Law Commons^™

Reframing Hate, Lu-In Wang

Articles

The concept and naming of “hate crime,” and the adoption of special laws to address it, provoked controversy and raised fundamental questions when they were introduced in the 1980s. In the decades since, neither hate crime itself nor those hotly debated questions have abated. To the contrary, hate crime has increased in recent years—although the prominent target groups have shifted over time—and the debate over hate crime laws has reignited as well. The still-open questions range from the philosophical to the doctrinal to the pragmatic: What justifies the enhanced punishment that hate crime laws impose based on the perpetrator’s motivation? …

Cybersecurity Stovepiping, David Thaw

Articles

Most readers of this Article probably have encountered – and been frustrated by – password complexity requirements. Such requirements have become a mainstream part of contemporary culture: "the more complex your password is, the more secure you are, right?" So the cybersecurity experts tell us… and policymakers have accepted this "expertise" and even adopted such requirements into law and regulation.

This Article asks two questions. First, do complex passwords actually achieve the goals many experts claim? Does using the password "Tr0ub4dor&3" or the passphrase "correcthorsebatterystaple" actually protect your account? Second, if not, then why did such requirements become so widespread? …

Authority And Authors And Codes, Michael J. Madison

Articles

Contests over the meaning and application of the federal Computer Fraud and Abuse Act (“CFAA”) expose long-standing, complex questions about the sources and impacts of the concept of authority in law and culture. Accessing a computer network “without authorization” and by “exceeding authorized access” is forbidden by the CFAA. Courts are divided in their interpretation of this language in the statute. This Article first proposes to address the issue with an insight from social science research. Neither criminal nor civil liability under the CFAA should attach unless the alleged violator has transgressed some border or boundary that is rendered visible …

Data Breach (Regulatory) Effects, David Thaw

Articles

No abstract provided.

Reasonable Expectations Of Privacy Settings: Social Media And The Stored Communications Act, David Thaw, Christopher Borchert, Fernando Pinguelo

Articles

In 1986, Congress passed the Stored Communications Act (“SCA”) to provide additional protections for individuals’ private communications content held in electronic storage by third parties. Acting out of direct concern for the implications of the Third-Party Records Doctrine — a judicially created doctrine that generally eliminates Fourth Amendment protections for information entrusted to third parties — Congress sought to tailor the SCA to electronic communications sent via and stored by third parties. Yet, because Congress crafted the SCA with language specific to the technology of 1986, courts today have struggled to apply the SCA consistently with regard to similar private …

The Efficacy Of Cybersecurity Regulation, David Thaw

Articles

Cybersecurity regulation presents an interesting quandary where, because private entities possess the best information about threats and defenses, legislatures do – and should – deliberately encode regulatory capture into the rulemaking process. This relatively uncommon approach to administrative law, which I describe as Management-Based Regulatory Delegation, involves the combination of two legislative approaches to engaging private entities' expertise. This Article explores the wisdom of those choices by comparing the efficacy of such private sector engaged regulation with that of a more traditional, directive mode of regulating cybersecurity adopted by the state legislatures. My analysis suggests that a blend of these …

Surveillance At The Source, David Thaw

Articles

Contemporary discussion concerning surveillance focuses predominantly on government activity. These discussions are important for a variety of reasons, but generally ignore a critical aspect of the surveillance-harm calculus – the source from which government entities derive the information they use. The source of surveillance data is the information "gathering" activity itself, which is where harms like "chilling" of speech and behavior begin.

Unlike the days where satellite imaging, communications intercepts, and other forms of information gathering were limited to advanced law enforcement, military, and intelligence activities, private corporations now play a dominant role in the collection of information about individuals' …

Enlightened Regulatory Capture, David Thaw

Articles

Regulatory capture generally evokes negative images of private interests exerting excessive influence on government action to advance their own agendas at the expense of the public interest. There are some cases, however, where this conventional wisdom is exactly backwards. This Article explores the first verifiable case, taken from healthcare cybersecurity, where regulatory capture enabled regulators to harness private expertise to advance exclusively public goals. Comparing this example to other attempts at harnessing industry expertise reveals a set of characteristics under which regulatory capture can be used in the public interest. These include: 1) legislatively-mandated adoption of recommendations by an advisory …

When Machines Are Watching: How Warrantless Use Of Gps Surveillance Technology Violates The Fourth Amendment Right Against Unreasonable Searches, David Thaw, Priscilla Smith, Nabiha Syed, Albert Wong

Articles

Federal and state law enforcement officials throughout the nation are currently using Global Positioning System (GPS) technology for automated, prolonged surveillance without obtaining warrants. As a result, cases are proliferating in which criminal defendants are challenging law enforcement’s warrantless uses of GPS surveillance technology, and courts are looking for direction from the Supreme Court. Most recently, a split has emerged between the Ninth and D.C. Circuit Courts of Appeal on the issue. In United States v. Pineda-Moreno, the Ninth Circuit relied on United States v. Knotts — which approved the limited use of beeper technology without a warrant — to …

What Blogging Might Teach About Cybernorms, Jacqueline D. Lipton

Articles

Since the dawn of the information age, scholars have debated the viability of regulating cyberspace. Early on, Professor Lawrence Lessig suggested that “code is law” online. Lessig and others also examined the respective regulatory functions of laws, code, market forces, and social norms. In recent years, with the rise of Web 2.0 interactive technologies, norms have taken center-stage as a regulatory modality online. The advantages of norms are that they can develop quickly by the communities that seek to enforce them, and they are not bound by geography. However, to date there has been scant literature dealing in any detail …

Wikipedia And The European Union Database Directive, Jacqueline D. Lipton

Articles

“Web 2.0" and "User Generated Content (UGC)" are the new buzzwords in cyberspace. In recent years, law and policy makers have struggled to keep pace with the needs of digital natives in terms of online content control in the new participatory web culture. Much of the discourse about intellectual property rights in this context revolves around copyright law: for example, who owns copyright in works generated by multiple people, and what happens when these joint authored works borrow from existing copyright works in terms of derivative works rights and the fair use defense. Many works compiled by groups are subject …

Bad Faith In Cyberspace: Grounding Domain Name Theory In Trademark, Property And Restitution, Jacqueline D. Lipton

Articles

The year 2009 marks the tenth anniversary of domain name regulation under the Anti-Cybersquatting Consumer Protection Act (ACPA) and the Uniform Domain Name Dispute Resolution Policy (UDRP). Adopted to combat cybersquatting, these rules left a confused picture of domain name theory in their wake. Early cybersquatters registered Internet domain names corresponding with others’ trademarks to sell them for a profit. However, this practice was quickly and easily contained. New practices arose in domain name markets, not initially contemplated by the drafters of the ACPA and the UDRP. One example is clickfarming – using domain names to generate revenues from click-on …

Mapping Online Privacy, Jacqueline D. Lipton

Articles

Privacy scholars have recently outlined difficulties in applying existing concepts of personal privacy to the maturing Internet. With Web 2.0 technologies, more people have more opportunities to post information about themselves and others online, often with scant regard for individual privacy. Shifting notions of 'reasonable expectations of privacy' in the context of blogs, wikis, and online social networks create challenges for privacy regulation. Courts and commentators struggle with Web 2.0 privacy incursions without the benefit of a clear regulatory framework. This article offers a map of privacy that might help delineate at least the outer boundaries of Web 2.0 privacy. …

A Winning Solution For Youtube And Utube? Corresponding Trademarks And Domain Name Sharing, Jacqueline D. Lipton

Articles

In June of 2007, the United States District Court for the Northern District of Ohio ruled on a motion to dismiss various claims against the Youtube video-sharing service. The claimant was Universal Tube and Rollform Equipment Corp ("Universal"), a manufacturer of pipes and tubing products. Since 1996, Universal has used the domain name utube.com - phonetically the same as Youtube's domain name, youtube.com. Youtube.com was registered in 2005 and gained almost-immediate popularity as a video-sharing website. As a result, Universal experienced excessive web traffic by Internet users looking for youtube.com and mistakenly typing utube.com into their web browsers. Universal's servers …

Celebrity In Cyberspace: A Personality Rights Paradigm For Personal Domain Name Disputes, Jacqueline D. Lipton

Articles

When the Oscar-winning actress, Julia Roberts, fought for control of the domain name, what was her aim? Did she want to reap economic benefits from the name? Probably not, as she has not used the name since it was transferred to her. Or did she want to prevent others from using it on either an unjust enrichment or a privacy basis? Was she, in fact, protecting a trademark interest in her name? Personal domain name disputes, particularly those in the space, implicate unique aspects of an individual's persona in cyberspace. Nevertheless, most of the legal rules developed for these disputes …

Beyond Cybersquatting: Taking Domain Name Disputes Past Trademark Policy, Jacqueline D. Lipton

Articles

All good 'cyberlawyers' know that in the late 1990s, legal and regulatory measures were adopted, both at the domestic and international level to address the then-growing problem of 'cybersquatting': that is, the registration of often multiple domain names corresponding to valuable corporate trademarks with the intention of extorting high prices from the trademark owners for transferring the names to them. Since 1999, the Uniform Domain Name Dispute Resolution Policy ('UDRP') in particular, complemented by the Anti-Cybersquatting Consumer Protection Act ('ACPA'), has been very successful in combating this practice. Unfortunately, since the late 1990s, there has been little movement towards developing …

Hate Crimes And Everyday Discrimination: Influences Of And On The Social Context, Lu-In Wang

Articles

This article discusses aspects of hate crime that make it somewhat unexceptional. By making these points, I do not in any way mean to imply that hate crime is not a problem worthy of attention in the law. To the contrary, I believe that to point out the unexceptional aspects of hate crimes is to highlight just how important a problem hate crime is, and may help us to develop more effective ways of addressing it. My points are based largely on lessons drawn from social science and historical research on the effects of and motivations behind bias-related violence. Specifically, …

'Suitable Targets'? Parallels And Connections Between 'Hate Crimes' And 'Driving While Black', Lu-In Wang

Articles

While hate crimes may tend to be less routine and more violent than discriminatory traffic stops, closer examination of each shows the need to complicate our understanding of both. The work of social scientists who have studied racial profiling reveals striking similarities and connections between these two practices. In particular, both hate crimes and racial profiling tend to be condemned only at extremes, in situations where they appear to be irrational and excessive, but overlooked in cases where they seem logical or are expected. The tendency to see only the most extreme cases as problematic, however, fails to recognize that …