Computer Law Commons^™

Governing Smart Cities As Knowledge Commons - Introduction, Chapter 1 & Conclusion, Brett M. Frischmann, Michael J. Madison, Madelyn Sanfilippo

Book Chapters

Smart city technology has its value and its place; it isn’t automatically or universally harmful. Urban challenges and opportunities addressed via smart technology demand systematic study, examining general patterns and local variations as smart city practices unfold around the world. Smart cities are complex blends of community governance institutions, social dilemmas that cities face, and dynamic relationships among information and data, technology, and human lives. Some of those blends are more typical and common. Some are more nuanced in specific contexts. This volume uses the Governing Knowledge Commons (GKC) framework to sort out relevant and important distinctions. The framework grounds …

Content Moderation As Surveillance, Hannah Bloch-Wehba

Faculty Scholarship

Technology platforms are the new governments, and content moderation is the new law, or so goes a common refrain. As platforms increasingly turn toward new, automated mechanisms of enforcing their rules, the apparent power of the private sector seems only to grow. Yet beneath the surface lies a web of complex relationships between public and private authorities that call into question whether platforms truly possess such unilateral power. Law enforcement and police are exerting influence over platform content rules, giving governments a louder voice in supposedly “private” decisions. At the same time, law enforcement avails itself of the affordances of …

Platforms, Encryption, And The Cfaa: The Case Of Whatsapp V Nso Group, Jonathon Penney, Bruce Schneier

Articles, Book Chapters, & Popular Press

End-to-end encryption technology has gone mainstream. But this wider use has led hackers, cybercriminals, foreign governments, and other threat actors to employ creative and novel attacks to compromise or workaround these protections, raising important questions as to how the Computer Fraud and Abuse Act (CFAA), the primary federal anti-hacking statute, is best applied to these new encryption implementations. Now, after the Supreme Court recently narrowed the CFAA’s scope in Van Buren and suggested it favors a code-based approach to liability under the statute, understanding how best to theorize sophisticated code-based access barriers like end-to-end encryption, and their circumvention, is now …

Legislating Data Loyalty, Woodrow Hartzog, Neil Richards

Faculty Scholarship

Lawmakers looking to embolden privacy law have begun to consider imposing duties of loyalty on organizations trusted with people’s data and online experiences. The idea behind loyalty is simple: organizations should not process data or design technologies that conflict with the best interests of trusting parties. But the logistics and implementation of data loyalty need to be developed if the concept is going to be capable of moving privacy law beyond its “notice and consent” roots to confront people’s vulnerabilities in their relationship with powerful data collectors.

In this short Essay, we propose a model for legislating data loyalty. Our …

Artificial Intelligence And Trade, Anupam Chander

Georgetown Law Faculty Publications and Other Works

Artificial Intelligence is already powering trade today. It is crossing borders, learning, making decisions, and operating cyber-physical systems. It underlies many of the services that are offered today – from customer service chatbots to customer relations software to business processes. The chapter considers AI regulation from the perspective of international trade law. It argues that foreign AI should be regulated by governments – indeed that AI must be ‘locally responsible’. The chapter refutes arguments that trade law should not apply to AI and shows how the WTO agreements might apply to AI using two hypothetical cases . The analysis reveals …

Good Health And Good Privacy Go Hand-In-Hand (Originally Published By Jnslp), Jennifer Daskal

Joint PIJIP/TLS Research Paper Series

No abstract provided.

The Law Of Black Mirror - Syllabus, Yafit Lev-Aretz, Nizan Packin

Open Educational Resources

Using episodes from the show Black Mirror as a study tool - a show that features tales that explore techno-paranoia - the course analyzes legal and policy considerations of futuristic or hypothetical case studies. The case studies tap into the collective unease about the modern world and bring up a variety of fascinating key philosophical, legal, and economic-based questions.

Is Data Localization A Solution For Schrems Ii?, Anupam Chander

Georgetown Law Faculty Publications and Other Works

For the second time this decade, the Court of Justice of the European Union has struck a blow against the principal mechanisms for personal data transfer to the United States. In Data Protection Commissioner v Facebook Ireland, Maximillian Schrems, the Court declared the EU-US Privacy Shield invalid and placed significant hurdles to the process of transferring personal data from the European Union to the United States via the mechanism of Standard Contractual Clauses. Many have begun to suggest data localization as the solution to the problem of data transfer; that is, don’t transfer the data at all. I argue …

Politics Of Adversarial Machine Learning, Kendra Albert, Jonathon Penney, Bruce Schneier, Ram Shankar Siva Kumar

Articles, Book Chapters, & Popular Press

In addition to their security properties, adversarial machine-learning attacks and defenses have political dimensions. They enable or foreclose certain options for both the subjects of the machine learning systems and for those who deploy them, creating risks for civil liberties and human rights. In this paper, we draw on insights from science and technology studies, anthropology, and human rights literature, to inform how defenses against adversarial attacks can be used to suppress dissent and limit attempts to investigate machine learning systems. To make this concrete, we use real-world examples of how attacks such as perturbation, model inversion, or membership inference …

Ethical Testing In The Real World: Evaluating Physical Testing Of Adversarial Machine Learning, Kendra Albert, Maggie Delano, Jonathon Penney, Afsaneh Ragot, Ram Shankar Siva Kumar

Articles, Book Chapters, & Popular Press

This paper critically assesses the adequacy and representativeness of physical domain testing for various adversarial machine learning (ML) attacks against computer vision systems involving human subjects. Many papers that deploy such attacks characterize themselves as “real world.” Despite this framing, however, we found the physical or real-world testing conducted was minimal, provided few details about testing subjects and was often conducted as an afterthought or demonstration. Adversarial ML research without representative trials or testing is an ethical, scientific, and health/safety issue that can cause real harms. We introduce the problem and our methodology, and then critique the physical domain testing …

Towards Standard Information Privacy, Innovations Of The New General Data Protection Regulation, Ali Alibeigi, Abu Bakar Munir, Md Ershadulkarim, Adeleh Asemi

Library Philosophy and Practice (e-journal)

Protection of personal data in recent decades became more crucial affecting by emergence of the new technologies especially computer, internet, information and communications technology. However, Europeans felt this necessity at time and provided for up-to-date and supportive laws. The General Data Protection Regulation (GDPR) is the latest legislation in EU to protect personal data of individuals based on the recent technological advancements. However, its’ domestic and international output still is debatable. This doctrinal legal study by using descriptive methods, aimed to evaluate the GDPR through analyzing and interpreting its’ provisions by especial focus on its’ innovations. The results show that …

Right To Privacy, A Complicated Concept To Review, Ali Alibeigi, Abu Bakar Munir, Md Ershadul Karim

Library Philosophy and Practice (e-journal)

The Concept and definition of the privacy has been changed during the time affecting by different factors. At the same time, the boundaries of privacy may differ from one place to another affecting by the culture, religion, etc. Nonetheless, there is not a unique general accepted definition for the privacy. Privacy has been considered from different disciplines like sociology, psychology, law and philosophy. It is a multidisciplinary domain, having an easy concept but difficult to define. However, by reviewing all different viewpoints, it can be concluded that privacy is an individual tendency, wish and natural need to be away from …

Cybersecurity Stovepiping, David Thaw

Articles

Most readers of this Article probably have encountered – and been frustrated by – password complexity requirements. Such requirements have become a mainstream part of contemporary culture: "the more complex your password is, the more secure you are, right?" So the cybersecurity experts tell us… and policymakers have accepted this "expertise" and even adopted such requirements into law and regulation.

This Article asks two questions. First, do complex passwords actually achieve the goals many experts claim? Does using the password "Tr0ub4dor&3" or the passphrase "correcthorsebatterystaple" actually protect your account? Second, if not, then why did such requirements become so widespread? …

Ancient Worries And Modern Fears: Different Roots And Common Effects Of U.S. And Eu Privacy Regulation, David Thaw, Pierluigi Perri

Articles

Much legal and technical scholarship discusses the differing views of the United States and European Union toward privacy concepts and regulation. A substantial amount of effort in recent years, in both research and policy, focuses on attempting to reconcile these viewpoints searching for a common framework with a common level of protection for citizens from both sides of Atlantic. Reconciliation, we argue, misunderstands the nature of the challenge facing effective cross-border data flows. No such reconciliation can occur without abdication of some sovereign authority of nations, that would require the adoption of an international agreement with typical tools of international …

The Notion And Practice Of Reputation And Professional Identity In Social Networking: From K-12 Through Law School, Roberta Bobbie Studwell

Faculty Scholarship

No abstract provided.

The Self, The Stasi, The Nsa: Privacy, Knowledge, And Complicity In The Surveillance State, Richard Warner, Robert H. Sloan

All Faculty Scholarship

We focus on privacy in public. The notion dates back over a century, at least to the work of the German sociologist, Georg Simmel. Simmel observed that people voluntarily limit their knowledge of each other as they interact in a wide variety of social and commercial roles, thereby making certain information private relative to the interaction even if it is otherwise publicly available. Current governmental surveillance in the US (and elsewhere) reduces privacy in public. But to what extent?

The question matters because adequate self-realization requires adequate privacy in public. That in turn depends on informational norms, social norms that …

The Cycles Of Global Telecommunication Censorship And Surveillance, Jonathon Penney

Articles, Book Chapters, & Popular Press

Internet censorship and surveillance is on the rise globally and cyber-warfare increasing in scope and intensity. To help understand these new threats commentators have grasped at historical analogies often with little regard for historical complexity or international perspective. Unfortunately, helpful new works on telecommunications history have focused primarily on U.S. history with little focus on international developments. There is thus a need for further internationally oriented investigation of telecommunications technologies, and their history. This essay attempts to help fill that void, drawing on case studies wherein global telecommunications technologies have been disrupted or censored — telegram censorship and surveillance, high …

Data Breach (Regulatory) Effects, David Thaw

Articles

No abstract provided.

Self, Privacy, And Power: Is It All Over?, Richard Warner, Robert H. Sloan

All Faculty Scholarship

The realization of a multifaceted self is an ideal one strives to realize. One realizes such a self in large part through interaction with others in various social roles. Such realization requires a significant degree of informational privacy. Informational privacy is the ability to determine for yourself when others may collect and how they may use your information. The realization of multifaceted selves requires informational privacy in public. There is no contradiction here: informational privacy is a matter of control, and you can have such control in public. Current information processing practices greatly reduce privacy in public thereby threatening the …

Systematic Ict Surveillance By Employers: Are Your Personal Activities Private?, Arlene J. Nicholas

Faculty and Staff - Articles & Papers

This paper reviews the various methods of information and communications technology (ICT) that is used by employers to peer into the work lives and, in some cases, private lives of employees. Some of the most common methods – such as computer and Internet monitoring, video surveillance, and global positioning systems (GPS) – have resulted in employee disciplines that have been challenged in courts. This paper provides background information on United States (U.S.) laws and court cases which, in this age of easily accessible information, mostly support the employer. Assessments regarding regulations and policies, which will need to be continually updated …

Governing, Exchanging, Securing: Big Data And The Production Of Digital Knowledge, Bernard E. Harcourt

Faculty Scholarship

The emergence of Big Data challenges the conventional boundaries between governing, exchange, and security. It ambiguates the lines between commerce and surveillance, between governing and exchanging, between democracy and the police state. The new digital knowledge reproduces consuming subjects who wittingly or unwittingly allow themselves to be watched, tracked, linked and predicted in a blurred amalgam of commercial and governmental projects. Linking back and forth from consumer data to government information to social media, these new webs of information become available to anyone who can purchase the information. How is it that governmental, commercial and security interests have converged, coincided, …

Surveillance At The Source, David Thaw

Articles

Contemporary discussion concerning surveillance focuses predominantly on government activity. These discussions are important for a variety of reasons, but generally ignore a critical aspect of the surveillance-harm calculus – the source from which government entities derive the information they use. The source of surveillance data is the information "gathering" activity itself, which is where harms like "chilling" of speech and behavior begin.

Unlike the days where satellite imaging, communications intercepts, and other forms of information gathering were limited to advanced law enforcement, military, and intelligence activities, private corporations now play a dominant role in the collection of information about individuals' …

Pass Parallel Privacy Standards Or Privacy Perishes, Anne T. Mckenna

Journal Articles

No abstract provided.

Who's In Charge Here? Information Privacy In A Social Networking World, Lisa Di Valentino

FIMS Presentations

No abstract provided.

When Antitrust Met Facebook, Christopher S. Yoo

All Faculty Scholarship

Social networks are among the hottest phenomena on the Internet. Facebook eclipsed Google as the most visited website in both 2010 and 2011. Moreover, according to Nielsen estimates, as of the end of 2011 the average American spent nearly seven hours per month on Facebook, which is more time than they spent on Google, Yahoo!, YouTube, Microsoft, and Wikipedia combined. LinkedIn’s May 19, 2011 initial public offering (“IPO”) surpassed expectations, placing the value of the company at nearly $9 billion, and approximately a year later, its stock price had risen another 20 percent. Facebook followed suit a year later with …

Cybercrime, Ronald C. Griffin

Journal Publications

This essay recounts campaigns against privacy; the fortifications erected against them; and hi-jinx attributable to hackers, crackers, and miscreants under the Fair Credit Reporting Act.

Communications Disruption And Censorship Under International Law: History Lessons, Jonathon Penney

Articles, Book Chapters, & Popular Press

With Internet censorship on the rise around the world, a variety of tools have proliferated to assist Internet users to circumvent such censorship. However, there are few studies examining the implications of censorship circumvention under international law, and its related politics. This paper aims to help fill some of that void, with an examination of case studies wherein global communications technologies have been disrupted or censored — telegram cable cutting and censorship, high frequency radio jamming, and direct broadcast satellite blocking — and how the world community responded to that disruption or censorship through international law and law making. In …

The Changing Face Of Privacy Protection In The European Union And The United States, Fred H. Cate

Articles by Maurer Faculty

Among the wide variety of national and multinational legal regimes for protecting privacy, two dominant models have emerged, reflecting two very different approaches to the control of information. The European Union has enacted a sweeping data protection directive that imposes significant restrictions on most data collection, processing, dissemination, and storage activities, not only within Europe, but throughout the world if the data originates in a member state. The United States has taken a very different approach that extensively regulates government processing of data, while facilitating private, market-based initiatives to address private sector data processing.

Under the EU data protection directive, …