Law Commons^™

Ispy: Threats To Individual And Institutional Privacy In The Digital World, Lori Andrews

All Faculty Scholarship

What type of information is collected, who is viewing it, and what law librarians can do to protect their patrons and institutions.

Ancient Worries And Modern Fears: Different Roots And Common Effects Of U.S. And Eu Privacy Regulation, David Thaw, Pierluigi Perri

Articles

Much legal and technical scholarship discusses the differing views of the United States and European Union toward privacy concepts and regulation. A substantial amount of effort in recent years, in both research and policy, focuses on attempting to reconcile these viewpoints searching for a common framework with a common level of protection for citizens from both sides of Atlantic. Reconciliation, we argue, misunderstands the nature of the challenge facing effective cross-border data flows. No such reconciliation can occur without abdication of some sovereign authority of nations, that would require the adoption of an international agreement with typical tools of international …

The Rise Of Cybersecurity And Its Impact On Data Protection, Fred H. Cate, Christopher Kuner, Dan Jerker B. Svantesson, Orla Lynskey, Christopher Millard

Articles by Maurer Faculty

No abstract provided.

Machine Learning With Personal Data: Is Data Protection Law Smart Enough To Meet The Challenge?, Fred H. Cate, Christopher Kuner, Dan Jerker B. Svantesson, Orla Lynskey, Christopher Millard

Articles by Maurer Faculty

No abstract provided.

Data Protection And Humanitarian Emergencies, Fred H. Cate, Christopher Kuner, Dan Jerker B. Svantesson, Orla Lynskey, Christopher Millard

Articles by Maurer Faculty

No abstract provided.

The Gdpr As A Chance To Break Down Borders, Fred H. Cate, Christopher Kuner, Dan Jerker B. Svantesson, Orla Lynskey, Nora Ni Loideain

Articles by Maurer Faculty

No abstract provided.

Cybersecurity Stovepiping, David Thaw

Articles

Most readers of this Article probably have encountered – and been frustrated by – password complexity requirements. Such requirements have become a mainstream part of contemporary culture: "the more complex your password is, the more secure you are, right?" So the cybersecurity experts tell us… and policymakers have accepted this "expertise" and even adopted such requirements into law and regulation.

This Article asks two questions. First, do complex passwords actually achieve the goals many experts claim? Does using the password "Tr0ub4dor&3" or the passphrase "correcthorsebatterystaple" actually protect your account? Second, if not, then why did such requirements become so widespread? …

Big Data And The Fourth Estate: Protecting The Development Of News Media Monitoring Databases, Joseph A. Tomain

Articles by Maurer Faculty

No abstract provided.

Web Based Cyber Forensics Training For Law Enforcement, Nick Sturgeon

Purdue Polytechnic Masters Theses

Training and education are two of the most important aspects within cyber forensics. These topics have been of concern since the inception of the field. Training law enforcement is particularly important to ensure proper execution of the digital forensics process. It is also important because the proliferation of technology in to society continues to grow at an exponential rate. Just as technology is used for good there are those that will choose to use it for criminal gains. It is critical that Law Enforcement have the tools and training in cyber forensics. This research looked to determine if web based …

Why Education In The Law And Policy Of Cybersecurity Is A Must, Markus Rauschecker

Homeland Security Publications

No abstract provided.

Framing The Question, "Who Governs The Internet?", Robert J. Domanski

Publications and Research

There remains a widespread perception among both the public and elements of academia that the Internet is “ungovernable”. However, this idea, as well as the notion that the Internet has become some type of cyber-libertarian utopia, is wholly inaccurate. Governments may certainly encounter tremendous difficulty in attempting to regulate the Internet, but numerous types of authority have nevertheless become pervasive. So who, then, governs the Internet? This book will contend that the Internet is, in fact, being governed, that it is being governed by specific and identifiable networks of policy actors, and that an argument can be made as to …

Risk Management In Data Protection, Fred H. Cate, Christopher Kuner, Christopher Millard, Dan Jerker B. Svantesson, Orla Lynskey

Articles by Maurer Faculty

No abstract provided.

Data Breach (Regulatory) Effects, David Thaw

Articles

No abstract provided.

Reasonable Expectations Of Privacy Settings: Social Media And The Stored Communications Act, David Thaw, Christopher Borchert, Fernando Pinguelo

Articles

In 1986, Congress passed the Stored Communications Act (“SCA”) to provide additional protections for individuals’ private communications content held in electronic storage by third parties. Acting out of direct concern for the implications of the Third-Party Records Doctrine — a judicially created doctrine that generally eliminates Fourth Amendment protections for information entrusted to third parties — Congress sought to tailor the SCA to electronic communications sent via and stored by third parties. Yet, because Congress crafted the SCA with language specific to the technology of 1986, courts today have struggled to apply the SCA consistently with regard to similar private …

The Data Protection Credibility Crisis, Fred H. Cate, Christopher Kuner, Christopher Millard, Dan Jerker B. Svantesson, Orla Lynskey

Articles by Maurer Faculty

No abstract provided.

I Remember Richelieu: Is Anything Secure Anymore?, Michael G. Crowley, Michael N. Johnstone

Australian Security and Intelligence Conference

Petraeus-gate, hacked nude celebrity photos in the cloud and the recent use of a search and seizure warrant in the United States of America to seek production of customer email contents on an extraterritorial server raises important issues for the supposably safe storage of data on the World Wide Web. Not only may there be nowhere to hide in cyberspace but nothing in cyberspace may be private. This paper explores the legal and technical issues raised by the these matters with emphasis on the courts decision “In the Matter of a Warrant to Search a Certain E-Mail Account Controlled and …

The (Data Privacy) Law Hasn't Even Checked In When Technology Takes Off, Fred H. Cate, Christopher Kuner, Christopher Millard, Dan Jerker B. Svantesson

Articles by Maurer Faculty

No abstract provided.

Taking Stock After Four Years, Fred H. Cate, Christopher Kuner, Christopher Millard, Dan Jerker B. Svantesson

Articles by Maurer Faculty

No abstract provided.

Systematic Government Access To Private-Sector Data Redux, Fred H. Cate, Christopher Kuner, Christopher Millard, Dan Jerker B. Svantesson

Articles by Maurer Faculty

No abstract provided.

The Efficacy Of Cybersecurity Regulation, David Thaw

Articles

Cybersecurity regulation presents an interesting quandary where, because private entities possess the best information about threats and defenses, legislatures do – and should – deliberately encode regulatory capture into the rulemaking process. This relatively uncommon approach to administrative law, which I describe as Management-Based Regulatory Delegation, involves the combination of two legislative approaches to engaging private entities' expertise. This Article explores the wisdom of those choices by comparing the efficacy of such private sector engaged regulation with that of a more traditional, directive mode of regulating cybersecurity adopted by the state legislatures. My analysis suggests that a blend of these …

Surveillance At The Source, David Thaw

Articles

Contemporary discussion concerning surveillance focuses predominantly on government activity. These discussions are important for a variety of reasons, but generally ignore a critical aspect of the surveillance-harm calculus – the source from which government entities derive the information they use. The source of surveillance data is the information "gathering" activity itself, which is where harms like "chilling" of speech and behavior begin.

Unlike the days where satellite imaging, communications intercepts, and other forms of information gathering were limited to advanced law enforcement, military, and intelligence activities, private corporations now play a dominant role in the collection of information about individuals' …

The Business Of Privacy, Fred H. Cate, Christopher Kuner, Christopher Millard, Dan Jerker B. Svantesson

Articles by Maurer Faculty

No abstract provided.

Face-To-Data -- Another Developing Privacy Threat?, Fred H. Cate, Christopher Kuner, Christopher Millard, Dan Jerker B. Svantesson

Articles by Maurer Faculty

No abstract provided.

The Extraterritoriality Of Data Privacy Laws -- An Explosive Issue Yet To Detonate, Fred H. Cate, Christopher Kuner, Christopher Millard, Dan Jerker B. Svantesson

Articles by Maurer Faculty

No abstract provided.

Notice And Consent In A World Of Big Data, Fred H. Cate, Viktor Mayer-Schönberger

Articles by Maurer Faculty

• Nowadays individuals are often presented with long and complex privacy notices routinely written by lawyers for lawyers, and are then requested to either ‘consent’ or abandon the use of the desired service.
• The over-use of notice and consent presents increasing challenges in an age of ‘Big Data’.
• These phenomena are receiving attention particularly in the context of the current review of the OECD Privacy Guidelines.
• In 2012 Microsoft sponsored an initiative designed to engage leading regulators, industry executives, public interest advocates, and academic experts in frank discussions about the role of individual control and notice and consent in data protection …

Criminalizing Hacking, Not Dating: Reconstructing The Cfaa Intent Requirement, David Thaw

Articles

Cybercrime is a growing problem in the United States and worldwide. Many questions remain unanswered as to the proper role and scope of criminal law in addressing socially-undesirable actions affecting and conducted through the use of computers and modern information technologies. This Article tackles perhaps the most exigent question in U.S. cybercrime law, the scope of activities that should be subject to criminal sanction under the Computer Fraud and Abuse Act (CFAA), the federal "anti-hacking" statute.

At the core of current CFAA debate is the question of whether private contracts, such as website "Terms of Use" or organizational "Acceptable Use …

Prism And Privacy: Will This Change Everything?, Fred H. Cate, Christopher Kuner, Christopher Millard, Dan Jerker B. Svantesson

Articles by Maurer Faculty

No abstract provided.

The End Of The Beginning, Fred H. Cate, Christopher Kuner, Christopher Millard, Dan Jerker B. Svantesson

Articles by Maurer Faculty

No abstract provided.

The Intricacies Of Independence, Fred H. Cate, Christopher Kuner, Christopher Millard, Dan Jerker B. Svantession

Articles by Maurer Faculty

No abstract provided.

The Challenge Of "Big Data" For Data Protection, Fred H. Cate, Christopher Kuner, Christopher Millard, Dan Jerker B. Svantesson

Articles by Maurer Faculty

No abstract provided.