The Dark Web and Its Ties to Cryptocurrency

Total Page:16

File Type:pdf, Size:1020Kb

The Dark Web and Its Ties to Cryptocurrency The Dark Web and its Ties to Cryptocurrency Stefanie Wood Ellis October 22, 2019 Objectives for the Webinar: • Today we will develop a basic understanding of: – the different levels of access of the Internet – the type of information found in each of these areas – Bitcoin & top dark web cryptocurrencies • We will review Intellectual Property misuse in the Dark Web: – Type of IP found in the Dark Web – Monitoring benefits – Enforcement options • Following today’s session you should be able to evaluate: – Intellectual Property found in the deep or dark web and make a decision on enforcement options Terminology What is the Dark Web and Dark Net? • The dark web is part of the World Wide Web • Dark Web = Content, content that exists on darknets, overlay networks part of the deep web that use the Internet but require specific software, configurations, or authorization to • Dark Net = a network access. configuration • The dark web forms a small part of the deep web, requiring specialized the part of the Web not indexed by web search anonymizing engines, although sometimes the term deep web software to access is mistakenly used to refer specifically to the dark web. Publicly accessible Social Surface Web public websites Media data Accessible & searchable content, websites indexed by Wikipedia, Pastebin, Stack search engines Google, Bing, Yahoo!, etc. Overflow, Github, BitBucket Deep Web Non-Public Social Media All data behind a login and not indexed by search Corporate Infrastructure, Medical Records engines organizational repositories Legal Files Financial Records, Online Banking Scientific Reports Private databases, requiring a login to access Academic Files Private Journalist Human Dark Web Research Trafficking Data accessed using anonymizing software, like Hacking Tutorials & TOR (The Onion Router) Drug Trafficking Services for Sale Hacktivist/Political Protest Private Communications Activity Illegally Obtained PII/ Illegal Arms Sales, ie Guns & Stolen Data Sales Ammo Sales HISTORY How did we get here? Let’s go way back • In the late 1960’s the Advanced Research Projects Agency Network (ARPANET) created the foundation for the modern Internet, and funded by the Department of Defense • The TCP/IP protocol suite is the technology utilized in developing this networking method, allowing for end-to-end data communication • Networks were created randomly and for various purposes – essentially an early version of a darknet in the form of password- protected data havens. • In the late 90’s this lead to the creation of Napster, Limeware, and other file sharing networks. HISTORY Anonymity takes over • In 2000 the first anonymizing software was created, called Freenet, allowing users to access every manner of illegally shared data within a self-contained network. • The problem with Freenet is users had to operate within the network, and that was too limiting for many • Freenet is still an option for users today https://freenetproject.org/ DEVELOPMENT OF TOR • In the 1990’s, concerned about the impact of security protocols and the innate ability to use network communication for surveillance purposes, the pioneers at the U.S. Naval Research Lab tried to identify a way obfuscate communications on the Internet. • They created the concept of “onion routing,” further developed by the Defense Advanced Research Projects Agency (DARPA) & patented by the U.S. Navy in 1998. DEVELOPMENT OF TOR What is onion routing? • It’s a technique allowing for anonymous online communication/ internet navigation • An “onion network” is layered, like an onion, in levels of encryption limiting tracking of the data packet to only the previous and next communication point for each layer. • This limits the ability to track the origin or final destination of a communication. TOR was created in 2006: https://www.torproject.org/ DEVELOPMENT OF TOR • Users began to access the darknet via TOR, however it wasn’t user friendly • The TOR browser was developed in 2008 • Not created as a haven for criminals • Not created to enable cybercrime • Was created to navigate around censorship, surveillance, government firewalls, with an objective of a free, accessible Internet without regulation • Widely used for legitimate as well as criminal enterprises What happens in the Dark Web? Licit Uses: Illicit: • Anonymous Research • Stolen data, PII, other IP shared • Whisteblower data sharing or sold • Private communications • Drug Sales • Political/Hacktavist activity • Guns/Ammo Sales planning • Tutorials – making drugs, • Conspiracy websites bombs, etc • Child porn • Human Trafficking What happens in the Dark Web? Published in 2016 by researchers Daniel Moore and Thomas Rid, Cryptopolitik and the Darknet, studied the value of encryption. In this pursuit, they reviewed Dark Web content and found the following: • 5,205 live sites in the darknet, and 2,723 were successfully classified and active (see chart) • The majority were illicit: drugs, finance, illegal forms of pornography • Drug sales the most prevalent • Bitcoin the preferred payment method • Highly recommend reading the full study https://www.tandfonline.com/doi/full/10.1080/00396338.2016.1142085 Insert footer Forums & Message Boards Anonymity can enable uninhibited conversations among strangers – whether suicide, or violence against others, or political activism. There’s safety in anonymity when there’s no fear of censorship. Marketplaces • Whether drugs, arms, porn, sex, violence, etc., most transactions are initiated from dark web marketplaces • At any given time there are many active marketplaces, however they tend to be unstable with higher outages due to DDOS or law enforcement activity • Sometimes marketplaces don’t come back at all • Require registration, sometimes an invite, and include seller ratings, profiles, and order histories Typical Marketplace Offerings Marketplace: Pirated Software Marketplace: Luxury/Counterfeit Marketplaces: Pharmaceuticals Stolen Credentials for Sale Intellectual Property in the Dark Web Risk assessment: • Financial Institutions should monitor for leaked account information • Assess if hard goods brands are trafficking counterfeits via dark web marketplaces • All Brand owners should: – Determine whether regular monitoring is needed OR • Periodic monitoring due to indicators of a data breach, or an increase in unlawful sales • Evolving area of the Internet – monitoring should be revisited regularly Intellectual Property in the Dark Web • Due to onion routing, practices, anonymity and layers of encryption, enforcement through traditional means is challenging: – Sometimes seller information can be tracked and correlated across the surface, deep & dark web sources – Email addresses may be used to uncover additional information – this is likely limited – May consider test-buys to understand what is being sold: counterfeit, grey market, stolen • For stolen account or credential information best practice is to protect the customer from inside the brand owner’s network • When made aware of intellectual property in the dark web the best practice is to staunch the leak, close the vulnerability, and protect the customer TOR Information Law Enforcement Involvement Closed Marketplaces: • Agora • Hansa • Atlantis • Sheep • AlphaBay Marketplace • Black Market • Silk Road Reloaded • TheRealDeal • Dream Market • Evolution • The Farmer's Market • Silk Road was born in 2011 by Ross Ulbricht, online Silk Road persona: “Dread Pirate Roberts” • Silk Road is credited as being the first modern marketplace utilizing automated escrow and transaction review systems • Estimated $15 million in transactions annually • Ross Ulbricht was arrested in Oct 2013 with charges of money laundering, computer hacking, conspiracy to traffic narcotics, and attempting to have 6 people killed (though no murders actually took place) • $2.6 million in Bitcoin were seized by the FBI from Silk Road. Another $28.5 million was reportedly in Ulbricht’s anonymous “wallet,” and a further $87 million in Bitcoin were found on Ulbricht’s computer https://en.wikipedia.org/wiki/Silk_Road_(marketplace) Bitcoin • Bitcoin is a cryptocurrency, a digital currency, that doesn’t require a centralized bank or primary administration mechanism, and provides for a peer-to-peer payment system. • Via cryptography and a public distributed ledger called Blockchain, transactions are tracked and verified in association with wallets owned by anonymous entities. • In 2011 one Bitcoin was worth $0.30 . Today one Bitcoin is worth over $10,000 in US currency. • An anonymous payment system, utilized primarily in dark web markets, and Silk Road’s exclusive payment system • Relies upon “Miners” rewarded with Bitcoin to conduct network transactions • Cryptocurrencies created since Bitcoin’s development are generally referred to as “altcoins” – meaning a cryptocurrency that is not Bitcoin Bitcoin • Decentralized: the Bitcoin network is not controlled by any one central authority - every machine that mines Bitcoin and processes transactions makes up a part of the network, and the machines work together • Anonymous: Bitcoin “wallets” are not linked to names, addresses, or other personally identifying information • Fast: money can be sent anywhere and arrives within minutes, as soon as the Bitcoin network processes the payment • Non-Reversible: when Bitcoins are sent, there’s no getting them back, unless the recipient returns them to you – they are gone forever • Blockchain: a public ledger recording all transactions “While we have previously reported a small shift towards more
Recommended publications
  • BUGS in the SYSTEM a Primer on the Software Vulnerability Ecosystem and Its Policy Implications
    ANDI WILSON, ROSS SCHULMAN, KEVIN BANKSTON, AND TREY HERR BUGS IN THE SYSTEM A Primer on the Software Vulnerability Ecosystem and its Policy Implications JULY 2016 About the Authors About New America New America is committed to renewing American politics, Andi Wilson is a policy analyst at New America’s Open prosperity, and purpose in the Digital Age. We generate big Technology Institute, where she researches and writes ideas, bridge the gap between technology and policy, and about the relationship between technology and policy. curate broad public conversation. We combine the best of With a specific focus on cybersecurity, Andi is currently a policy research institute, technology laboratory, public working on issues including encryption, vulnerabilities forum, media platform, and a venture capital fund for equities, surveillance, and internet freedom. ideas. We are a distinctive community of thinkers, writers, researchers, technologists, and community activists who Ross Schulman is a co-director of the Cybersecurity believe deeply in the possibility of American renewal. Initiative and senior policy counsel at New America’s Open Find out more at newamerica.org/our-story. Technology Institute, where he focuses on cybersecurity, encryption, surveillance, and Internet governance. Prior to joining OTI, Ross worked for Google in Mountain About the Cybersecurity Initiative View, California. Ross has also worked at the Computer The Internet has connected us. Yet the policies and and Communications Industry Association, the Center debates that surround the security of our networks are for Democracy and Technology, and on Capitol Hill for too often disconnected, disjointed, and stuck in an Senators Wyden and Feingold. unsuccessful status quo.
    [Show full text]
  • BUGS in the SYSTEM a Primer on the Software Vulnerability Ecosystem and Its Policy Implications
    ANDI WILSON, ROSS SCHULMAN, KEVIN BANKSTON, AND TREY HERR BUGS IN THE SYSTEM A Primer on the Software Vulnerability Ecosystem and its Policy Implications JULY 2016 About the Authors About New America New America is committed to renewing American politics, Andi Wilson is a policy analyst at New America’s Open prosperity, and purpose in the Digital Age. We generate big Technology Institute, where she researches and writes ideas, bridge the gap between technology and policy, and about the relationship between technology and policy. curate broad public conversation. We combine the best of With a specific focus on cybersecurity, Andi is currently a policy research institute, technology laboratory, public working on issues including encryption, vulnerabilities forum, media platform, and a venture capital fund for equities, surveillance, and internet freedom. ideas. We are a distinctive community of thinkers, writers, researchers, technologists, and community activists who Ross Schulman is a co-director of the Cybersecurity believe deeply in the possibility of American renewal. Initiative and senior policy counsel at New America’s Open Find out more at newamerica.org/our-story. Technology Institute, where he focuses on cybersecurity, encryption, surveillance, and Internet governance. Prior to joining OTI, Ross worked for Google in Mountain About the Cybersecurity Initiative View, California. Ross has also worked at the Computer The Internet has connected us. Yet the policies and and Communications Industry Association, the Center debates that surround the security of our networks are for Democracy and Technology, and on Capitol Hill for too often disconnected, disjointed, and stuck in an Senators Wyden and Feingold. unsuccessful status quo.
    [Show full text]
  • Databreaches in Healthcare the Attractiveness of Leaked Healthcare Data for Cybercriminals 2 Whitepaper: Databreaches in Healthcare
    Databreaches in Healthcare The attractiveness of leaked healthcare data for cybercriminals 2 Whitepaper: Databreaches in healthcare Table of Contents Introduction.................................................................................................. 5 An international problem ............................................................................................................................ 6 The risk of digitization ................................................................................................................................ 6 The medical IoT ............................................................................................................................................ 7 Overview of the attack vector: What has Healthcare suffered in the past? ............................................ 8 What are the most common causes of health data compromise? ................................................................... 10 Hacking/IT incidents ................................................................................................................................. 10 Social Engineering......................................................................................................................................11 Examples ......................................................................................................................................................11 Why is the healthcare vertical such an attractive target?.......................................................................
    [Show full text]
  • Cryptocurrency: the Economics of Money and Selected Policy Issues
    Cryptocurrency: The Economics of Money and Selected Policy Issues Updated April 9, 2020 Congressional Research Service https://crsreports.congress.gov R45427 SUMMARY R45427 Cryptocurrency: The Economics of Money and April 9, 2020 Selected Policy Issues David W. Perkins Cryptocurrencies are digital money in electronic payment systems that generally do not require Specialist in government backing or the involvement of an intermediary, such as a bank. Instead, users of the Macroeconomic Policy system validate payments using certain protocols. Since the 2008 invention of the first cryptocurrency, Bitcoin, cryptocurrencies have proliferated. In recent years, they experienced a rapid increase and subsequent decrease in value. One estimate found that, as of March 2020, there were more than 5,100 different cryptocurrencies worth about $231 billion. Given this rapid growth and volatility, cryptocurrencies have drawn the attention of the public and policymakers. A particularly notable feature of cryptocurrencies is their potential to act as an alternative form of money. Historically, money has either had intrinsic value or derived value from government decree. Using money electronically generally has involved using the private ledgers and systems of at least one trusted intermediary. Cryptocurrencies, by contrast, generally employ user agreement, a network of users, and cryptographic protocols to achieve valid transfers of value. Cryptocurrency users typically use a pseudonymous address to identify each other and a passcode or private key to make changes to a public ledger in order to transfer value between accounts. Other computers in the network validate these transfers. Through this use of blockchain technology, cryptocurrency systems protect their public ledgers of accounts against manipulation, so that users can only send cryptocurrency to which they have access, thus allowing users to make valid transfers without a centralized, trusted intermediary.
    [Show full text]
  • The Economic Functioning of Online Drugs Markets
    ISSN 2042-2695 CEP Discussion Paper No 1490 Revised August 2017 (Replaced July 2017 version) The Economic Functioning of Online Drugs Markets V. Bhaskar Robin Linacre Stephen Machin Abstract The economic functioning of online drug markets using data scraped from online platforms is studied. Analysis of over 1.5 million online drugs sales shows online drugs markets tend to function without the significant moral hazard problems that, a priori, one might think would plague them. Only a small proportion of online drugs deals receive bad ratings from buyers, and online markets suffer less from problems of adulteration and low quality that are a common feature of street sales of illegal drugs. Furthermore, as with legal online markets, the market penalizes bad ratings, which subsequently lead to significant sales reductions and to market exit. The impact of the well-known seizure by law enforcement of the original Silk Road and the shutdown of Silk Road 2.0 are also studied, together with the exit scam of the market leader at the time, Evolution. There is no evidence that these exits deterred buyers or sellers from online drugs trading, as new platforms rapidly replaced those taken down, with the online market for drugs continuing to grow. Keywords: dark web, drugs JEL codes:K42 This paper was produced as part of the Centre’s Communities Programme. The Centre for Economic Performance is financed by the Economic and Social Research Council. Acknowledgements Robin Linacre contributed to this paper in a personal capacity and in his own time. The research is not linked to any of his work for either the Sentencing Council or the Ministry of Justice.
    [Show full text]
  • II3230-KEAMANAN INFORMASI Etika Dan Hukum Penggunaan
    II3230-KEAMANAN INFORMASI Etika dan Hukum Penggunaan TOR Faras Banas Lubis -18217046 SEKOLAH TINGGI ELEKTRO DAN INFORMATIKA (STEI) INSTITUT TEKNOLOGI BANDUNG (ITB) 2020 Daftar Isi Daftar Isi ......................................................................................................................................... 1 Daftar Gambar ................................................................................................................................ 2 Ringkasan ........................................................................................................................................ 3 BAB I PENDAHULUAN ............................................................................................................... 4 BAB II CARA KERJA TOR .......................................................................................................... 6 A. Definisi TOR ........................................................................................................................ 6 B. Fitur-Fitur TOR .................................................................................................................... 8 C. Cara Kerja TOR ................................................................................................................... 8 a. Relay............................................................................................................................... 11 b. Bridge ............................................................................................................................
    [Show full text]
  • Cybersecurity-The Silk Road Market
    City University of New York (CUNY) CUNY Academic Works Open Educational Resources Hostos Community College 2020 Cybersecurity-The Silk Road Market Amy J. Ramson CUNY Hostos Community College How does access to this work benefit ou?y Let us know! More information about this work at: https://academicworks.cuny.edu/ho_oers/7 Discover additional works at: https://academicworks.cuny.edu This work is made publicly available by the City University of New York (CUNY). Contact: [email protected] CYBERSECURITY: SILK ROAD MARKET These slides describe an account of how the Department of JusEce through the FBI and DEA successfully brought the mastermind, Ross Ulbricht, behind the DARK WEB drug bazaar, SILK ROAD, to jusEce Silk Road Professor Amy Ramson, Esq. This OER material was produced as a result of the PIT-UN network Challenge Grant – New America Creative Commons License This work is licensed under a Creative Commons Attribution-Noncommercial-Share Alike 4.0 License Ulbricht-head of the Silk Road market Ø Ross Ulbricht was born on March 27, 1984 Ø Ulbricht created the Silk Road website in 2011 Ø Ulbricht earned millions of dollars in profits from the commissions collected on purchases Ø Around January 2012, he adopted the username Dread Pirate Roberts referring to the pirate in the popular novel and film The Princess Bride that is passed to whom ever was wearing the mask Ø In order to assure users that posts from by DPR were his own, DPR authenEcated his posts using an electronic signature known as a PGP key. Ø See explanaon of PGP key signature authenEcaon on next slide PGP electronic signature authenEcaon Ø When sending digital signatures, PGP uses an algorithm that generates a hash (a mathemacal summary) which is encrypted with the sender's private key Ø The receiver uses the sender's public key to decrypt the hash code.
    [Show full text]
  • The Legal Status and Regulation of Bitcoin in Australia
    The University of Notre Dame Australia ResearchOnline@ND Theses 2017 Future digital money: The legal status and regulation of bitcoin in Australia Chinelle van der Westhuizen Follow this and additional works at: https://researchonline.nd.edu.au/theses Part of the Law Commons COMMONWEALTH OF AUSTRALIA Copyright Regulations 1969 WARNING The material in this communication may be subject to copyright under the Act. Any further copying or communication of this material by you may be the subject of copyright protection under the Act. Do not remove this notice. Publication Details van der Westhuizen, C. (2017). Future digital money: The legal status and regulation of bitcoin in Australia (Master of Laws (Thesis)). University of Notre Dame Australia. https://researchonline.nd.edu.au/theses/160 This dissertation/thesis is brought to you by ResearchOnline@ND. It has been accepted for inclusion in Theses by an authorized administrator of ResearchOnline@ND. For more information, please contact [email protected]. The University of Notre Dame Australia School of Law FUTURE DIGITAL MONEY: THE LEGAL STATUS AND REGULATION OF BITCOIN IN AUSTRALIA Chinelle van der Westhuizen LLB, LLM (University of Pretoria) This thesis is submitted in fulfilment of the requirements of the Degree of Master of Laws by Research 2017 DECLARATION This thesis does not, to the best of my knowledge, contain previously published or written material by another person except where due reference is made in the text, or any material previously submitted for a degree in any higher degree institution. _________________________________ Chinelle van der Westhuizen _________________________________ Date i ACKNOWLDEGEMENTS First and foremost, I thank God for his abundant love and goodness throughout this research period and for Blessing me with the talents to endure such a challenging research project.
    [Show full text]
  • Bitcoin and the Uniform Commercial Code Jeanne L
    University of Miami Law School Institutional Repository University of Miami Business Law Review 6-1-2016 Bitcoin and the Uniform Commercial Code Jeanne L. Schroeder Follow this and additional works at: http://repository.law.miami.edu/umblr Part of the Banking and Finance Law Commons, and the Commercial Law Commons Recommended Citation Jeanne L. Schroeder, Bitcoin and the Uniform Commercial Code, 24 U. Miami Bus. L. Rev. 1 (2016) Available at: http://repository.law.miami.edu/umblr/vol24/iss3/3 This Article is brought to you for free and open access by Institutional Repository. It has been accepted for inclusion in University of Miami Business Law Review by an authorized administrator of Institutional Repository. For more information, please contact [email protected]. Bitcoin and the Uniform Commercial Code Jeanne L. Schroeder* Much of the discussion of bitcoin in the popular press has concentrated on its status as a currency. Putting aside a vocal minority of radical libertarians and anarchists, however, many bitcoin enthusiasts are concentrating on how its underlying technology – the blockchain – can be put to use for wide variety of uses. For example, economists at the Fed and other central banks have suggested that they should encourage the evolution of bitcoin’s blockchain protocol which might allow financial transactions to clear much efficiently than under our current systems. As such, it also holds out the possibility of becoming that holy grail of commerce – a payment system that would eliminate or minimize the roles of third party intermediaries. In addition, the NASDAQ and a number of issuers are experimenting with using the blockchain to record the issuing and trading of investments securities.
    [Show full text]
  • How Did Dread Pirate Roberts Acquire and Protect His Bitcoin Wealth?
    How Did Dread Pirate Roberts Acquire and Protect His Bitcoin Wealth? Dorit Ron and Adi Shamir Department of Computer Science and Applied Mathematics, The Weizmann Institute of Science, Israel {dorit.ron,adi.shamir}@weizmann.ac.il Abstract. The Bitcoin scheme is one of the most popular and talked about alternative payment schemes. It was conceived in 2008 by the mysterious Satoshi Nakamoto, whose real identity remains unknown even though his bitcoin holdings are believed to be worth several hundred million dollars. One of the most active parts of the Bitcoin ecosystem was the Silk Road marketplace, in which highly illegal substances and services were traded. It was run by another mysterious person who called himself Dread Pirate Roberts (DPR), whose bitcoin holdings are also estimated to be worth hundreds of millions of dollars at today's exchange rate. On October 1-st 2013, the FBI arrested a 29 year old person named Ross William Ulbricht, claiming that he is DPR, and seizing a small fraction of his bitcoin wealth. In this paper we use the publicly available record to trace the evolution of his holdings in order to find how he acquired and how he tried to hide them from the authorities. For example, we show that all his income from the months of May, June and September 2013, along with numerous other amounts, were not seized by the FBI. One of the most surprising discoveries we made during our analysis was the existence of a recent substantial transfer (which was worth more than 60,000 dollars when made on March 20-th 2013, and close to a million dollars at today's exchange rate) which may link these two mysterious figures.
    [Show full text]
  • United States District Court Southern District of New York ------X
    Case 1:14-cr-00068-KBF Document 21 Filed 03/29/14 Page 1 of 64 UNITED STATES DISTRICT COURT SOUTHERN DISTRICT OF NEW YORK ------------------------------------------------------X UNITED STATES OF AMERICA : 14 Cr. 68 (KBF) - against - : (Electronically Filed) ROSS ULBRICHT, : Defendant. : ------------------------------------------------------X MEMORANDUM OF LAW IN SUPPORT OF DEFENDANT ROSS ULBRICHT’S PRE-TRIAL MOTIONS CHALLENGING THE FACE OF THE INDICTMENT JOSHUA L. DRATEL JOSHUA L. DRATEL, P.C. 29 Broadway, Suite 1412 New York, New York 10006 (212) 732-0707 Attorneys for Defendant Ross Ulbricht – Of Counsel – Joshua L. Dratel Lindsay A. Lewis Whitney Schlimbach Case 1:14-cr-00068-KBF Document 21 Filed 03/29/14 Page 2 of 64 TABLE OF CONTENTS Table of Contents.. i Table of Authorities. iv INTRODUCTION. 1 STATEMENT OF FACTS. 3 ARGUMENT POINT I COUNTS ONE, TWO, AND THREE SHOULD BE DISMISSED BECAUSE THE CONDUCT CHARGED THEREIN AGAINST MR. ULBRICHT DOES NOT STATE AN OFFENSE UNDER THE ENUMERATED STATUTES AND BECAUSE EVEN IF THE CONDUCT DID STATE AN OFFENSE, THOSE STATUTES WOULD BE UNCONSTITUTIONALLY VAGUE AS APPLIED IN THIS CASE. 6 A. The Applicable Law Regarding Challenges to the Sufficiency of an Indictment.. 7 B. The Statutes Cited In Counts One, Two, and Three Do Not Cover the Conduct Alleged Against Mr. Ulbricht.. 9 1. Count One: The Controlled Substances Trafficking Conspiracy. 9 2. Count Two: The Continuing Criminal Enterprise. 13 a. Count Two Fails to Allege Sufficiently That Mr. Ulbricht Occupied a “Position of Organizer, a Supervisory Position, and a Position of Management” Necessary to a CCE Violation.. 14 b. Count Two Fails to Enumerate the Requisite Predicate Series of Violations Necessary to a Violation of 21 U.S.C.
    [Show full text]
  • Constructing Norms for Global Cybersecurity
    Temple University Beasley School of Law LEGAL STUDIES RESEARCH PAPER NO. 2016-52 Constructing Norms for Global Cybersecurity Martha Finnemore George Washington University Duncan B. Hollis Temple University Beasley School of Law November 4, 2016 Cite: 110 American Journal of International Law __ (Forthcoming, 2016) This paper can be downloaded without charge from the Social Science Research Network Electronic paper Collection: https://papers.ssrn.com/sol3/papers.cfm?abstract_id=2843913 CONSTRUCTING NORMS FOR GLOBAL CYBERSECURITY By Martha Finnemore and Duncan B. Hollis* On February 16, 2016, a U.S. court ordered Apple to circumvent the security features of an iPhone 5C used by one of the terrorists who committed the San Bernardino shootings.1 Apple refused. It argued that breaking encryption for one phone could not be done without under- mining the security of encryption more generally.2 It made a public appeal for “everyone to step back and consider the implications” of having a “back door” key to unlock any phone—which governments (and others) could deploy to track users or access their data.3 The U.S. govern- ment eventually withdrew its suit after the F.B.I. hired an outside party to access the phone.4 But the incident sparked a wide-ranging debate over the appropriate standards of behavior for companies like Apple and for their customers in constructing and using information and com- munication technologies (ICTs).5 That debate, in turn, is part of a much larger conversation. Essential as the Internet is, “rules of the road” for cyberspace are often unclear and have become the focus of serious conflicts.
    [Show full text]