Chapter 6: Govt and Court Access to Private Sector Information Flashcards
Third party doctrine
Information turned over to third parties no longer belongs to the owner of the information. (Applies to transactions)
Relates to needing warrants for searches of third parties.
RFPA regulates…
Requests for financial information by the federal government.
RFPA doesn’t apply to…
State and local gov’t or private institutions
RFPA sharing exceptions…
Supervisory agencies (gov’t financial regulators: SEC, FDIC, CFPB, etc.)
De-identified data
Court orders
National security emergencies
SAR’s (suspicious activity reports)
How much time does a customer have to object to an RFPA request?
10 days from receiving the request or 14 days from when it was mailed.
RFPA enforced by
Private right of action with penalties of $100 per violation.
Punitive damages possible for intentional acts
Currency and Foreign Transactions Reporting Act aka
Bank Secrecy Act of 1970
BSA is about…
money laundering/transfer of wealth
BSA applies to… (9)
Financial Institutions
Precious metals dealers
Jewelers
Pawn brokers
Travel agencies
Telegraph companies
Car dealers
Gambling operations
USPS
BSA requires
Keeping records of financial transactions
Monitoring for money laundering
Anti-money laundering program
BSA record retention requirement…
5 years
Currency Transaction Report (CTR)
Report of any bank activity for a customer over $10,000 per day
Filed within 15 days of
Suspicious Activity Report (SAR)
Report on financial activity indicating money laundering or other crimes.
Are customers notified about SAR’s?
No
Who enforces BSA?
US Treasury Department
Katz vs. US
Katz used payphones for gambling. They were illegally tapped by the government.
ECPA purposes
Rules for wiretapping
Devices covered by ECPA
Pen registers
Trap and Trace
ECPA Wiretap Act prohibits
Spying on real-time comms without consent
Notable ECPA exception about consent
Communication may be intercepted or recorded with consent of only one party (some states are more strict)
ECPA Stored Communications Act
Covers data stored by third parties like files and email
ECPA Pen Registers & Trap and Trace
Protects communication metadata
ECPA preemption
Does not preempt state laws
CALEA
Communications Assistance for Law Enforcement Act
CALEA helps law enforcement perform
legal searches
CALEA prevents…
Telecommunications carriers from inhibiting lawful searches and designing products and services in a way that impedes law enforcement
FISA rules for non-US persons acting as foreign agents in the US
No 4th Amendment protection
Surveillance permitted even without probable cause
FISA authorization of surveillance methods
Only if pursuing foreign intelligence is significant purpose
FISA Courts (FISC)
Special court for FISA intelligence
How many FISA Court judges are there?
11 District Court judges
FISA warrants expire after…
90, 120, 365 days
Authority for Warrantless surveillance. How long and for who?
By the US AG. Up to 1 year for foreign powers with “no substantial likelihood” that surveillance will impact US persons
FISA rules for US persons acting as foreign agents (spies)
4th Amendment applies
FISA minimization procedure
Collected information is limited to the specific investigation.
Other information is not referenced in investigation
Roving wiretaps
Applies to any devices used by an individual
Patriot Act Lone Wolf provision
Allows FISA warrants for lone individuals involved in international terrorism
Patriot Act Business Records Provision
Gov’t can demand records from 3rd parties without a subpoena or warrant if targeted at gaining foreign intelligence
USA Freedom Act of 2015 Selection Terms
Specific search parameters
USA Freedom Act
Tightened up privacy and surveillance from the Patriot Act
CISA Act
Provides protection to companies for information sharing
Encourages companies to implement cyber defense
CISA Cyber threat indicators sharing requirement
Remove PII
Protections for companies under CISA Act (3)
Protection from anti-trust and attorney-client privilege
Shared information remains proprietary
Exempt from FOIA
T/F CISA offers companies a form of Safe Harbor
True
Zurcher vs. Stanford Daily
Stanford Daily newspaper didn’t want to respond to a search warrant and lost in the Supreme Court.
PPA: Privacy Protection Act
Protects journalistic privacy
Prohibits law enforcement from searching journalistic personnel including their homes and offices
Which law requires a “purpose to disseminate to the public?”
PPA
What is the impact of a subpeona duces tetum in the PPA?
Forces a journalist to appear in court with their documents
PPA exceptions (3)
Investigating a journalist as a suspect
Immediate search to prevent death and serious injury
To prevent destruction of evidence
PPA Private Right of Action
Against law enforcement and gov’t personnel
eDiscovery
Process of identifying, collecting, and producing electronic records for legal proceedings
eDiscovery processing
Records are formatted and cleaned for review
eDiscovery Review
Records are reviewed and redacted before sharing
When is the best time for a privacy professional to get involved in eDiscovery?
Before a request
