Computer Law Commons^™

Future Strategies For Improving Consent In Electronic Contracting, Ran Bi

Ran Bi

China's economy has been running deep into an exciting phrase called “Internet +”. In North America, most businesses have online presence and conduct numerous transactions online. Unprecedentedly, electronic contracts have been governing more Individuals and corporations’ legal relationships in a growing proportion of businesses and everyday life.

E-contracts, usually with no physical architecture, are easy to “sign”—people just click one or two icons on a computer / smartphone screen after “reading” (scroll down) the contents. However, e-contracts are standard form contracts which are provided by vendors . Users are easy to become victims of exploitative terms, because their consent has …

Future Strategies For Improving Consent In Electronic Contracting, Ran Bi

Ran Bi

China's economy has been running deep into an exciting phrase called “Internet +”. In North America, most businesses have online presence and conduct numerous transactions online. Unprecedentedly, electronic contracts have been governing more Individuals and corporations’ legal relationships in a growing proportion of businesses and everyday life.

E-contracts, usually with no physical architecture, are easy to “sign”—people just click one or two icons on a computer / smartphone screen after “reading” (scroll down) the contents. However, e-contracts are standard form contracts which are provided by vendors1. Users2 are easy to become victims of exploitative terms, because their consent has been …

Invisible Labor, Invisible Play: Online Gold Farming And The Boundary Between Jobs And Games, Julian Dibbell

Julian Dibbell

When does work become play, and play work? Courts have considered the question in a variety of economic contexts, from student athletes seeking recognition as employees to professional blackjack players seeking to be treated by casinos just like casual players. Here I apply the question to a relatively novel context: that of online gold farming, a gray-market industry in which wage-earning workers, largely based in China, are paid to play online fantasy games (MMOs) that reward them with virtual items their employers sell for profit to the same games’ casual players. Gold farming is clearly a job (and under the …

The Unexamined Life In The Era Of Big Data: Toward A Udaap For Data, Sean Brian

Sean Brian

No abstract provided.

Public School Governance And Cyber Security: School Districts Provide Easy Targets For Cyber Thieves, Michael A. Alao

Michael A. Alao

School districts rely on information systems to a similar extent as private, business organizations, yet the rules and regulations to ensure that school districts maintain adequate security to prevent data breaches and theft have failed to keep pace with private-sector developments. Advances in the private sector include notice-of-breach laws, consumer protection laws limiting individual liability for fraudulent electronic funds transfers, and auditing and reporting of internal controls. The public sector, including school districts, has also made advances in cyber security rules and regulations, but to a more limited extent than the private sector. Because of the sheer number of public …

What Do We Worry About When We Worry About Price Discrimination? The Law And Ethics Of Using Personal Information For Pricing, Akiva A. Miller

Akiva A Miller

New information technologies have dramatically increased sellers’ ability to engage in retail price discrimination. Debates over using personal information for price discrimination frequently treat it as a single problem, and are not sufficiently sensitive to the variety of price discrimination practices, the different kinds of information they require in order to succeed, and the different ethical concerns they raise. This paper explores the ethical and legal debate over regulating price discrimination facilitated by consumers’ personal information. Various kinds of “privacy remedies”—self-regulation, technological fixes, state regulation, and legislating private causes of legal action—each have their place. By drawing distinctions between various …

E-Commerce And Electronic Payment System Risks: Lessons From Paypal, Lawrence J. Trautman

Lawrence J. Trautman Sr.

What are the major risks perceived by those engaged in e-commerce and electronic payment systems? What development risks, if they become reality, may cause substantial increases in operating costs or threaten the very survival of the enterprise? This article utilizes the relevant annual report disclosures from eBay (parent of PayPal), along with other eBay and PayPal documents, as a potentially powerful teaching device. Most of the descriptive language to follow is excerpted directly from eBay’s regulatory filings. My additions include weaving these materials into a logical presentation and providing supplemental sources for those who desire a deeper look (usually in …

Flawed Transparency: Shared Data Collection And Disclosure Challenges For Google Glass And Similar Technologies, Jonathan I. Ezor

Jonathan I. Ezor

Current privacy law and best practices assume that the party collecting the data is able to describe and disclose its practices to those from and about whom the data are collected. With emerging technologies such as Google Glass, the information being collected by the wearer may be automatically shared to one or more third parties whose use may be substantially different from that of the wearer. Often, the wearer may not even know what information is being uploaded, and how it may be used. This paper will analyze the current state of U.S. law and compliance regarding personal information collection …

Consumers As Marketers: An Analysis Of The Facebook “Like” Feature As An Endorsement, Chang Zhou

Chang Zhou

No abstract provided.

Privacy, Transparency & Google's Blurred Glass, Jonathan I. Ezor

Jonathan I. Ezor

No matter the context or jurisdiction, one concept underlies every view of the best practices in data privacy: transparency. The mandate to disclose what personal information is collected, how it is used, and with whom and for what purpose it is shared, is essential to enable informed consent to the collection, along with the other user rights that constitute privacy best practices. Google, which claims to support and offer transparency, is increasingly opaque about its many products and services and the information they collect for it, posing a significant privacy concern.

Threats Escalate: Corporate Information Technology Governance Under Fire, Lawrence J. Trautman

Lawrence J. Trautman Sr.

In a previous publication The Board’s Responsibility for Information Technology Governance, (with Kara Altenbaumer-Price) we examined: The IT Governance Institute’s Executive Summary and Framework for Control Objectives for Information and Related Technology 4.1 (COBIT®); reviewed the Weill and Ross Corporate and Key Asset Governance Framework; and observed “that in a survey of audit executives and board members, 58 percent believed that their corporate employees had little to no understanding of how to assess risk.” We further described the new SEC rules on risk management; Congressional action on cyber security; legal basis for director’s duties and responsibilities relative to IT governance; …

Privacy And Data Protection In Business: Laws And Practices (Sample Chapters), Jonathan I. Ezor

Jonathan I. Ezor

In the fields of digital privacy and data protection in the business world, effective compliance and risk management require not only knowledge of applicable laws and regulations, but at least a basic understanding of relevant technologies and the processes of the company or other organization that is collecting and/or using the personal information or monitoring behavior. This book is structured to provide a framework for law and other students to both learn the law and place it in the necessary technological and practical context, divided into topic areas such as children’s privacy, health information, governmental requirements, employee data and more. …

Private Copyright: Digital Rights Management Systems And The Consumer, Victor Nicholas Knipe

ExpressO

Digital Rights Managements (DRM) systems impact the digital content and software marketplace on several levels. The issues include copyright law, contract law, privacy, antitrust, and consumer protection. This paper examines how DRM systems affect the consumer and what changes can be made to bring about a more sensible and transparent market in the United States.

Cyber-Extortion: Duties And Liabilities Related To The Elephant In The Server Room, Adam J. Sulkowski

ExpressO

This is a comprehensive analysis of the legal frameworks related to cyber-extortion – the practice of demanding money in exchange for not carrying out threats to commit harm that would involve a victim's information systems. The author hopes it will catalyze an urgently needed discussion of relevant public policy concerns.

Cyber-extortion has, by all accounts, become a common, professionalized and profit-driven criminal pursuit targeting businesses. 17% of businesses in a recent survey indicated having received a cyber-extortion demand. An additional 13% of respondents were not sure if their business had received such a demand.

Awareness of the risks of cybercrime …

A Complete Property Right Amendment, John H. Ryskamp

ExpressO

The trend of the eminent domain reform and "Kelo plus" initiatives is toward a comprehensive Constitutional property right incorporating the elements of level of review, nature of government action, and extent of compensation. This article contains a draft amendment which reflects these concerns.

Unwarranted Fears Mask The Benefits Of Network Diversity: An Argument Against Mandating Network Neutrality, Elvis Stumbergs

ExpressO

The rapid development of the Internet has necessitated an update to Federal telecommunications laws. Recent Congressional efforts to enact such an update, however, have spawned a fiery debate over a somewhat nebulous concept: network neutrality. The debate concerns the way that Internet access providers handle the data traffic being sent over their networks. These providers would like the option to offer some of their customers, web site hosting companies and similar entities, additional services that would essentially result in these customers’ content loading faster, more reliably, or more securely than others not receiving such priority treatment. Yet, this proposed “diversity” …

Technoconsen(T)Sus, Andrea M. Matwyshyn

ExpressO

Law is contributing to an information security paradox. Consumers are regularly “consenting” to the installation of computer code that makes them more vulnerable to harms such as identity theft. In particular, digital rights management technology accompanying digital music has recently left a wake of compromised user machines. Using the case study of security-invasive digital rights management technology, this article argues that a fundamental tension exists among intellectual property law, computer intrusion law and contract law regarding meaningful consumer consent in digital contexts. This article proposes to ease the noise in consent doctrine through creating an objective “reasonable digital consumer” standard …

In Sickness, Health, And Cyberspace: Protecting The Security Of Electronic Private Health Information, Sharona Hoffman, Andy Podgurski

ExpressO

The electronic processing of health information provides considerable benefits to patients and health care providers at the same time that it creates serious risks to the confidentiality, integrity, and availability of the data. The Internet provides a conduit for rapid and uncontrolled dispersion and trafficking of illicitly-obtained private health information, with far-reaching consequences to the unsuspecting victims. In order to address such threats to electronic private health information, the U.S. Department of Health and Human Services enacted the HIPAA Security Rule, which thus far has received little attention in the legal literature. This article presents a critique of the Security …

Bond Repudiation, Tax Codes, The Appropriations Process And Restitution Post-Eminent Domain Reform, John H. Ryskamp

ExpressO

This brief comment suggests where the anti-eminent domain movement might be heading next.

Identity Theft And Consumer Protection: Finding Sensible Approaches To Safeguard Personal Data In The United States And Canada, Kamaal Zaidi

ExpressO

This paper examines identity theft in both the United States and Canada. Various examples of commercial fraud and scams are discussed in the context of a growing trend of identity thieves assuming identities of innocent consumers. As such, various pieces of legislation and consumer initiatives (involving online consumer complaint mechanisms)in U.S. and Canadian jurisdictions are highlighted to demonstrate the pursuit towards broader consumer protection of personal data used in daily commercial transactions. The author argues that these modern efforts to safeguard consumers from identity theft is a progressive measure that will continue to afford increasing protections for consumer personal data, …

Breaking The Bank: Revisiting Central Bank Of Denver After Enron And Sarbanes-Oxley, Celia Taylor

ExpressO

No abstract provided.

A Model For Emergency Service Of Voip Through Certification And Labeling, Patrick S. Ryan, Tom Lookabaugh, Douglas Sicker

ExpressO

Voice over Internet Protocol (VoIP) will transform many aspects of traditional telephony service, including the technology, the business models, and the regulatory constructs that govern such service. Perhaps not unexpectedly, this transformation is generating a host of technical, business, social, and policy problems. In attempting to respond to these problems, the Federal Communications Commission (FCC) could mandate obligations or specific solutions to VoIP policy issues; however, it is instead looking first to industry initiatives focused on the key functionality that users have come to expect of telecommunications services. High among this list of desired functionality is user access to emergency …

Material Vulnerabilities: Data Privacy, Corporate Information Security And Securities Regulation, Andrea M. Matwyshyn

ExpressO

This article undertakes a normative and empirical legal inquiry into the manner information security vulnerabilities are being addressed through law and in the marketplace. Specifically, this article questions the current legislative paradigm for information security regulation by presenting a critique grounded in information security and cryptography theory. Consequently, this article advocates shifting our regulatory approach to a process-based security paradigm that focuses on improving security of our system as a whole. Finally, this article argues that in order to accomplish this shift with least disruption to current legal and economic processes, expanding an existing set of well-functioning legal structures is …

Garbage In: Emerging Media And Regulation Of Unsolicited Commercial Solicitiations, Michael W. Carroll

Articles in Law Reviews & Other Academic Journals

No abstract provided.