Alexander Berengaut

Firm/Organization: Covington & Burling LLP

Blogs: Global Policy Watch, Inside Privacy, Inside Tech Media

Latest Articles

Coercive and Non-Coercive Surveillance Authorities

By Trisha Anderson & Alexander Berengaut on April 25, 2019

When the U.S. government conducts electronic surveillance, there are a variety of legal authorities on which it relies. The Wiretap Act, for example, authorizes the government to conduct live telephone wiretaps in certain criminal investigations; for electronic data, the Act also permits the government to acquire electronic communications in real time. The Stored Communications Act (“SCA”) authorizes the government to obtain stored electronic data, including the content of email messages hosted online for criminal investigations.…

Inside Privacy

Department of Justice Releases White Paper on CLOUD Act

By Jim Garland, Trisha Anderson, Alexander Berengaut & Katharine Goodloe on April 11, 2019

On Wednesday, the U.S. Department of Justice released a white paper and FAQ on the Clarifying Lawful Overseas Use of Data (“CLOUD”) Act, which was enacted in March 2018 and creates a new framework for government access to data held by technology companies worldwide. The paper, titled “Promoting Public Safety, Privacy, and the Rule of Law Around the World: The Purpose and Impact of the CLOUD Act,” addresses the scope and purpose of…

Inside Privacy

Reaching for the CLOUD

By Alexander Berengaut & Katharine Goodloe on April 5, 2019

This article originally appeared in Global Data Review on March 29, 2019 Last year, the US passed legislation expanding the geographic reach of certain legal process, including search warrants, issued to technology providers seeking customer data. Under the Clarifying Lawful Overseas Use of Data (CLOUD) Act, warrants issued by US courts can force certain types of providers to disclose customer data stored anywhere in the world. Notably, the CLOUD Act does not affect only US…

Global Policy Watch

Litigation Options For Post-Cyberattack ‘Active Defense’

By Alexander Berengaut & Tarek Austin on October 30, 2018

In March 2017, Rep. Tom Graves, R-Ga., introduced a draft bill titled the Active Cyber Defense Certainty Act. The bill would amend the Computer Fraud and Abuse Act to enable victims of cyberattacks to employ “limited defensive measures that exceed the boundaries of one’s network in order to monitor, identify and stop attackers.”[1] More specifically, the ACDC would empower individuals and companies to leave their own network to ascertain the perpetrator (i.e., establish attribution), disrupt…

Inside Privacy

Litigation Options For Post-Cyberattack ‘Active Defense’

By Alexander Berengaut & Tarek Austin on October 29, 2018

[This article also was published in Law360.] In March 2017, Rep. Tom Graves, R-Ga., introduced a draft bill titled the Active Cyber Defense Certainty Act. The bill would amend the Computer Fraud and Abuse Act to enable victims of cyberattacks to employ “limited defensive measures that exceed the boundaries of one’s network in order to monitor, identify and stop attackers.”[1] More specifically, the ACDC would empower individuals and companies to leave their own network…

Inside Privacy

Covington Webinar: Examining the CLOUD Act

By Alexander Berengaut & Katharine Goodloe on August 28, 2018

Covington’s Alex Berengaut and Kate Goodloe today hosted a webinar on the Clarifying Lawful Overseas Use of Data (“CLOUD”) Act. The CLOUD Act was signed into law in March and creates a new framework for government access to data held by technology companies worldwide. The webinar, hosted with DataGuidance, is available here. The webinar expands on many aspects of the CLOUD Act we previously covered on this blog.…

Inside Privacy

Supreme Court’s Carpenter Decision Requires Warrant for Cell Phone Location Data

By Jim Garland, Alexander Berengaut & Katharine Goodloe on June 22, 2018

In a decision that defines how the Fourth Amendment applies to information collected in the digital age, the Supreme Court today held that police must use a warrant to obtain from a cell phone company records that detail the location and movements of a cell phone user. The opinion in Carpenter v. United States limits the application of the third-party doctrine, holding that a warrant is required when an individual “has a legitimate privacy interest…

Inside Tech Media

IoT Update: Supreme Court’s Carpenter Decision Requires Warrant for Cell Phone Location Data

By Jim Garland, Alexander Berengaut & Katharine Goodloe on June 22, 2018

Inside Privacy

Government’s Response to Malware Defendant’s Constitutional Challenge Falls Short

By Alexander Berengaut on April 23, 2018

Last summer, Marcus Hutchins, the security researcher who stopped the “WannaCry” malware attack, was arrested and charged for his role in allegedly creating and conspiring to sell a different piece of malware, known as Kronos. As we have previously discussed on this blog, however, the indictment was notable for its lack of allegations connecting Hutchins to the United States, which raises constitutional due process issues, and Hutchins subsequently moved to dismiss the indictment on this…

Inside Privacy

Malware Defendant Raises Constitutional Challenge to Indictment

By Alexander Berengaut on April 3, 2018

Last August, the Department of Justice arrested and indicted Marcus Hutchins, the security researcher who accidentally discovered the “kill switch” that stopped the “WannaCry” malware attack. Hutchins was not charged for anything to do with WannaCry, but rather for creating and conspiring to sell a different piece of malware, the “Kronos Banking trojan.” Apart from the dramatic circumstances surrounding his arrest, Hutchins’ indictment was notable for its lack of allegations connecting him to the United…

Alexander Berengaut

Coercive and Non-Coercive Surveillance Authorities

Department of Justice Releases White Paper on CLOUD Act

Reaching for the CLOUD

Litigation Options For Post-Cyberattack ‘Active Defense’

Litigation Options For Post-Cyberattack ‘Active Defense’

Covington Webinar: Examining the CLOUD Act

Supreme Court’s Carpenter Decision Requires Warrant for Cell Phone Location Data

IoT Update: Supreme Court’s Carpenter Decision Requires Warrant for Cell Phone Location Data

Government’s Response to Malware Defendant’s Constitutional Challenge Falls Short

Malware Defendant Raises Constitutional Challenge to Indictment

Company

Support

New to the Network