iOS app Android app

Susan Landau
GET UPDATES FROM Susan Landau
Susan Landau is a professor of cybersecurity policy at Worcester Polytechnic Institute. Landau has been a senior staff Privacy Analyst at Google, a Distinguished Engineer at Sun Microsystems, a faculty member at the University of Massachusetts at Amherst and at Wesleyan University, and has held visiting positions at Harvard, Cornell, and Yale, and the Mathematical Sciences Research Institute. Landau is the author of Surveillance or Security?
The Risks Posed by New Wiretapping Technologies
(MIT Press, 2011), and co-author, with Whitfield Diffie, of Privacy on the Line: The Politics of Wiretapping and Encryption(MIT Press, original edition: 1998; rev. 2007). She has testified in Congress on surveillance and cybersecurity issues, and written numerous computer science and public policy papers, and op-eds on cybersecurity and encryption policy. A 2012 Guggenheim fellow, Landau was a 2010-2011 fellow at the Radcliffe Institute for Advanced Study, the recipient of the 2008 Women of Vision Social Impact Award, and also a fellow of the American Association for the Advancement of Science and the Association for Computing Machinery.

Entries by Susan Landau

What the President Said -- and Didn't Say -- About Surveillance

(42) Comments | Posted August 11, 2013 | 1:11 PM

First and foremost we must realize that democracy cannot survive when the government conducts surveillance through secret interpretations of laws adjudicated by a secret court issuing secret decisions. While foreign intelligence must often operate in the shadows, we need laws arrived at openly, and agencies that operate within those laws....

Read Post

Canaries in the Coal Mine

(203) Comments | Posted June 6, 2013 | 3:14 PM

To protect our First Amendment right of freedom of the press, the Code of Federal Regulations has stringent conditions regarding the government investigations of journalists. Before the government can subpoena a reporter's telephone billing records, investigators must try all other reasonable forms of investigation. And no one less than...

Read Post

Boston and the Right to Privacy

(6) Comments | Posted April 22, 2013 | 9:50 PM

It was a week that began with carnage and ended with the death of one policeman and the serious injury of another, the death of one suspect and the arrest of another. It was a week that showed the heroism of ordinary people and the courage of first responders. The...

Read Post

Cybersecurity -- Getting It Right This Time

(4) Comments | Posted February 13, 2013 | 1:19 PM

The administration has put out an executive order on cybersecurity for critical infrastructure. Congress is not happy. But I think that this order largely gets things right.

The order focuses on systems and assets, whether physical or virtual, whose destruction would have a debilitating effect on security, national...

Read Post

Searching in a Haystack... Finds Straw

(1) Comments | Posted October 15, 2012 | 10:03 PM

The Senate recently released a report highly critical of state and local fusion centers. Fusion centers amalgamate information from many sources -- state and local law enforcement, first responders, public health, etc. -- to determine threats to public safety. According to the report, the centers were not yielding...

Read Post

Nothing to Fear But Fear Itself

(8) Comments | Posted April 29, 2012 | 8:53 PM

The House passed the Cyber Intelligence Sharing and Protection Act (CISPA), a bill that purports to improve U.S. cybersecurity. In fact, the bill does little to protect us but rather a lot to destroy the privacy of American communications.

The bill allows private entities to share "cyber threat" information...

Read Post

One Small Step for Privacy...

(4) Comments | Posted January 26, 2012 | 12:29 PM

In the United States v. Antoine Jones, the Supreme Court made an extremely important decision, unanimously determining that installing a GPS-tracking device to a suspect's car constitutes a search and thus requires a warrant. Justice Antonin Scalia delivered the opinion of the court, which narrowly focused on whether there...

Read Post

It's All in How You View It

(5) Comments | Posted January 17, 2012 | 9:08 AM

The newspaper stories about the Obama administration's opposition to the Stop Online Piracy Act (SOPA) and the Protect IP Act portray the battle over the bills as a fight between Hollywood and the technology companies. That is rather missing the point. While these bills would...

Read Post

Hollywood and the Internet: Time for the Sequel

(8) Comments | Posted November 28, 2011 | 2:55 PM

The Internet has created huge numbers of businesses: Amazon, eBay, Google, Skype to name but a few. These businesses disrupted -- and even displaced -- old businesses: local bookstores, classified ads, newspaper and magazine advertising, long-distance calling -- but you didn't see the bookstores, the print...

Read Post

Who Knows Where I Am? What Do They Do With the Information?

(1) Comments | Posted October 3, 2011 | 4:20 PM

Back when telephones were devices that sat on the hallway table or hung on the kitchen wall, people who called you knew where you were; a phone number named a physical location. The phone company knew that the call had been answered, but it had no idea who took the...

Read Post

Data Retention? News of the World Demos the Risks

(2) Comments | Posted July 21, 2011 | 5:24 PM

The story of journalists hacking into the voice mails of princes, police, celebrities, sports figures, and ordinary people has caught everyone's attention. It's the story of politicians too cozy with the press and police too friendly with the people they're investigating -- all of which meant investigations didn't...

Read Post

Mr. Murdoch and Mr. Brown: A Real-Life Example of Why Privacy Matters

(1) Comments | Posted July 18, 2011 | 4:42 PM

Those of us in the privacy business have heard the riposte -- "Why should I care about privacy? I have nothing to hide." -- more times than we want to count. It's considered impolitic to say, "Well, I happen to know that your Aunt Sally is in prison for murdering...

Read Post

Where Have All the Wiretap Reports Gone?

(10) Comments | Posted July 14, 2011 | 10:00 AM

Last fall, the FBI claimed it was "going dark," unable to wiretap due to changes in communications technology, including peer-to-peer Voice over IP calls and encryption. The House Judiciary Committee held a hearing this spring, but in the absence of hard data, it is hard to know what...

Read Post

Privacy, Online Identity Solutions, and Making Money: Pick Three?

(0) Comments | Posted July 7, 2011 | 5:05 PM

The U.S. government's approach to secure online identities, with its strong emphasis on privacy, is to be applauded. But the devil is in the details. In this case, the details lie with the private sector, whom the administration intends to rely on to provide solutions.

This gets sticky....

Read Post

Getting Communications Security Right

(0) Comments | Posted April 19, 2011 | 10:31 AM

Between the mid 1970s and the late 1990s, the government fought industry and academia over cryptography. The National Security Agency (NSA) had been accustomed to being the only one in the ring designing cryptographic systems and decoding messages, and it didn't take nicely to the competition. First NSA...

Read Post

Getting Wiretapping Right

(7) Comments | Posted April 5, 2011 | 12:44 PM

Last fall the FBI issued an alarm: its wiretapping efforts were "going dark" and soon the bureau would not be able to eavesdrop on criminals. Echoing complaints from India, Dubai, and the United Arab Emirates, the FBI said it needed access to keys used in encrypted messages and...

Read Post

NIST Leads the Charge on Online Authentication

(2) Comments | Posted January 12, 2011 | 3:37 PM

It's been a long time coming. After any number of heavy-handed approaches to online identity management, the federal government looks like it is trying a more enlightened approach. Last week the White House announced that the Commerce Department will be in charge of developing identity systems for the internet....

Read Post

Who's Been Looking Over my Shoulder? -- The FTC Seeks to Update Online Privacy Protections

(0) Comments | Posted December 6, 2010 | 5:51 PM

Did you ever stop to think what your browsing reveals about you? You check out nearby pizza places, and your browser lets the search engine know your location (bet you didn't know that was happening while you were typing "great anchovy pizza"). Or you look up the evening's baseball scores,...

Read Post

The FBI Wiretap Plan: Upsetting the Security Equation

(3) Comments | Posted October 25, 2010 | 3:17 PM

Some time ago I was on an American Bar Association panel with an FBI Associate Deputy Director when he asked the audience if they knew that Skype puts "other people's data on your machine." He looked appalled. I responded, "Yes, that's what peer-to-peer applications do." Skype encrypts conversations...

Read Post

Moving Rapidly Backwards on Security

(6) Comments | Posted October 13, 2010 | 1:15 PM

What is the FBI thinking? The bureau wants to roll back technology -- peer-to-peer voice communications -- and government regulations on encryption in order to be able to wiretap more easily. But our real security problem doesn't lies in law enforcement's inability to read criminals and terrorist on-line communications....

Read Post