Law Commons^™

Passcodes, Protection, And Legal Practicality: The Necessity Of A Digital Fifth Amendment, Ethan Swierczewski

Catholic University Journal of Law and Technology

No abstract provided.

Chinese Technology Platforms Operating In The United States: Assessing The Threat (Originally Published As A Joint Report Of The National Security, Technology, And Law Working Group At The Hoover Institution At Stanford University And The Tech, Law & Security Program At American University Washington College Of Law), Gary Corn, Jennifer Daskal, Jack Goldsmith, Chris Inglis, Paul Rosenzweig, Samm Sacks, Bruce Schneier, Alex Stamos, Vincent Stewart

Joint PIJIP/TLS Research Paper Series

No abstract provided.

Era Of Accelerating Digital Convergence: Security, Surveillance, Data, Privacy, Big Tech, And Politics, John Taschner

American University International Law Review

No abstract provided.

Politics Of Adversarial Machine Learning, Kendra Albert, Jonathon Penney, Bruce Schneier, Ram Shankar Siva Kumar

Articles, Book Chapters, & Popular Press

In addition to their security properties, adversarial machine-learning attacks and defenses have political dimensions. They enable or foreclose certain options for both the subjects of the machine learning systems and for those who deploy them, creating risks for civil liberties and human rights. In this paper, we draw on insights from science and technology studies, anthropology, and human rights literature, to inform how defenses against adversarial attacks can be used to suppress dissent and limit attempts to investigate machine learning systems. To make this concrete, we use real-world examples of how attacks such as perturbation, model inversion, or membership inference …

Ethical Testing In The Real World: Evaluating Physical Testing Of Adversarial Machine Learning, Kendra Albert, Maggie Delano, Jonathon Penney, Afsaneh Ragot, Ram Shankar Siva Kumar

Articles, Book Chapters, & Popular Press

This paper critically assesses the adequacy and representativeness of physical domain testing for various adversarial machine learning (ML) attacks against computer vision systems involving human subjects. Many papers that deploy such attacks characterize themselves as “real world.” Despite this framing, however, we found the physical or real-world testing conducted was minimal, provided few details about testing subjects and was often conducted as an afterthought or demonstration. Adversarial ML research without representative trials or testing is an ethical, scientific, and health/safety issue that can cause real harms. We introduce the problem and our methodology, and then critique the physical domain testing …

An Analysis Of International Agreements Over Cybersecurity, Lucas Ashbaugh

Electronic Theses and Dissertations

Research into the international agreements that increase cooperation over cybersecurity challenges is severely lacking. This is a necessary next step for bridging diplomatic challenges over cybersecurity. This work aspires to be push the bounds of research into these agreements and offer a tool that future researchers can rely on. For this research I created, and made publicly available, the International Cybersecurity Cooperation Dataset (ICCD), which contains over 350 international cybersecurity agreements and pertinent metadata. Each agreement is marked per which subtopics within cybersecurity related agreements it covers. These typologies are:

• Discussion and Dialogue

• Research

• Confidence Building Measures

• Incident Response

• Crime …

  ---

  Go to article

The Resilient Foundation Of Democracy: The Legal Deconstruction Of The Washington Posts's Condemnation Of Edward Snowden, Hanna Kim

Indiana Law Journal

On September 17, 2016, The Washington Post (“the Post”) made history by being the first paper to ever call for the criminal prosecution of its own source —Edward Snowden. Yet, two years prior to this editorial, the Post accepted the 2014 Pulitzer Prize in Public Service for its “revelation of widespread secret surveillance by the National Security Agency”—an honor which would not have been bestowed had Snowden not leaked the documents through this news outlet. The other three major media outlets that received and published Snowden’s documents and findings—The Guardian, The New York Times, and The Intercept—all have taken the …

Smart Baby Monitors: The Modern Nanny Or A Home Invader, Sarah Ensenat

Catholic University Journal of Law and Technology

Smart baby monitors exist to help parents protect and watch over their children. The smart baby monitors act as a second set of eyes when parents cannot be in the same room as their children. Low-tech hackers take advantage of gaps in the security of smart baby monitors. A hacker violates a consumer’s privacy by gaining access to private information, viewing the home and its occupants, and even speaking to children through the monitor.

This comment advocates for stricter security legislation for smart baby monitors. Without new legislation, manufacturers of smart baby monitors do not apply or invest in the …

Borders And Bits, Jennifer Daskal

Articles in Law Reviews & Other Academic Journals

Our personal data is everywhere and anywhere, moving across national borders in ways that defy normal expectations of how things and people travel from Point A to Point B. Yet, whereas data transits the globe without any intrinsic ties to territory, the governments that seek to access or regulate this data operate with territorial-based limits. This Article tackles the inherent tension between how governments and data operate, the jurisdictional conflicts that have emerged, and the power that has been delegated to the multinational corporations that manage our data across borders as a result. It does so through the lens of …

Data Collection And The Regulatory State, Ahmed Ghappour

Faculty Scholarship

The following remarks were given on January 27, 2017 during the Connecticut Law Review’s symposium, “Privacy, Security & Power: The State of Digital Surveillance.” Hillary Greene, the Zephaniah Swift Professor of Law at the University of Connecticut School of Law, offered introductory remarks and moderated the panel. The panel included Dr. Cooper, Associate Professor of Law and Director of the Program on Economics & Privacy at Antonin Scalia Law School at George Mason University, Professor Ghappour, Visiting Assistant Professor at UC Hastings College of the Law, Attorney Lieber, Senior Privacy Policy Counsel at Google, and Dr. Wu, Professor of Law …

Maintaining Individual Liability In Aml And Cybersecurity At New York's Financial Institutions, Harry Dixon

Penn State Journal of Law & International Affairs

No abstract provided.

Enhancing Cybersecurity In The Private Sector By Means Of Civil Liability Lawsuits - The Connie Francis Effect, Jeffrey F. Addicott

University of Richmond Law Review

The purpose of this article is to explore the threats posed by

cybersecurity breaches, outline the steps taken by the government

to address those threats in the private sector economy, and

call attention to the ultimate solution, which will most certainly

spur private businesses to create a more secure cyber environment

for the American people-a Connie Francis-styled cyber civil

action lawsuit.

Keynote Address: The Digital Forevermore, Thomas J. Ridge

University of Richmond Law Review

No abstract provided.

Paying For Privacy And The Personal Data Economy, Stacy-Ann Elvy

Articles & Chapters

Growing demands for privacy and increases in the quantity and variety of consumer data have engendered various business offerings to allow companies, and in some instances consumers, to capitalize on these developments. One such example is the emerging “personal data economy” (PDE) in which companies, such as Datacoup, purchase data directly from individuals. At the opposite end of the spectrum, the “pay-for-privacy” (PFP) model requires consumers to pay an additional fee to prevent their data from being collected and mined for advertising purposes. This Article conducts a simultaneous in-depth exploration of the impact of burgeoning PDE and PFP models. It …

Introduction, Tracy Mitrano

Tracy Mitrano

No abstract provided.

Chapter Five: The San Bernardino Iphone Case, Tracy Mitrano

Tracy Mitrano

The Continuing Battle Over Privacy Vs. Security, Ellen Cornelius

Homeland Security Publications

No abstract provided.

Silencing The Call To Arms: A Shift Away From Cyber Attacks As Warfare, Ryan Patterson

Loyola of Los Angeles Law Review

Cyberspace has developed into an indispensable aspect of modern society, but not without risk. Cyber attacks have increased in frequency, with many states declaring cyber operations a priority in what has been called the newest domain of warfare. But what rules govern? The Tallinn Manual on the International Law Applicable to Cyber Warfare suggests existent laws of war are sufficient to govern cyber activities; however, the Tallinn Manual ignores fundamental problems and unique differences between cyber attacks and kinetic attacks. This Article argues that several crucial impediments frustrate placing cyber attacks within the current umbra of warfare, chiefly the problems …

The Internet Of Things And Wearable Technology: Addressing Privacy And Security Concerns Without Derailing Innovation, Adam D. Thierer

Adam Thierer

This paper highlights some of the opportunities presented by the rise of the so-called “Internet of Things” and wearable technology in particular, and encourages policymakers to allow these technologies to develop in a relatively unabated fashion. As with other new and highly disruptive digital technologies, however, the Internet of Things and wearable tech will challenge existing social, economic, and legal norms. In particular, these technologies raise a variety of privacy and safety concerns. Other technical barriers exist that could hold back IoT and wearable tech — including disputes over technical standards, system interoperability, and access to adequate spectrum to facilitate …

Regulating The Internet Of Things: First Steps Toward Managing Discrimination, Privacy, Security, And Consent, Scott R. Peppet

Publications

The consumer "Internet of Things" is suddenly reality, not science fiction. Electronic sensors are now ubiquitous in our smartphones, cars, homes, electric systems, health-care devices, fitness monitors, and workplaces. These connected, sensor-based devices create new types and unprecedented quantities of detailed, high-quality information about our everyday actions, habits, personalities, and preferences. Much of this undoubtedly increases social welfare. For example, insurers can price automobile coverage more accurately by using sensors to measure exactly how you drive (e.g., Progressive 's Snapshot system), which should theoretically lower the overall cost of insurance. But the Internet of Things raises new and difficult questions …

Corresponding Evolution: International Law And The Emergence Of Cyber Warfare, Bradley Raboin

Journal of the National Association of Administrative Law Judiciary

No abstract provided.

Privacy Issues And Solutions In Social Network Sites, Xi Chen, Katina Michael

Associate Professor Katina Michael

The boom of the internet and the explosion of new technologies have brought with them new challenges and thus new connotations of privacy. Clearly, when people deal with e-government and e-business, they do not only need the right to be let alone, but also to be let in secret. Not only do they need freedom of movement, but also to be assured of the secrecy of their information. Solove [6] has critiqued traditional definitions of privacy and argued that they do not address privacy issues created by new online technologies. Austin [7] also asserts: “[w]e do need to sharpen and …

Limits Of The Federal Wiretap Act's Ability To Protect Against Wi-Fi Sniffing, Mani Potnuru

Michigan Law Review

Adoption of Wi-Fi wireless technology continues to see explosive growth. However many users still operate their home Wi-Fi networks in unsecured mode or use publicly available unsecured Wi-Fi networks, thus exposing their communications to the dangers of "packet sniffing," a technique used for eavesdropping on a network. Some have argued that communications over unsecured Wi-Fi networks are "readily accessible to the general public" and that such communications are therefore excluded from the broad protections of the Federal Wiretap Act against intentional interception of electronic communications. This Note examines the Federal Wiretap Act and argues that the current Act's treatment of …

Book Review: Handbook On Securing Cyber-Physical Critical Infrastructure: Foundations And Challenges (Written By Sajal K. Das, Krishna Kant, Nan Zhang), Katina Michael

Professor Katina Michael

This 800+ page handbook is divided into eight parts and contains thirty chapters, ideal for either an advanced undergraduate or graduate course in security. At the heart of this handbook is how we might go about managing both physical and cyber infrastructures, as they continue to become embedded and enmeshed, through advanced control systems, and new computing and communications paradigms.

Book Review Of Hacking: The Next Generation (Written By Nitesh Dhanjani, Billy Rios & Brett Hardin), Katina Michael

Professor Katina Michael

Hacking: The Next Generation demonstrates just how hackers continue to exploit “back doors”. New ways of working and new ways of communicating have meant that the number of attack vectors continue to rise rapidly. This provides hackers with a greater number of opportunities to penetrate systems using blended approaches while organizations struggle to come up to speed with the latest technology developments and commensurate security capabilities. Dealing with anticipated threats is a lot harder than dealing with known threats.

Book Review: Securing The Cloud: Cloud Computer Security Techniques And Tactics, Katina Michael

Associate Professor Katina Michael

With so much buzz around Cloud Computing, books like this one written by Winkler are much in demand. Winkler’s experience in the computing business shines through and as readers we are spoiled with a great deal of useful strategic information- a jam packed almost 300 page volume on securing the cloud.

Book Review: Security Risk Management: Building An Information Security Risk Management Program From The Ground Up, Katina Michael

Associate Professor Katina Michael

In an age of outsourcing tasks that are not considered to be a core competency of the business, organisations have often relied on external consultants for matters pertaining to security. In actual fact, most companies could have utilized existing skill-sets in-house to produce a security risk management program, if only they knew what steps to take, and how to go about it all. Evan Wheeler in his book on information security risk management does just that- he equips professionals tasked with security, with the thinking required to create a program that is more preoccupied with the complex strategic-level questions than …

Rough Consensus And Running Code: Integrating Engineering Principles Into Internet Policy Debates, Christopher S. Yoo

All Faculty Scholarship

This is the introduction to a symposium issue for a conference designed to bring the engineering community, policymakers, legal academics, and industry participants together in an attempt to provide policymakers with a better understanding of the Internet’s technical aspects and to explore emerging issues of particular importance to current broadband policy.

Disappearing Government Information And The Internet's Public Domain, Susan Nevelow Mart

Publications

This article surveys the types and amounts of information that have been removed from the Internet since September 11th. Information has been removed in the name of national security as well as for reasons of seeming political expediency. After discussing the bases of some of the rationales for removing the information, and the legal underpinnings of continued access, the article suggests several forms of advocacy that could be used to return the information to the public's domain.

Run For The Border: Laptop Searches And The Fourth Amendment, Nathan Alexander Sales

University of Richmond Law Review

No abstract provided.