick was formerly civil liberties director for the Electronic Frontier Foundation.

Presenting at Black Hat, a computer security conference in Las Vegas, Granick outlined the tricky legal landscape that faces researchers trying to work in mobile. While historically, companies have often been reluctant to open their arms to hackers, mobile devices introduce new challenges, such as having to deal with tangled FCC regulations, and laws that aren’t designed for modern devices.

For example, Granick explained, techniques such as jailbreaking iPhones to run non-Apple approved software are governed under U.S. copyright law. The U.S. Copyright Office reviews its rules every three years, and did add exemptions to allow jailbreaking. However, since the iPad didn’t exist the last time this review happened, jailbreaking these devices exists in a legal limbo.

Just to work on devices often requires taking some legal risk. Companies such as Apple lock down mobile devices and software through restrictive developers’ agreements and end-user license agreements, as well as with technical protections that are backed by law.

One particularly tricky area is location-based services. In many cases, Granick said, how communications are classified can determine how severe the legal risk connected with hacking them becomes. Accessing communications in a way that could be considered wiretapping comes with strict legal penalties, but accessing stored communications is sometimes treated differently. Under some interpretations, Granick said, there might be reason to classify communications between users and companies such as Foursquare so that intercepting them would be considered wiretapping.

Considering the fierce debates already going on around the info that passes through mobile devices, Granick’s talk illustrated the legal difficulties of pinning down exactly what goes on.

Uh oh–you've read all of your free articles for this month.

Insider Premium
$179.95/yr US PRICE

Want more award-winning journalism? Subscribe and become an Insider.
  • Insider Premium {! insider.prices.premium !}*

    {! insider.display.menuOptionsLabel !}

    Our award winning magazine, unlimited access to our story archive, special discounts to MIT Technology Review Events, and exclusive content.

    See details+

    What's Included

    Bimonthly magazine delivery and unlimited 24/7 access to MIT Technology Review’s website

    The Download: our daily newsletter of what's important in technology and innovation

    Access to the magazine PDF archive—thousands of articles going back to 1899 at your fingertips

    Special discounts to select partner offerings

    Discount to MIT Technology Review events

    Ad-free web experience

    First Look: exclusive early access to important stories, before they’re available to anyone else

    Insider Conversations: listen in on in-depth calls between our editors and today’s thought leaders

  • Insider Plus {! insider.prices.plus !}* Best Value

    {! insider.display.menuOptionsLabel !}

    Everything included in Insider Basic, plus ad-free web experience, select discounts to partner offerings and MIT Technology Review events

    See details+

    What's Included

    Bimonthly magazine delivery and unlimited 24/7 access to MIT Technology Review’s website

    The Download: our daily newsletter of what's important in technology and innovation

    Access to the magazine PDF archive—thousands of articles going back to 1899 at your fingertips

    Special discounts to select partner offerings

    Discount to MIT Technology Review events

    Ad-free web experience

  • Insider Basic {! insider.prices.basic !}*

    {! insider.display.menuOptionsLabel !}

    Six issues of our award winning magazine and daily delivery of The Download, our newsletter of what’s important in technology and innovation.

    See details+

    What's Included

    Bimonthly magazine delivery and unlimited 24/7 access to MIT Technology Review’s website

    The Download: our daily newsletter of what's important in technology and innovation

/
You've read all of your free articles this month. This is your last free article this month. You've read of free articles this month. or  for unlimited online access.