Law Commons^™

Mischief With Government Information Policy, Renée M. Landers

Chicago-Kent Law Review

No abstract provided.

Administrative Truth: Comments On Cortez's Information Mischief, David Thaw

Chicago-Kent Law Review

No abstract provided.

Information Mischief Under The Trump Administration, Nathan Cortez

Chicago-Kent Law Review

The Trump administration has used government information in more cynical ways than its predecessors. For example, it has removed certain information from the public domain, scrubbed certain terminology from government web sites, censored scientists, manipulated public data, and used “transparency” initiatives as a pretext for anti-regulatory policies, particularly environmental policy. This article attempts to tease out an emerging “information policy” for the Trump administration, explain how it departs from the information policies of predecessors, and evaluate the extent to which both legal and non-legal mechanisms might constrain executive discretion.

The Promise And Perils Of Algorithmic Lenders’ Use Of Big Data, Matthew Adam Bruckner

Chicago-Kent Law Review

Tens of millions of Americans lack access to traditional forms of credit and must rely on payday and pawn loans instead. “Algorithmic lending 2.0” promises to enable fintech companies to lend to those excluded from traditional forms of credit. Version 2.0 algorithmic lenders claim to use Big Data and machine learning to increase credit access by making better predictions about prospective borrowers’ creditworthiness and decreasing the cost of credit. Supporters also claim that algorithmic lending 2.0 removes human bias from the financial services sector. Detractors have cast doubt on both claims, arguing that there is scant evidence that algorithmic lending …

The Rise Of Automated Investment Advice: Can Robo-Advisors Rescue The Retail Market?, Benjamin P. Edwards

Chicago-Kent Law Review

Different types of financial advisers serve the massive and widely dispersed retail investment market. In a market riddled with conflicts of interests, many advisers exploit retail customers by pitching suboptimal products, leading to lower investment returns and lower overall growth—but also to greater profits for the financial advisers collecting kickback-style commissions. New financial technology firms, commonly known as Robo-Advisers, may disrupt this market and these exploitative practices. Still, these potentially disruptive automated investment advice firms face significant regulatory risks.

New Art For The People: Art Funds & Financial Technology, Brian L. Frye

Chicago-Kent Law Review

Fine art sales have reached record levels, with the global art market achieving annual sales of over $60 billion. However, the art market is extremely risky and the most lucrative investment opportunities are typically at the high end of the market. In recent years, financial industry professionals with an interest in the art world have increasingly formed art investment funds, intended to enable smaller investors to take advantage of the opportunity to invest in the art world and diversify their portfolios. Some art funds also allow art investors to borrow against certain assets. About 45 art investment funds currently exist, …

Regtech, Compliance And Technology Judgement Rule, Nizan Geslevich Packin

Chicago-Kent Law Review

This Article focuses on the rise of Financial Technology, which revolutionized consumer financial service products, and challenged policymakers with regulating the rapidly evolving financial industry. In particular, it explores Regulatory Technology, also known as RegTech, which is the finance industry’s use of technology, especially information technology, in the context of regulatory monitoring, reporting and compliance. RegTech is designed to solve industry needs for a more effective and efficient way to automate corporate governance and compliance processes. Not only has FinTech proven to be a vital revenue source, especially in connection with lending or money transmission services, but it also helps …

Fintech's Double Edges, Christopher G. Bradley

Chicago-Kent Law Review

This symposium essay examines the double-edged nature of financial technologies in financial transactions, especially transactions involving consumers. There are both benefits and risks—often undiscovered or hidden at first—in each new round of financial technologies. A FinTech tool may benefit consumers and then, applied later or in a different context, threaten consumer interests; a tool that harms consumer interests may then lead to development of a tool that favors them. This double-edged nature is an important but unappreciated structural feature of financial technologies. From the perspective of consumer protection, then, FinTech can neither be fully embraced as friend nor restricted as …

Computer As Confidant: Digital Investment Advice And The Fiduciary Standard, Nicole G. Iannarone

Chicago-Kent Law Review

Digital investment advisers are the fastest growing segment of financial technology (fintech) and are disrupting traditional investment advisory delivery models. The computer-led investment advisory service model may be growing particularly quickly due to a confluence of social and political factors. Politicians and regulators have increasingly focused on the standards of care applicable to investment advice providers. Fewer Americans are ready for retirement and many lack access to affordable investment advice. At the same time, comfort with digital platforms have increased, with some preferring electronic interaction over human interaction. Claiming that they can democratize retirement service by pro- viding advice meeting …

Fintech: Antidote To Rent-Seeking?, Jeremy Kidd J.D., Ph.D

Chicago-Kent Law Review

Innovations in financial technology, or Fintech, has been ongoing for decades but has recently begun to accelerate. Some observers have argued that it will soon begin to outstrip the ability of regulators to keep pace. If those predictions are accurate, what would the world look like with a financial sector that cannot be effectively regulated? One possibility—drawn from public choice economics—is that rent-seeking will be inhibited or eliminated. Rent-seeking is the distortion of law and regulation for the benefit of special interests, who expend resources to guarantee those distortions in their favor. Rent-seeking is inefficient and inhibits growth and innovation, …

Ispy: Threats To Individual And Institutional Privacy In The Digital World, Lori Andrews

All Faculty Scholarship

What type of information is collected, who is viewing it, and what law librarians can do to protect their patrons and institutions.

Leveraging Predictive Policing Algorithms To Restore Fourth Amendment Protections In High-Crime Areas In A Post-Wardlow World, Kelly K. Koss

Chicago-Kent Law Review

Rapid technological changes have led to an explosion in Big Data collection and analysis through complex computerized algorithms. Law enforcement has not been immune to these technological developments. Many local police departments are now using highly advanced predictive policing technologies to predict when and where crime will occur in their communities, and to allocate crime-fighting resources based on these predictions.

Although predictive policing technology has an array of the potential uses, the scope of this Note is limited to addressing how the statistical outputs from these technologies can be used to restore eroded Fourth Amendment rights in alleged high-crime areas. …

The Self, The Stasi, The Nsa: Privacy, Knowledge, And Complicity In The Surveillance State, Richard Warner, Robert H. Sloan

All Faculty Scholarship

We focus on privacy in public. The notion dates back over a century, at least to the work of the German sociologist, Georg Simmel. Simmel observed that people voluntarily limit their knowledge of each other as they interact in a wide variety of social and commercial roles, thereby making certain information private relative to the interaction even if it is otherwise publicly available. Current governmental surveillance in the US (and elsewhere) reduces privacy in public. But to what extent?

The question matters because adequate self-realization requires adequate privacy in public. That in turn depends on informational norms, social norms that …

Self, Privacy, And Power: Is It All Over?, Richard Warner, Robert H. Sloan

All Faculty Scholarship

The realization of a multifaceted self is an ideal one strives to realize. One realizes such a self in large part through interaction with others in various social roles. Such realization requires a significant degree of informational privacy. Informational privacy is the ability to determine for yourself when others may collect and how they may use your information. The realization of multifaceted selves requires informational privacy in public. There is no contradiction here: informational privacy is a matter of control, and you can have such control in public. Current information processing practices greatly reduce privacy in public thereby threatening the …

Drones, Henry H. Perritt Jr., Eliot O. Sprague

All Faculty Scholarship

Abstract

Drone technology is evolving rapidly. Microdrones—what the FAA calls “sUAS”—already on the market at the $1,000 level, have the capability to supplement manned helicopters in support of public safety operations, news reporting, and powerline and pipeline patrol, when manned helicopter support is infeasible, untimely, or unsafe.

Larger drones–"machodrones”–are not yet available outside battlefield and counterterrorism spaces. Approximating the size of manned helicopters, but without pilots, or with human pilots being optional, their design is still in its infancy as designers await greater clarity in the regulatory requirements that will drive airworthiness certification.

This article evaluates drone technology and design …

Private Fair Use: Strengthening Polish Copyright Protection Of Online Works By Looking To U.S. Copyright Law, Michal Pekala

Michal Pekala

No abstract provided.

Beyond Notice And Choice: Privacy, Norms, And Consent, Richard Warner, Robert Sloan

All Faculty Scholarship

Informational privacy is the ability to determine for yourself when and how others may collect and use your information. Adequate informational privacy requires a sufficiently broad ability to give or withhold free and informed consent to proposed uses.

Notice and Choice (sometimes also called “notice and consent”) is the current paradigm for consent online. The Notice is a presentation of terms, typically in a privacy policy or terms of use agreement. The Choice is an action signifying acceptance of the terms, typically clicking on an “I agree” button, or simply using the website. Recent reports by the Federal Trade Commission …

Private Fair Use: Strengthening Polish Copyright Protection Of Online Works By Looking To U.S. Copyright Law, Michal Pekala

Michal Pekala

In this essay, I consider the issue of the protection of online works in Poland, focusing in particular on the doctrine of private fair use in Polish copyright law. Private fair use permits in certain circumstances the use of works of others without the authors’ consent.. Given the nature of private fair use, it is essential that it function consistent with the purpose of copyright protection. Since the Polish Copyright Act was enacted in 1994, private fair use has lost its ability to serve as an appropriate exception to the Polish copyright laws with respect to online works. Specifically, certain …

Behavioral Advertising: From One-Sided Chicken To Informational Norms, Richard Warner, Robert Sloan

All Faculty Scholarship

When you download the free audio recording software from Audacity, you agree that Audacity may collect your information and use it to send you advertising. Billions of such pay-with-data exchanges feed information daily to a massive advertising ecosystem that tailors web site advertising as closely as possible to individual interests. The vast majority want considerably more control over our information. We nonetheless routinely enter pay-with-data exchanges when we visit CNN.com, use Gmail, or visit any of a vast number of other websites. Why? And, what, if anything, should we do about it? We answer both questions by describing pay-with-data exchanges …

Vulnerable Software: Product-Risk Norms And The Problem Of Unauthorized Access, Richard Warner, Robert H. Sloan

All Faculty Scholarship

Unauthorized access to online information costs billions of dollars per year. Software vulnerabilities are a key. Software currently contains an unacceptable number of vulnerabilities. The standard solution notes that the typical software business strategy is to keep costs down and be the first to market even if that means the software has significant vulnerabilities. Many endorse the following remedy: make software developers liable for negligent or defective design. This remedy is unworkable. We offer an alternative based on an appeal to product-risk norms. Product-risk norms are social norms that govern the sale of products. A key feature of such norms …

Best Practices And The State Of Information Security, Kevin Cronin

Chicago-Kent Law Review

The forces of globalization, together with widely available industry standards and best practices, and heightened state legislative activity, are driving the U.S. towards a more unified approach to data security. But the success of this unified approach requires more than free market efficiency and innovation. In order to maintain a state of evolutionary equilibrium in the global information economy, the U.S. must move from a fragmented approach towards data security and privacy standards, towards a more comprehensive set of standards with new penalties and effective enforcement, to better reflect the inherent value of personal data in today's global marketplace.

Patenting Cryptographic Technology, Greg Vetter

Chicago-Kent Law Review

The policy concerns intersecting patent law and cryptographic technology relate to the technology's beneficial uses in securing information in a commercial and social fabric that increasingly relies on computing and electronic communications for its makeup. The presence of patenting in a technology can impact diffusion of interoperable technology. Standardized embeddable cryptography facilitates its supply. Patent law for several decades has waxed and waned in its embrace of software implemented inventions rooted in abstract ideas such as the mathematics and mathematical algorithms underlying modern cryptography. This article documents the growth of cryptographic patenting. Then, in light of this growth and patent …

The Duty Of Care And The Data Control Systems In The Wake Of Sarbanes-Oxley, Michael R. Siebecker

Chicago-Kent Law Review

The essay examines the wisdom of exempting small public companies from Section 404 of the Sarbanes-Oxley Act of 2002 (SOX), which requires companies to provide management assessment and external auditing of a company's internal control systems over financial data. In particular, the essay questions whether a fiduciary duty of care might require officers and directors to adopt internal control systems, perhaps substantially similar to those envisioned by SOX, even if small public companies were exempt from the ambit of the statute.

The Political Economy Of Data Protection, Peter K. Yu

Chicago-Kent Law Review

Information is the lifeblood of a knowledge-based economy. The control of data and the ability to translate them into meaningful information is indispensable to businesspeople, policymakers, scientists, engineers, researchers, students, and consumers. Having useful, and at times exclusive, information improves productivity, advances education and training, and helps create a more informed citizenry. In the past two decades, those who collected or obtained access to a large amount of data began to explore ways to use the collected data as an income stream. Because the then-existing laws did not offer adequate protection for that particular purpose, they actively lobbied for stronger …

Data Devolution: Corporate Information Security, Consumers, And Future Of Regulation, Andrea M. Matwyshyn

Chicago-Kent Law Review

No abstract provided.

Data Collection And Leakage, Philip Howard, Kris Erickson

Chicago-Kent Law Review

Every year millions of digital records containing personally identifiable information are exposed. When are malicious hackers to blame, and when is it organizational malfeasance? Which kinds of organizations—private firms, government agencies, or educational institutions—lose the most data? With over 1.9 billion records lost (on average that's 9 records per U.S. adult), a surprising number of breaches can be attributed to organizational practices.

Trade Secrets, Data Security And Employees, Elizabeth Rowe

Chicago-Kent Law Review

This essay argues that data security is important to the protection of trade secret information, and that trusted employees on the inside pose the biggest threat to the protection of trade secrets. While investments in technical measures such as firewalls and encryption are important, it is also necessary for companies to consider the internal threats from employees when creating corporate security programs. Ultimately, a more comprehensive approach that includes technical and human elements, as well as consideration of inside and outside threats is likely to be more effective in the battle to secure data.

Returning To A Principled Basis For Data Protection, Gus Hosein

Chicago-Kent Law Review

Society must remain conscious of both pragmatic and principle-based rationales for information security rules. The identity card debate in the United Kingdom provides an example of exactly why a governmental information security approach that is sensitive to civil liberties would be the best approach to data protection. In contrast, we should be cautious of a balancing test that places security in parity with civil liberties and, therefore, erroneously allows pragmatism to triumph over principle.

Optimal Hackback, Jay P. Kesan, Ruperto Majuca

Chicago-Kent Law Review

Professor Jay Kesan from the University of Illinois College of Law, in joint work with Ruperto Majuca of the University of Illinois Department of Economics, argue in favor of legal rules that allow "hacking [data] back" in certain business circumstances. They analyze the strategic interaction between the hacker and the attacked company or individual and conclude that neither total prohibition nor unrestrained permission of hack-back is optimal. Instead, they argue that when other alternatives such as criminal enforcement and litigation are ineffective, self-defense is the best response to cybercrime because there is a high likelihood of correctly attacking the criminal, …

Information Security, Contract And Liability, Jennifer Chandler

Chicago-Kent Law Review

Various common provisions in software end user license agreements undermine cyber security. These include anti-benchmarking provisions and broad exclusions of liability. These short comments suggest that courts and legislatures should take steps to limit the enforceability of contractual provisions that undermine cyber security.