Embed Size (px)
Citation preview
May 3, 2023
Apple v. DOJ:Privacy in Today’s Enterprise
© Fidelis Cybersecurity
Intro
Justin HarveyChief Security OfficerFidelis Cybersecurity
Twitter: @[email protected]
2
© Fidelis Cybersecurity
Ordering of Events• Dec 2 2015: Syed Farook and wife murder 14 and wound 22 innocent people in San Bernadino, California.
• January 2016: FBI requests iCloud password of phone changed, Apple complies. This action creates a conundrum.
• Feb 9 2015: FBI Director Comey informs the Senate they are still trying to unlock the iPhone 5C.
• Feb 2016: New York District Attorneys claim they have over 175 iPhones ready to be unlocked after San Bernadino case.
• Feb 16 2016: US District Court rules that Apple must provide “Reasonable technical assistance” to the FBI. Specifically ordered to write a work around. Based upon All Writs Act of 1789.
• March 21 2016: Hours before a scheduled court appearance, the FBI postpones their hearing before a judge to debate the case.
3
© Fidelis Cybersecurity
DOJ’s Initial Request
4
© Fidelis Cybersecurity
Do we have a right to privacy?Fourth Amendment to the Constitution of the United States:
“The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.”
This is often broadly interpreted.
5
© Fidelis Cybersecurity
Two Interpretations
• Humans have a fundamental right to privately communicate without being forced to divulge communication or methods.
• Spying is allowed when there is probable cause and judiciary oversight.
• The check to this balance is through the legislative branch.
6
© Fidelis Cybersecurity
This man changed everything….
7
© Fidelis Cybersecurity
Corporate Juxtaposition
8
Vs.
Monitoring for threats Spying on employees
© Fidelis Cybersecurity
Employees’ RightsIt is critical to:Be transparent and clearly communicate:
• Right to Privacy
• Surveillance
• Acceptable Use Policies
• Usage of Personal vs. Corporate assets
• Clearly BYOD doesn’t make any of this easy for us.
• Doing business in Europe? Good luck! – GDPR among other regulations make it difficult.
• Romanian Case involving Yahoo! Messenger
9
Thank You!
