Working Effectively with Law Enforcement: How to Protect the Privacy of Your University Community...
-
Upload
justin-fletcher -
Category
Documents
-
view
213 -
download
1
Transcript of Working Effectively with Law Enforcement: How to Protect the Privacy of Your University Community...
![Page 1: Working Effectively with Law Enforcement: How to Protect the Privacy of Your University Community Without Going to Jail Michael Corn Director, Security.](https://reader036.fdocuments.us/reader036/viewer/2022072013/56649e6a5503460f94b67830/html5/thumbnails/1.jpg)
Working Effectively with Law Enforcement: How to Protect the Privacy of Your University Community Without Going to
Jail
Michael CornDirector, Security Services and Information PrivacyUniversity of Illinois at Urbana-ChampaignOffice of the CIO
![Page 2: Working Effectively with Law Enforcement: How to Protect the Privacy of Your University Community Without Going to Jail Michael Corn Director, Security.](https://reader036.fdocuments.us/reader036/viewer/2022072013/56649e6a5503460f94b67830/html5/thumbnails/2.jpg)
2
Presentation Topics
Working effectively with LEAs protects privacy You are not alone: it takes a team to respond to a
subpoena What knowing your environment means Advise on handling an investigation References
![Page 3: Working Effectively with Law Enforcement: How to Protect the Privacy of Your University Community Without Going to Jail Michael Corn Director, Security.](https://reader036.fdocuments.us/reader036/viewer/2022072013/56649e6a5503460f94b67830/html5/thumbnails/3.jpg)
3
Themes and Assumptions
Working with law enforcement is no longer exceptional but typical
We have a legal obligation to comply with valid documents
Proper handling of law enforcement requests enhances the privacy accorded members of your campus community
![Page 4: Working Effectively with Law Enforcement: How to Protect the Privacy of Your University Community Without Going to Jail Michael Corn Director, Security.](https://reader036.fdocuments.us/reader036/viewer/2022072013/56649e6a5503460f94b67830/html5/thumbnails/4.jpg)
4
It Takes a Team
Develop a firm and clear understanding of responsibilities and roles
There are three critical positions that can handle 100% of most incidents and 95% of the rest
Security Officer, Legal Counsel, Campus Police
![Page 5: Working Effectively with Law Enforcement: How to Protect the Privacy of Your University Community Without Going to Jail Michael Corn Director, Security.](https://reader036.fdocuments.us/reader036/viewer/2022072013/56649e6a5503460f94b67830/html5/thumbnails/5.jpg)
5
Campus Police
Validate credentials Have deep contacts in Law Enforcement Bring a level of comfort to agents of LEAs
Partners in a variety of incidents:– Harassment– Laptop theft– Identity theft / SSN disclosures
Consider whether they are internal or external to Institution
![Page 6: Working Effectively with Law Enforcement: How to Protect the Privacy of Your University Community Without Going to Jail Michael Corn Director, Security.](https://reader036.fdocuments.us/reader036/viewer/2022072013/56649e6a5503460f94b67830/html5/thumbnails/6.jpg)
6
Campus Counsel
Validate all legal documents Interpret type of request: subpoena, preservation
request, search warrant, NSL, etc… Interpret request elements: data, dates/times,
identities, etc…
Should be highly familiar with relevant campus policies, such as your Appropriate/Acceptable Use and Infosec
![Page 7: Working Effectively with Law Enforcement: How to Protect the Privacy of Your University Community Without Going to Jail Michael Corn Director, Security.](https://reader036.fdocuments.us/reader036/viewer/2022072013/56649e6a5503460f94b67830/html5/thumbnails/7.jpg)
7
Security Officer
Advises on technical capabilities / hurdles Advises on impact and visibility Advises on what is available Collection of evidence / information
![Page 8: Working Effectively with Law Enforcement: How to Protect the Privacy of Your University Community Without Going to Jail Michael Corn Director, Security.](https://reader036.fdocuments.us/reader036/viewer/2022072013/56649e6a5503460f94b67830/html5/thumbnails/8.jpg)
8
Words of Advice to Security Officers
Keep judicial, legislative, investigative and interpretive roles separate
Regulation != Common Sense Having a law degree does not make you the
University’s Counsel
![Page 9: Working Effectively with Law Enforcement: How to Protect the Privacy of Your University Community Without Going to Jail Michael Corn Director, Security.](https://reader036.fdocuments.us/reader036/viewer/2022072013/56649e6a5503460f94b67830/html5/thumbnails/9.jpg)
9
Know your Environment
Focus on those elements of your environment that are likely to be relevant to a request for information:
– Log files– Email (and email traffic logs)– s/Flow data– Authn/z logs– Technical contacts in units– Which units provide their own IT services?– How long are backup stored and how much work is it to do a restore?
“If you can’t count something you don’t control it”Mike’s dictum
![Page 10: Working Effectively with Law Enforcement: How to Protect the Privacy of Your University Community Without Going to Jail Michael Corn Director, Security.](https://reader036.fdocuments.us/reader036/viewer/2022072013/56649e6a5503460f94b67830/html5/thumbnails/10.jpg)
10
Know your Environment (cont.)
Discuss the possibility of confidential investigations with your service managers and their supervisors (i.e., middle managers)
Emphasize that you’re helping to insulate them from crises
Buy your network engineers lunch. Regularly
![Page 11: Working Effectively with Law Enforcement: How to Protect the Privacy of Your University Community Without Going to Jail Michael Corn Director, Security.](https://reader036.fdocuments.us/reader036/viewer/2022072013/56649e6a5503460f94b67830/html5/thumbnails/11.jpg)
11
Handling an Investigation - confidentiality
Confidentiality– Understand your obligations with regard to
confidentiality.
“In accordance with 18 U.S.C. section 2709(c) (1), I certify that a disclosure of the fact that the FBI has sought or obtained access to the information sought by this letter may endanger the national security of the United States...and (2) prohibits you, or any officer, employee, or agent of yours, from disclosing this letter, other than to those to whom disclosure is necessary to comply with the letter or to an attorney to obtain legal advice...”
ACLU: http://www.aclu.org/natsec/warpowers/21261prs20051107.htmlFBI: http://www.fbi.gov/pressrel/pressrel07/nsl030907.htm
National Security Letter (NSL) quote found via Google search.
![Page 12: Working Effectively with Law Enforcement: How to Protect the Privacy of Your University Community Without Going to Jail Michael Corn Director, Security.](https://reader036.fdocuments.us/reader036/viewer/2022072013/56649e6a5503460f94b67830/html5/thumbnails/12.jpg)
12
Confidentiality (cont.)
Discuss with the agent(s) in charge of an investigation whom you wish to inform of the investigation and why. This includes, – your supervisor– campus/University Officers (Provost, Chancellor, etc..)– unit heads– technical staff
Develop internal procedures that control the materials and information of legally restricted documentation. Buy a safe for storing legal documents and evidence.
![Page 13: Working Effectively with Law Enforcement: How to Protect the Privacy of Your University Community Without Going to Jail Michael Corn Director, Security.](https://reader036.fdocuments.us/reader036/viewer/2022072013/56649e6a5503460f94b67830/html5/thumbnails/13.jpg)
13
Handling the Investigation – impact
Minimizing the impact of the investigation
– Work with the agent(s) in charge of an investigation to review what they are looking for and what will not be useful to them.
– Work with law enforcement agents to better understand your environment and narrow the scope of information requests.
![Page 14: Working Effectively with Law Enforcement: How to Protect the Privacy of Your University Community Without Going to Jail Michael Corn Director, Security.](https://reader036.fdocuments.us/reader036/viewer/2022072013/56649e6a5503460f94b67830/html5/thumbnails/14.jpg)
14
Narrowing the Scope of a Request I
Original
“Provide all records, logs, transaction records, connection records, email headers and IP numbers for the account and computers associated with Bullwinkle J. Moose and the account [email protected] from Jan 1st 2007 to present.”
![Page 15: Working Effectively with Law Enforcement: How to Protect the Privacy of Your University Community Without Going to Jail Michael Corn Director, Security.](https://reader036.fdocuments.us/reader036/viewer/2022072013/56649e6a5503460f94b67830/html5/thumbnails/15.jpg)
15
Narrowing the Scope of a Request II
[email protected] redirects to [email protected]
Physics.whatsamattau.edu not centrally provided (do they log sendmail at physics?)
[email protected] also exists as [email protected]
Email accounts accessible from any IP on campus Bullwinkle reads most of his mail from a multi-user machine Flow logs from that machine show traffic from multiple
users Bullwinkle has logged into any number of campus services
in the last 8 months
![Page 16: Working Effectively with Law Enforcement: How to Protect the Privacy of Your University Community Without Going to Jail Michael Corn Director, Security.](https://reader036.fdocuments.us/reader036/viewer/2022072013/56649e6a5503460f94b67830/html5/thumbnails/16.jpg)
16
Narrowing the Scope of a Request III
Discuss with agent:
– Email redirection – And Legal if bullwinkle@physics… is covered by document – Flow logs don’t help with email– Central IT account is unused– Campus authentication records– Capturing multi-user machine will endanger confidentiality of
investigation– Multi-month restore will endanger confidentiality of investigation– Need to work with departmental IT staff
May require working with unit head or IT staff supervisors
![Page 17: Working Effectively with Law Enforcement: How to Protect the Privacy of Your University Community Without Going to Jail Michael Corn Director, Security.](https://reader036.fdocuments.us/reader036/viewer/2022072013/56649e6a5503460f94b67830/html5/thumbnails/17.jpg)
17
None of this will matter if the LE agent doesn’ttrust and have confidence in you.
![Page 18: Working Effectively with Law Enforcement: How to Protect the Privacy of Your University Community Without Going to Jail Michael Corn Director, Security.](https://reader036.fdocuments.us/reader036/viewer/2022072013/56649e6a5503460f94b67830/html5/thumbnails/18.jpg)
18
Narrowing the Scope of a Request IV
New Preservation Request
“Please retain all existing email and backups of the email account associated with the email address [email protected] from the period Jan 1st 2007 to present.”
New Data Request
“Please provide all email headers from existing email from the account associated with the email address [email protected] from the period Jan 1st 2007 to present.”
![Page 19: Working Effectively with Law Enforcement: How to Protect the Privacy of Your University Community Without Going to Jail Michael Corn Director, Security.](https://reader036.fdocuments.us/reader036/viewer/2022072013/56649e6a5503460f94b67830/html5/thumbnails/19.jpg)
19
Summary
Create a policy to address the handling of all legal documents. Form a team consisting of the security officer, legal counsel, and campus police. Put campus legal counsel on your telephone speed-dial. Meet with provost and/or chancellor to discuss law enforcement requests and
investigations. Review and document the salient features of your environment, including your
institutional policies on data release and retention. Understand your obligations with regard to confidentiality. Discuss with the agent(s) in charge of an investigation whom you wish to inform of
the investigation and why. Work with the agent(s) in charge of an investigation to review what they are looking
for and what will not be useful to them. Work with law enforcement agents to better understand your environment and narrow
the scope of information requests Develop internal procedures that control the materials and information of legally
restricted information. Buy a safe for storing legal materials.
![Page 20: Working Effectively with Law Enforcement: How to Protect the Privacy of Your University Community Without Going to Jail Michael Corn Director, Security.](https://reader036.fdocuments.us/reader036/viewer/2022072013/56649e6a5503460f94b67830/html5/thumbnails/20.jpg)
20
References & Contact
Guidelines for Working with Law Enforcement Agencies. Michael Corn. Educause Quarterly, Vol. 30 No. 3. http://www.educause.edu/apps/eq/eqm07/eqm0738.asp
Educause Policy and Law Constituent Group http://www.educause.edu/groups/icpl/
Contact: Michael Corn, [email protected]