The below article is a guest-authored piece to which this BLOG host contributed. It addresses issues on the cutting edge of technology and the risks presented when technology changes but the law does not keep pace.
Technology pervades virtually every aspect of modern American society, including the courtrooms. When technology is sound and used properly, it can yield fantastic results, improving the accuracy of legal fact-finding and business decision-making. When technology is flawed or misapplied, however, the consequences can be disastrous. Flawed courtroom testimony about technology may result in miscarriages of justice, and outmoded technology is imperiling economic security.
Outdated Cellphone Location Methods
In many criminal and civil cases, it is critical to determine where a certain person, often an accused, was when he or she used their cellphone to place a call. Most courts, including tax, criminal, civil, and traffic, are still accepting outdated, flawed methods to determine the approximate location of a cellphone. Consider three examples.
To begin with, a still popular but inaccurate method relies on the assumption that a cellphone always connects to the cell tower with the strongest signal, typically the closest tower. That was a defensible claim until the late 20th century. However, at that point mobile phone companies switched from analog to programmable digital networks. The switch to programmable digital networks freed phones from the need to use the tower with the strongest signal. Modern networks allow selections that make more sense in terms of economics and customer service, often including the real-time choice of a more distant, less “noisy” tower.
Another common courtroom claim by prosecution law enforcement experts, sometimes supplemented with their drive test evidence, is that unlike rural towers, urban towers have noticeably shorter ranges, since their signals are severely reduced when large buildings block the path of the signal. That claim is only partially true. Although the area immediately behind a building may get a weak signal from a given tower, areas farther away but still directly behind the same building receive much stronger signals. Therefore, many urban cell towers can and do have a potential range of more than 20 miles. For instance, Verizon estimates that one of its New York City cell towers has a range of 26 miles.
Another problem is that at trial, prosecution experts frequently presented oversimplified pie-shaped diagrams showing sectors that do not overlap. Those diagrams are misleading. Early cell towers used a single unidirectional antenna. In contrast, today’s cell towers typically use several antennas with each one pointing in a different direction. One advantage of today’s separate sector approach is flexible coverage when needed. A sector of tower A can be used to help cover hard to reach customers who are nearer to tower B. The coverage area of each antenna sector is not a neat pie slice; rather, the area is cardioid (heart shaped). Unlike an angular V shape, the rounded cardioid shape does not align side-by-side with its neighboring antenna sectors. Instead, the antennas must overlap each other to avoid excluded coverage areas. This overlap creates geolocation uncertainty; if the call was made from the overlap area, the caller could have been in either sector A or sector B.
The unfortunate use of these outdated methods may have affected the outcomes of hundreds or thousands of cases. One of the authors has successfully challenged these methods to subtract residency days in New York Tax Court and to help free a woman who spent over 10 years in jail for a crime that she did not commit.
Outdated Cybersecurity without Safe Rooms
The commercial sector also remains in the 20th century when it comes to cybersecurity. All types of entities are being hacked, including Yahoo, Equifax, Facebook, Travelers Insurance, and Bitcoin exchanges. Businesses use cybersecurity software, including virus scanners, biometrics and encryption, but they fail to use safe rooms.
For at least 20 years, the governments of the United States and many other countries have successfully used Secure Compartmentalized Information Facilities (SCIF, or a safe room) in concert with cybersecurity software to avoid hackers. Safe rooms are copper shielded, ideally hidden, rooms that comprehensively protect documents by blocking radio waves, cameras, mobile telephones, portable computers, copiers, and the Internet. A safe room should have at least one private, single-person viewing area that locks automatically on entry. We recommend three levels of security measures:
First, any data center that requires an Internet connection should be modified to reduce the volume of information that is valuable to hackers. For example, an electric bill can be computed using an address and a biometric token, as opposed to a name and an address. The account should ordinarily be cut off from the Internet, because utility accounts can yield a wealth of personal information: the customer’s legal name, length of residence, Social Security number, and payment history, all bits of personal and proprietary data that hackers love to collect and sell or share.
At a second level of security, safe rooms must have strict viewing access controls. For example, individuals, identified with a specific fingerprint, should only be allowed a one-time decryption and viewing of a specific document.
At a third security level, the viewing controls must not only regulate access to the room, but also the use of each document. For each category of documents, there should be 1) a list of eligible viewers; 2) a time limit per document view, typically not exceeding 40 minutes; and 3) a maximum number of views allowed, perhaps one per viewer.
Making Use of What’s Available
Attorneys must ask whether the current computer security protocols are adequate. The news is replete with reports of new security breaches that provide evidence of the fatal weaknesses of current approaches. One way to get serious about protecting confidential documents and their processing in the 21st century capitalizes on the best that modern science offers: hidden safe rooms, sophisticated document controls, encryption, and biometric recognition.
Adapted with permission from the CPA Journal, June 2019 Issue