Science and Technology Law Commons^™

The Automated Fourth Amendment, Maneka Sinha

Faculty Scholarship

Courts routinely defer to police officer judgments in reasonable suspicion and probable cause determinations. Increasingly, though, police officers outsource these threshold judgments to new forms of technology that purport to predict and detect crime and identify those responsible. These policing technologies automate core police determinations about whether crime is occurring and who is responsible. Criminal procedure doctrine has failed to insist on some level of scrutiny of—or skepticism about—the reliability of this technology. Through an original study analyzing numerous state and federal court opinions, this Article exposes the implications of law enforcement’s reliance on these practices given the weighty interests …

Standing Up To Hackers: Article Iii Standing For Victims Of Data Breaches, Kendall Coffey

University of Miami Law Review

Despite the increasing amount of data breaches, there is no liability for parties who do not adequately protect victim’s information. In federal court, plaintiffs must show that their injury was concrete, particularized, and imminent. But, when plaintiffs’ information has been stolen, but not yet criminally used, they may be unable to establish a right to relief. Victims face challenges when seeking damage for this future harm, because despite their destroyed privacy, they may not have evidence of a perpetrator’s actual misuse of purloined data. This Article analyzes multiple court decisions, generally in the setting of class-actions, and discusses outcomes of …

Hanging In The Balance: An Assessment Of European Versus American Data Privacy Laws And Threats To U.S. National Security, Dara Paleski

American University National Security Law Brief

Social media has quickly become an integral part of modern-day life, keeping the world connected to friends, family and current events. Social media, and the data collected from it, also play a crucial role in intelligence gathering and the safeguarding of national security. It is estimated that about 80-95% of information that is collected for intelligence missions is found freely throughout the internet or other publicly available sources. This type of information has been dubbed SOCMINT (Social Media Intelligence) and it has become a crucial tool within the intelligence community. After the Edward Snowden leaks in 2013 revealed a global …

Inadequate Privacy: The Necessity Of Hipaa Reform In A Post-Dobbs World, Katherine Robertson

Seattle University Law Review

Part I of this Comment will provide an overview of HIPAA and the legal impacts of Dobbs. Part II will discuss the anticipatory response to the impacts of Dobbs on PHI by addressing the response from (1) the states, (2) the Biden Administration, and (3) the medical field. Part III will discuss the loopholes that exist in HIPAA and further address the potential impacts on individuals and the medical field if reform does not occur. Finally, Part IV will argue that the reform of HIPAA is the best avenue for protecting PHI related to reproductive healthcare.

Submission To The Province Of Nova Scotia On Its Review Of The Intimate Images And Cyber-Protection Act - Leaf, Suzie Dunn, Rosel Kim

Reports & Public Policy Documents

The Women’s Legal Education and Action Fund (LEAF) commends the Nova Scotia government for reviewing its Intimate Images and Cyber-protection Act (the Act) and seeking public input for this review. Nova Scotia has been, and continues to be, a leader in Canada for its role in advancing innovative laws and supports for people targeted by technology-facilitated violence (TFV), digital abuse, and the non-consensual distribution of intimate images (NCDII). As these forms of harmful behaviour evolve and become better understood, it is important to revisit this legislation to assess whether it is providing meaningful and accessible responses to such serious social …

The Rise Of 5g Technology: How Internet Privacy And Protection Of Personal Data Is A Must In An Evolving Digital Landscape, Justin Rabine

Catholic University Journal of Law and Technology

No abstract provided.

A Proportionality-Based Framework For Government Regulation Of Digital Tracing Apps In Times Of Emergency, Sharon Bassan

Dickinson Law Review (2017-Present)

Times of emergency present an inherent conflict between the public interest and the preservation of individual rights. Such times require granting emergency powers to the government on behalf of the public interest and relaxing safeguards against government actions that infringe rights. The lack of theoretical framework to assess governmental decisions in times of emergency leads to a polarized and politicized discourse about potential policies, and often, to public distrust and lack of compliance.

Such a discourse was evident regarding Digital Tracing Apps (“DTAs”), which are apps installed on cellular phones to alert users that they were exposed to people who …

Alexa Hears With Her Little Ears—But Does She Have The Privilege?, Lauren Chlouber Howell

St. Mary's Law Journal

Abstract forthcoming.

Submission To The Toronto Police Services Board’S Use Of New Artificial Intelligence Technologies Policy- Leaf And The Citizen Lab, Suzie Dunn, Kristen Mj Thomasen, Kate Robertson, Pam Hrick, Cynthia Khoo, Rosel Kim, Ngozi Okidegbe, Christopher Parsons

Reports & Public Policy Documents

We write as a group of experts in the legal regulation of artificial intelligence (AI), technology-facilitated violence, equality, and the use of AI systems by law enforcement in Canada. We have experience working within academia and legal practice, and are affiliated with LEAF and the Citizen Lab who support this letter.

We reviewed the Toronto Police Services Board Use of New Artificial Intelligence Technologies Policy and provide comments and recommendations focused on the following key observations:

1. Police use of AI technologies must not be seen as inevitable
2. A commitment to protecting equality and human rights must be integrated …

Pandemic Surveillance Discrimination, Christian Sundquist

Articles

The COVID-19 pandemic has laid bare the abiding tension between surveillance and privacy. Public health epidemiology has long utilized a variety of surveillance methods—such as contact tracing, quarantines, and mandatory reporting laws—to control the spread of disease during past epidemics and pandemics. Officials have typically justified the resulting intrusions on privacy as necessary for the greater public good by helping to stave off larger health crisis. The nature and scope of public health surveillance in the battle against COVID-19, however, has significantly changed with the advent of new technologies. Digital surveillance tools, often embedded in wearable technology, have greatly increased …

Reflections On The Use Of Facial Recognition Technology During Covid-19, Gary Kok Yew Chan

Research Collection Yong Pung How School Of Law

During the COVID-10 pandemic, infected persons have been quarantined in segregated facilities. Individuals who have been in contact with the infected persons may be subject to self-isolation measures or stay-home notices. Technological tools such as proximity and contact tracing apps are used to identify those who have been in close contact with infected persons. The contact tracing QR code used in Singapore's SafeEntry requires the submission of personal information (including names and identification numbers) prior to entry into certain public places such as malls, factories and restaurants. Robots, in addition to designated human officers, have been delpoyed to maintain social …

Cryptography, Passwords, Privacy, And The Fifth Amendment, Gary C. Kessler, Ann M. Phillips

Journal of Digital Forensics, Security and Law

Military-grade cryptography has been widely available at no cost for personal and commercial use since the early 1990s. Since the introduction of Pretty Good Privacy (PGP), more and more people encrypt files and devices, and we are now at the point where our smartphones are encrypted by default. While this ostensibly provides users with a high degree of privacy, compelling a user to provide a password has been interpreted by some courts as a violation of our Fifth Amendment protections, becoming an often insurmountable hurdle to law enforcement lawfully executing a search warrant. This paper will explore some of the …

The Limits And Possibilities Of Data-Driven Antitrafficking Efforts, Jennifer Musto Ph.D.

Georgia State University Law Review

An examination of technology in the countertrafficking space reveals recurring tensions between law enforcement and rights-based approaches. It also illuminates assumptions, such as the one that posits more law enforcement-focused, nonstate-actor-supported data-driven efforts are necessary to securing justice for people in trafficking situations. However, a closer look at how technology is used and by whom also invites us to ask different questions and to leverage the power of our all-too-human creative potential in thinking about how to value and prioritize data ethics, transparency, and accountability in future countertrafficking work.

Politics Of Adversarial Machine Learning, Kendra Albert, Jonathon Penney, Bruce Schneier, Ram Shankar Siva Kumar

Articles, Book Chapters, & Popular Press

In addition to their security properties, adversarial machine-learning attacks and defenses have political dimensions. They enable or foreclose certain options for both the subjects of the machine learning systems and for those who deploy them, creating risks for civil liberties and human rights. In this paper, we draw on insights from science and technology studies, anthropology, and human rights literature, to inform how defenses against adversarial attacks can be used to suppress dissent and limit attempts to investigate machine learning systems. To make this concrete, we use real-world examples of how attacks such as perturbation, model inversion, or membership inference …

Younger Generations Are Infected By Continuous Socialization To Accept Diminished Privacy: A Global Analysis Of How The United States' Constitutional Doctrine Is A Main Contributor To Eroded Privacy, Tiffany Kim

Indiana Journal of Global Legal Studies

Since the nineteenth century, privacy concerns have increased with the growth of technology. The invention of instantaneous photography, coupled with the enlarged presence of press, was met with concerns of degraded privacy. Society has formed expectations of privacy, but as time passes, those expectations continue to diminish. Younger generations have been socialized to accept lessened levels of privacy in this digitalized world of mass data and connectivity.

Individual privacy expectations vary globally. The construction of China's government and culture produces a lesser expectation of individual privacy than that of the United States. As outlined in the U.S. Constitution, U.S. citizens …

The Gdpr’S Version Of Algorithmic Accountability, Margot Kaminski

Publications

No abstract provided.

Innovation And Tradition: A Survey Of Intellectual Property And Technology Legal Clinics, Cynthia L. Dahl, Victoria F. Phillips

All Faculty Scholarship

For artists, nonprofits, community organizations and small-business clients of limited means, securing intellectual property rights and getting counseling involving patent, copyright and trademark law are critical to their success and growth. These clients need expert IP and technology legal assistance, but very often cannot afford services in the legal marketplace. In addition, legal services and state bar pro bono programs have generally been ill-equipped to assist in these more specialized areas. An expanding community of IP and Technology clinics has emerged across the country to meet these needs. But while law review articles have described and examined other sectors of …

Riley V. California And The Beginning Of The End For The Third-Party Search Doctrine, David A. Harris

Articles

In Riley v. California, the Supreme Court decided that when police officers seize a smart phone, they may not search through its contents -- the data found by looking into the call records, calendars, pictures and so forth in the phone -- without a warrant. In the course of the decision, the Court said that the rule applied not just to data that was physically stored on the device, but also to data stored "in the cloud" -- in remote sites -- but accessed through the device. This piece of the decision may, at last, allow a re-examination of …

Authorized Investigation: A Temperate Alternative To Cyber Insecurity, Casey M. Bruner

Seattle University Law Review

This Note aims to show that legal structures created to protect the Internet in its original form are completely insufficient to protect what the Internet has become. This antiquated legal framework is exacerbating the problem. The breadth of activity that the current law restricts severely limits the remedies that cyberattack victims can pursue, and it must be updated. While full hack-back may prove necessary in the long run, I argue for a more temperate initial response to the problem—I call this response “authorized investigation.” Specifically, the Computer Fraud and Abuse Act should be amended to allow victims access to their …

The Dawn Of Social Intelligence (Socint), Laura K. Donohue

Georgetown Law Faculty Publications and Other Works

More information about citizens’ lives is recorded than ever before. Because the data is digitized, it can be accessed, analyzed, shared, and combined with other information to generate new knowledge. In a post-9/‌11 environment, the legal standards impeding access to such data have fallen. Simultaneously, the advent of global communications and cloud computing, along with network convergence, have expanded the scope of information available. The U.S. government has begun to collect and to analyze the associated data.

The result is the emergence of what can be termed “social intelligence” (SOCINT), which this Article defines as the collection of digital data …

Self-Defense Against Robots, A. Michael Froomkin, Zak Colangelo

A. Michael Froomkin

This paper examines when, under U.S. law, humans may use force against robots to protect themselves, their property, and their privacy. May a landowner legally shoot down a trespassing drone? May she hold a trespassing autonomous car as security against damage done or further torts? Is the fear that a drone may be operated by a paparazzo or a peeping Tom sufficient grounds to disable or interfere with it? How hard may you shove if the office robot rolls over your foot? This paper addresses all those issues and one more: what rules and standards we could put into place …

Keep Your Eyes On Eyes In The Sky, Hillary B. Farber

Faculty Publications

To date, eight states have passed bills regulating domestic drone use by government and private individuals. This leaves us with a question: If a city of more than 60,000 residents and a global company with a customer base in the hundreds of millions are racing to the sky, how are we as a commonwealth of 6.6 million to truly launch ourselves into the debate and protect what little privacy we have left?

Surveillance At The Source, David Thaw

Articles

Contemporary discussion concerning surveillance focuses predominantly on government activity. These discussions are important for a variety of reasons, but generally ignore a critical aspect of the surveillance-harm calculus – the source from which government entities derive the information they use. The source of surveillance data is the information "gathering" activity itself, which is where harms like "chilling" of speech and behavior begin.

Unlike the days where satellite imaging, communications intercepts, and other forms of information gathering were limited to advanced law enforcement, military, and intelligence activities, private corporations now play a dominant role in the collection of information about individuals' …

What Do We Worry About When We Worry About Price Discrimination? The Law And Ethics Of Using Personal Information For Pricing, Akiva A. Miller

Akiva A Miller

New information technologies have dramatically increased sellers’ ability to engage in retail price discrimination. Debates over using personal information for price discrimination frequently treat it as a single problem, and are not sufficiently sensitive to the variety of price discrimination practices, the different kinds of information they require in order to succeed, and the different ethical concerns they raise. This paper explores the ethical and legal debate over regulating price discrimination facilitated by consumers’ personal information. Various kinds of “privacy remedies”—self-regulation, technological fixes, state regulation, and legislating private causes of legal action—each have their place. By drawing distinctions between various …

The Surveillance Society And The Third-Party Privacy Problem, Shaun Spencer

Shaun Spencer

This article examines a question that has become increasingly important in the emerging surveillance society: should the law treat information as private even though others know about it? This is the third-party privacy problem. Part I explores two competing conceptions of privacy: the binary and contextual conceptions. Part II describes two features of the emerging surveillance society that should change the way we address the third-party privacy problem. One feature, “surveillance on demand,” results from exponential increases in data collection and aggregation. The other feature, “uploaded lives,” reflects a revolution in the type and amount of information that we share …

A Shattered Looking Glass: The Pitfalls And Potential Of The Mosaic Theory Of Fourth Amendment Privacy, David C. Gray, Danielle Keats Citron

Faculty Scholarship

On January 23, 2012, the Supreme Court issued a landmark non-decision in United States v. Jones. In that case, officers used a GPS-enabled device to track a suspect’s public movements for four weeks, amassing a considerable amount of data in the process. Although ultimately resolved on narrow grounds, five Justices joined concurring opinions in Jones expressing sympathy for some version of the “mosaic theory” of Fourth Amendment privacy. This theory holds that we maintain reasonable expectations of privacy in certain quantities of information even if we do not have such expectations in the constituent parts. This Article examines and …

Information Revolution: “Choice Of Control” To “Choice And Control”, Subhajit Basu, Christina Munns

Subhajit Basu

Please do not cite without permission of the authors.

In this article, we critically analyse whether the ‘privacy framework’ for health records is ‘fit-for-purpose’ for the NHS’s ‘information revolution’ and argue that the NHS’s ‘proxy-individual’ information-guardian role could inadvertently mask individuals’ intended roles, effectively circumventing autonomy-based laws by limiting the power of individuals to be autonomous. We suggest that moving ‘choice of control’ to individuals will render ‘privacy’ redundant whilst validating ‘confidentiality’ via consent from empowered individuals. This power shift would expose the overdue need for options to increase levels of individual ‘control/privacy,’ moving from the NHS’s paternal ‘proxy-individual’ conception …

Cloud Computing Providers And Data Security Law: Building Trust With United States Companies, Jared A. Harshbarger Esq.

Jared A. Harshbarger

Cloud computing and software-as-a-service (SaaS) models are revolutionizing the information technology industry. As these services become more prevalent, data security and privacy concerns will also rise among consumers and the companies who consider using them. Cloud computing providers must establish a sufficient level of trust with their potential customers in order to ease initial fears - and ensure certain compliance obligations will be met - at least to the extent that any such inquiring customer will feel comfortable enough to ultimately take the irreversible step of releasing their sensitive data and personal information into the cloud.

Collateral Consequences, Genetic Surveillance, And The New Biopolitics Of Race, Dorothy E. Roberts

All Faculty Scholarship

This Article is part of a Howard Law Journal Symposium on “Collateral Consequences: Who Really Pays the Price for Criminal Justice?,” as well as my larger book project, Fatal Invention: How Science, Politics, and Big Business Re-create Race in the Twenty-First Century (The New Press, 2011). It considers state and federal government expansion of genetic surveillance as a collateral consequence of a criminal record in the context of a new biopolitics of race in America. Part I reviews the expansion of DNA data banking by states and the federal government, extending the collateral impact of a criminal record—in the form …

The Privacy Bailout: State Government Involvement In The Privacy Arena, Corey A. Ciocchetti

Corey A Ciocchetti

In the midst of massive government involvement in the financial, real estate and automotive sectors, other important problems linger without sufficient governmental attention. This article focuses on one area where federal intervention has been particularly absent - the realm of individual privacy in the Information Age. The problem is that monitoring in the United States is increasingly powerful and takes many forms. Online, prominent Web sites collect, store and disseminate a great deal of personally identifying information (PII) without clearly and simply informing users. This is the case even though such notice is cheap and can be effective. Offline, technology …