Challenging Outdated Technology – The CPA Journal

Outdated Cellphone Location Methods

Most courtrooms, including tax, criminal, civil, and traffic, are still accepting and admitting outdated methods to determine the approximate location of a cell-phone. A very popular method relies on the proposition that a cellphone will use the cell tower with the strongest signal. This was a reliable claim until the late 20th century, when mobile phone companies switched from analog to programmable digital networks. The use of programmable digital networks freed phones from simply using the tower with the strongest signal and allowed more refined selections, including the selection of the least “noisy” tower.

Another outdated method used the switching from one tower to another to identify both travel and direction. This method was also reliable before the emergence of digital networks. In the digital era, however, towers may be switched simply to balance tower load and improve sound quality.

The unfortunate use of these outdated methods may have affected the outcomes of hundreds or thousands of cases. For example, the authors have successfully challenged these methods to subtract residency days in New York Tax Court and to help free a woman who spent over 10 years in jail for a crime that she did not commit.

Outdated Cybersecurity without Safe Rooms

The commercial sector also remains in the 20th century when it comes to cybersecurity. All types of entities are being hacked, including Yahoo, Equifax, Facebook, Travelers Insurance, and Bitcoin exchanges. Businesses use cybersecurity software, including virus scanners, biometrics and encryption, but they fail to use safe rooms.

For at least 20 years, the governments of the United States and many other countries have successfully used Secure Compartmentalized Information Facilities (SCIF, or a safe room) in concert with cybersecurity software to avoid hackers. Safe rooms are copper shielded, ideally hidden, rooms that comprehensively protect documents by blocking radio waves, cameras, mobile telephones, portable computers, copiers, and the Internet. A safe room should have at least one private, single-person viewing area that locks automatically on entry. Other recommendations include the following:

• Any data center that requires an Internet connection should be modified to reduce the volume of information that is valuable to hackers. For example, an electric bill can be computed using an address and a biometric token, as opposed to a name and an address. The account should ordinarily be cut off from the Internet, because utility accounts can yield a wealth of personal information: the customer’s legal name, length of residence, Social Security number, and payment history, all bits of personal and proprietary data that hackers love to collect and sell or share.
• At a second level of security, safe rooms must have strict viewing access controls. For example, individuals, identified with a specific fingerprint, should only be allowed a one-time decryption and viewing of a specific document.
• At a third security level, the viewing controls must not only regulate access to the room, but also the use of each document. For each category of documents, there should be 1) a list of eligible viewers; 2) a time limit per document view, typically not exceeding 40 minutes; and 3) a maximum number of views allowed, perhaps one per viewer.

Making Use of What’s Available

CPAs must ask whether the current computer security protocols are adequate. The news is replete with reports of new security breaches that provide evidence of the fatal weaknesses of current approaches. One way to get serious about protecting confidential documents and their processing in the 21st century capitalizes on the best that modern science offers: hidden safe rooms, sophisticated document controls, encryption, and biometric recognition.