Last Week in Tech Policy #57: Medjacking

(by Justin Manusov, Colorado Law 3L)

Hacking. Tapping. Cracking. Medjacking.

In the TV show Homeland episode Broken Hearts, a CIA informant  is forced to retrieve a serial number that corresponds to the American Vice President’s pacemaker. A terrorist gains access to the VP’s pacemaker, accelerates his heartbeat and induces a heart attack.

Former Vice President Dick Cheney revealed that when he had a device implanted to regulate his heartbeat in 2007, he had his doctors disable its wireless capabilities to prevent a possible assassination attempt.

The health IT community is beginning to take medjacking seriously.

Continue reading “Last Week in Tech Policy #57: Medjacking”

Last Week in Tech Policy #51: Internet Platforms and Violent Content

(by Kristine Roach, Colorado Law 2L)

After the Unite the Right rally and associated violence in Charlottesville, NC on the weekend of Aug 11th, internet platforms and domain name providers responded by taking down content from The Daily Stormer, a neo-Nazi website that had encouraged some of the weekend’s events, raising a complicated debate over the responsibility that online platforms bear for hate speech, harassment, and violence, the concentration of power online, and free speech.

Continue reading “Last Week in Tech Policy #51: Internet Platforms and Violent Content”

TLPC Files Reply Comment in 911 Apps Proceeding

After the release of the Federal Communications Commission’s public notice seeking comment on 911 applications, student attorney Eilif Vanderkolk filed a reply comment addressing the issues of locational data, interface design, and cybersecurity in 911 smartphone applications. These issues were previously raised by TLPC in the whitepaper published by the Clinic last fall, and remain important during the NG911 transition .

 

Last Week in Tech Policy #41: FMExit—Norway’s Transition from FM Radio to Digital Audio Broadcasting

(by Zach Goldberg, Colorado Law 2L)

Norway has begun phasing out analog FM radio by shutting down broadcasts in certain parts of the country. The switch began at 11:11 am on January 11 Nordland, a county in northern Norway, and within a year, the Norwegian government plans to transition the entire country to Digital Audio Broadcasting (“DAB”). Under this new regulatory scheme, only 200 or so small local stations will be permitted to broadcast on FM frequencies.

This post explores the past, present, and future of the transition.

Continue reading “Last Week in Tech Policy #41: FMExit—Norway’s Transition from FM Radio to Digital Audio Broadcasting”

Understanding and Solving the Problems that Non-Service-Initialized Devices and Non-Emergency 911 Calls Cause for PSAPs, First Responders, and the Public

(by Zach Goldberg and Eilif Vanderkolk, TLPC Student Attorneys)

Over the past several months, the TLPC, in collaboration with the National 911 Program, has researched problems burdening 911 call centers, with the aim of discovering solutions to improve the efficiency of emergency response throughout the country. Specifically, we have examined the negative impact of calls made from non-service-initialized devices (“NSIDs”) and high non-emergency 911 call volume upon the efficacy of public safety answering points (PSAPs). We aimed to gain deeper understanding of how 911 systems work, the difficulties they face, and how changes in law and policy, technology, and consumer awareness and behaviors might help. However, crafting effective solutions to these problems is difficult because the factors contributing to high non-emergency 911 call volume figures are complex, and reliable, precise studies and data is scarce. We explore these problems in the attached white paper.

 

Autonomous Vehicle Cybersecurity Threats: Physical Layer Jamming and Spoofing Attacks

(by Zach Goldberg, TLPC Student Attorney)

Over the past month, the TLPC has researched autonomous vehicle technology and its susceptibility to physical layer cyber attacks, with the aim of encouraging research and development efforts to counteract such threats. We sought to gain deeper understanding of the communication systems that enable autonomous vehicle technology, the vulnerabilities of these systems to jamming and spoofing attacks, and possible defenses against such attacks. We explore these issues in the attached comment, filed in the National Highway Traffic Safety Administration’s latest proceedings relating to autonomous vehicle safety and vehicular cyber security.

Autonomous Vehicle Jamming and Spoofing Comment

Last Week in Tech Law & Policy, Vol. 37: Wireless Emergency Alerts Improved by Federal Communications Commission

(By Eilif Vanderkolk, Colorado Law 2L)

A Speedy Manhunt

In mid-September, Ahmad Khan Rahami allegedly committed terrorist bombings in Manhattan and the Jersey Shore . Rahami was arrested on the Monday following the bombings, shortly after New York officials had issued a Wireless Emergency Alert (WEA) naming Rahami as the primary suspect. The alert, received by all smartphones located in the five Boroughs that had not opted out, looked like this:

WANTED: Ahmad Khan Rahami, 28-yr-old male. See media for pic. Call 9-1-1 if seen.

Continue reading “Last Week in Tech Law & Policy, Vol. 37: Wireless Emergency Alerts Improved by Federal Communications Commission”

TLPC Completes 911 Accessibility Report for Colorado Public Utilities Commission

This semester, TLPC student attorneys Victoria Naifeh, Allison Daley, and Elizabeth Chance and student technologist Jeff Ward-Bailey worked with the Colorado Public Utilities Commission’s 911 task force  to research the legal landscape surrounding 911 accessibility for the deaf, deaf-blind, hard of hearing, and speech disabled communities in Colorado.  The final project, a white paper summarizing the research, is now available here and on the the Social Sciences Research Network:

Last Week in Tech Law & Policy, Vol.4: A Look at Health Technology

( by Allison N. Daley, Colorado Law 2L)

This week I want to focus on a specific area of tech law and policy: health care. With the advent of telemedicine as a way of providing health care at a distance, there is exciting potential for innovation, however with this innovation comes new challenges in law and policy.

As just one example, there is a new app, Harbinger, that transmits communication from Emergency Medical Service (EMS) workers in an ambulance to hospitals in real time. The hope is that such technology can improve care by sending protected health information (PHI) such as drivers licenses and insurance cards to hospitals for faster registration.  The app even allows EMS workers to send pictures and videos of injuries or accident scenes for more rapid diagnosis and treatment.

With this great technology, however, privacy concerns abound. Because cell phones store data on the device itself, PHI is much more likely to fall into the wrong hands if a cell phone is lost or stolen.  While the Health Insurance Portability and Accountability Act (HIPAA)  does not have any official rules banning the use of cell phones, the HIPAA Privacy Rule requires health care providers to implement appropriate safeguards to reasonably protect health information.

In order to solve this problem, the Harbinger app promises:

[P]atient information is encrypted with today’s most advanced methods. The data is transported to our server with the industry standard for banks and credit cards, and is stored in an encrypted format.

While this sounds like it may satisfy HIPAA standards, patients and hospitals will likely still have concerns about this new technology. The founders, both Coloradoans, are currently negotiating with hospitals and we may see the system operating by the end of the year.

For more information, check out Harbinger’s website.

See you next week!