Law Commons^™

Two Visions Of Digital Sovereignty, Sujit Raman

Joint PIJIP/TLS Research Paper Series

No abstract provided.

A Trusted Framework For Cross-Border Data Flows, Alex Joel

Joint PIJIP/TLS Research Paper Series

The German Marshall Fund of the United States (GMF), in cooperation with the Tech, Law and Security Program (TLS) of the American University Washington College of Law, and with support from Microsoft, convened a Global Taskforce to Promote Trusted Sharing of Data comprising experts from civil society, academia, and industry to submit proposals for harmonizing approaches to global data use and sharing. Former US Ambassador to the Organisation for Economic Co-operation and Development (OECD) and GMF Distinguished Fellow Karen Kornbluh and Microsoft Chief Privacy Officer and Corporate Vice President Julie Brill co-chaired the taskforce; TLS Senior Project Director Alex Joel …

On The Danger Of Not Understanding Technology, Fredric I. Lederer

Popular Media

No abstract provided.

Who Owns Data? Constitutional Division In Cyberspace, Dongsheng Zang

Articles

Privacy emerged as a concern as soon as the internet became commercial. In early 1995, Lawrence Lessig warned that the internet, though giving us extraordinary potential, was “not designed to protect individuals against this extraordinary potential for others to abuse.” The same technology can “destroy the very essence of what now defines individuality.” Lessig urged that “a constitutional balance will have to be drawn between these increasingly important interests in privacy, and the competing interest in collective security.” Lessig envisioned that creating property rights in data would help individuals by giving them control of their data. As utopian as property …

Governing Smart Cities As Knowledge Commons - Introduction, Chapter 1 & Conclusion, Brett M. Frischmann, Michael J. Madison, Madelyn Sanfilippo

Book Chapters

Smart city technology has its value and its place; it isn’t automatically or universally harmful. Urban challenges and opportunities addressed via smart technology demand systematic study, examining general patterns and local variations as smart city practices unfold around the world. Smart cities are complex blends of community governance institutions, social dilemmas that cities face, and dynamic relationships among information and data, technology, and human lives. Some of those blends are more typical and common. Some are more nuanced in specific contexts. This volume uses the Governing Knowledge Commons (GKC) framework to sort out relevant and important distinctions. The framework grounds …

Brokered Abuse, Thomas E. Kadri

Scholarly Works

Data brokers are abuse enablers. These companies, which traffic information about people for profit, facilitate interpersonal abuse by making it easier to find and contact people. By thwarting people’s obscurity, brokers expose them to physical, psychological, financial, and reputational harm. To date, there have been four common legal responses to this situation: prohibiting abusive acts, mandating broker transparency, limiting data collection, and restricting data disclosure. Though these measures each have some merit, none is adequate, and several recent privacy laws have even made matters worse. Put simply, the current legal landscape is neither effective nor empathetic.

This Essay explores the …

Collective Data Rights And Their Possible Abuse, Asaf Lubin

Articles by Maurer Faculty

No abstract provided.

Content Moderation As Surveillance, Hannah Bloch-Wehba

Faculty Scholarship

Technology platforms are the new governments, and content moderation is the new law, or so goes a common refrain. As platforms increasingly turn toward new, automated mechanisms of enforcing their rules, the apparent power of the private sector seems only to grow. Yet beneath the surface lies a web of complex relationships between public and private authorities that call into question whether platforms truly possess such unilateral power. Law enforcement and police are exerting influence over platform content rules, giving governments a louder voice in supposedly “private” decisions. At the same time, law enforcement avails itself of the affordances of …

Designing Respectful Tech: What Is Your Relationship With Technology?, Noreen Y. Whysel

Publications and Research

According to research at the Me2B Alliance, people feel they have a relationship with technology. It’s emotional. It’s embodied. And it’s very personal. We are studying digital relationships to answer questions like “Do people have a relationship with technology?” “What does that relationship feel like?” And “Do people understand the commitments that they are making when they explore, enter into and dissolve these relationships?” There are parallels between messy human relationships and the kinds of relationships that people develop with technology. As with human relationships, we move through states of discovery, commitment and breakup with digital applications as well. Technology …

Dismantling The “Black Opticon”: Privacy, Race Equity, And Online Data-Protection Reform, Anita L. Allen

All Faculty Scholarship

African Americans online face three distinguishable but related categories of vulnerability to bias and discrimination that I dub the “Black Opticon”: discriminatory oversurveillance, discriminatory exclusion, and discriminatory predation. Escaping the Black Opticon is unlikely without acknowledgement of privacy’s unequal distribution and privacy law’s outmoded and unduly race-neutral façade. African Americans could benefit from race-conscious efforts to shape a more equitable digital public sphere through improved laws and legal institutions. This Essay critically elaborates the Black Opticon triad and considers whether the Virginia Consumer Data Protection Act (2021), the federal Data Protection Act (2021), and new resources for the Federal Trade …

Understanding Chilling Effects, Jonathon Penney

Articles, Book Chapters, & Popular Press

With digital surveillance and censorship on the rise, the amount of data available online unprecedented, and corporate and governmental actors increasingly employing emerging technologies like artificial intelligence (AI), machine learning, and facial recognition technology (FRT) for surveillance and data analytics, concerns about “chilling effects”, that is, the capacity for these activities “chill” or deter people from exercising their rights and freedoms have taken on greater urgency and importance. Yet, there remains a clear dearth in systematic theoretical and empirical work point. This has left significant gaps in understanding. This article has attempted to fill that void, synthesizing theoretical and empirical …

Platforms, Encryption, And The Cfaa: The Case Of Whatsapp V Nso Group, Jonathon Penney, Bruce Schneier

Articles, Book Chapters, & Popular Press

End-to-end encryption technology has gone mainstream. But this wider use has led hackers, cybercriminals, foreign governments, and other threat actors to employ creative and novel attacks to compromise or workaround these protections, raising important questions as to how the Computer Fraud and Abuse Act (CFAA), the primary federal anti-hacking statute, is best applied to these new encryption implementations. Now, after the Supreme Court recently narrowed the CFAA’s scope in Van Buren and suggested it favors a code-based approach to liability under the statute, understanding how best to theorize sophisticated code-based access barriers like end-to-end encryption, and their circumvention, is now …

Legislating Data Loyalty, Woodrow Hartzog, Neil Richards

Faculty Scholarship

Lawmakers looking to embolden privacy law have begun to consider imposing duties of loyalty on organizations trusted with people’s data and online experiences. The idea behind loyalty is simple: organizations should not process data or design technologies that conflict with the best interests of trusting parties. But the logistics and implementation of data loyalty need to be developed if the concept is going to be capable of moving privacy law beyond its “notice and consent” roots to confront people’s vulnerabilities in their relationship with powerful data collectors.

In this short Essay, we propose a model for legislating data loyalty. Our …

The Republic Of Letters And The Origins Of Scientific Knowledge Commons, Michael J. Madison

Book Chapters

The knowledge commons framework, deployed here in a review of the early network of scientific communication known as the Republic of Letters, combines a historical sensibility regarding the character of scientific research and communications with a modern approach to analyzing institutions for knowledge governance. Distinctions and intersections between public purposes and privacy interests are highlighted. Lessons from revisiting the Republic of Letters as knowledge commons may be useful in advancing contemporary discussions of Open Science.

Agonistic Privacy & Equitable Democracy, Scott Skinner-Thompson

Publications

This Essay argues that legal privacy protections—which enable individuals to control their visibility within public space—play a vital role in disrupting the subordinating, antidemocratic impacts of surveillance and should be at the forefront of efforts to reform the operation of both digital and physical public space. Robust privacy protections are a touchstone for empowering members of different marginalized groups with the ability to safely participate in both the physical and digital public squares, while also preserving space for vibrant subaltern counterpublics. By increasing heterogeneity within the public sphere, privacy can also help decrease polarization by breaking down echo chambers and …

Digital Gatekeepers, Thomas E. Kadri

Scholarly Works

If in William Blackstone's time we might have thought of a person's home as their castle, in Mark Zuckerberg's time we might say that their website is too. Under cyber-trespass laws like the Computer Fraud and Abuse Act, courts have treated online platforms as digital gatekeepers--as property owners that may permit and restrict access to websites much like landowners may do with private land in the real world. If platforms withhold their consent through words or inference, cyber-trespass laws let them enforce their preferences about who may access their services and gather information from the internet. Concerned about reputations and …

Catalyzing Privacy Law, Anupam Chander, Margot E. Kaminski, William Mcgeveran

Publications

The United States famously lacks a comprehensive federal data privacy law. In the past year, however, over half the states have proposed broad privacy bills or have established task forces to propose possible privacy legislation. Meanwhile, congressional committees are holding hearings on multiple privacy bills. What is catalyzing this legislative momentum? Some believe that Europe’s General Data Protection Regulation (GDPR), which came into force in 2018, is the driving factor. But with the California Consumer Privacy Act (CCPA) which took effect in January 2020, California has emerged as an alternate contender in the race to set the new standard for …

The First Amendment, Common Carriers, And Public Accommodations: Net Neutrality, Digital Platforms, And Privacy, Christopher S. Yoo

All Faculty Scholarship

Recent prominent judicial opinions have assumed that common carriers have few to no First Amendment rights and that calling an actor a common carrier or public accommodation could justify limiting its right to exclude and mandating that it provide nondiscriminatory access. A review of the history reveals that the underlying law is richer than these simple statements would suggest. The principles for determining what constitutes a common carrier or a public accommodation and the level of First Amendment protection both turn on whether the actor holds itself out as serving all members of the public or whether it asserts editorial …

Artificial Intelligence And Trade, Anupam Chander

Georgetown Law Faculty Publications and Other Works

Artificial Intelligence is already powering trade today. It is crossing borders, learning, making decisions, and operating cyber-physical systems. It underlies many of the services that are offered today – from customer service chatbots to customer relations software to business processes. The chapter considers AI regulation from the perspective of international trade law. It argues that foreign AI should be regulated by governments – indeed that AI must be ‘locally responsible’. The chapter refutes arguments that trade law should not apply to AI and shows how the WTO agreements might apply to AI using two hypothetical cases . The analysis reveals …

Good Health And Good Privacy Go Hand-In-Hand (Originally Published By Jnslp), Jennifer Daskal

Joint PIJIP/TLS Research Paper Series

No abstract provided.

The Law Of Black Mirror - Syllabus, Yafit Lev-Aretz, Nizan Packin

Open Educational Resources

Using episodes from the show Black Mirror as a study tool - a show that features tales that explore techno-paranoia - the course analyzes legal and policy considerations of futuristic or hypothetical case studies. The case studies tap into the collective unease about the modern world and bring up a variety of fascinating key philosophical, legal, and economic-based questions.

Is Data Localization A Solution For Schrems Ii?, Anupam Chander

Georgetown Law Faculty Publications and Other Works

For the second time this decade, the Court of Justice of the European Union has struck a blow against the principal mechanisms for personal data transfer to the United States. In Data Protection Commissioner v Facebook Ireland, Maximillian Schrems, the Court declared the EU-US Privacy Shield invalid and placed significant hurdles to the process of transferring personal data from the European Union to the United States via the mechanism of Standard Contractual Clauses. Many have begun to suggest data localization as the solution to the problem of data transfer; that is, don’t transfer the data at all. I argue …

Cybersecurity-Cybercrime-The Legal Environment, Amy J. Ramson

Open Educational Resources

This presentation covers the legal environment of cybercrime to date. It addresses: the challenges of law enforcement; federal government vs. sate jurisdiction of cybercrime; law enforcement department and agencies which handle cybercrime; criminal statutes and privacy statutes.

Automation In Moderation, Hannah Bloch-Wehba

Faculty Scholarship

This Article assesses recent efforts to encourage online platforms to use automated means to prevent the dissemination of unlawful online content before it is ever seen or distributed. As lawmakers in Europe and around the world closely scrutinize platforms’ “content moderation” practices, automation and artificial intelligence appear increasingly attractive options for ridding the Internet of many kinds of harmful online content, including defamation, copyright infringement, and terrorist speech. Proponents of these initiatives suggest that requiring platforms to screen user content using automation will promote healthier online discourse and will aid efforts to limit Big Tech’s power.

In fact, however, the …

Politics Of Adversarial Machine Learning, Kendra Albert, Jonathon Penney, Bruce Schneier, Ram Shankar Siva Kumar

Articles, Book Chapters, & Popular Press

In addition to their security properties, adversarial machine-learning attacks and defenses have political dimensions. They enable or foreclose certain options for both the subjects of the machine learning systems and for those who deploy them, creating risks for civil liberties and human rights. In this paper, we draw on insights from science and technology studies, anthropology, and human rights literature, to inform how defenses against adversarial attacks can be used to suppress dissent and limit attempts to investigate machine learning systems. To make this concrete, we use real-world examples of how attacks such as perturbation, model inversion, or membership inference …

Ethical Testing In The Real World: Evaluating Physical Testing Of Adversarial Machine Learning, Kendra Albert, Maggie Delano, Jonathon Penney, Afsaneh Ragot, Ram Shankar Siva Kumar

Articles, Book Chapters, & Popular Press

This paper critically assesses the adequacy and representativeness of physical domain testing for various adversarial machine learning (ML) attacks against computer vision systems involving human subjects. Many papers that deploy such attacks characterize themselves as “real world.” Despite this framing, however, we found the physical or real-world testing conducted was minimal, provided few details about testing subjects and was often conducted as an afterthought or demonstration. Adversarial ML research without representative trials or testing is an ethical, scientific, and health/safety issue that can cause real harms. We introduce the problem and our methodology, and then critique the physical domain testing …

Cyber Mobs, Disinformation, And Death Videos: The Internet As It Is (And As It Should Be), Danielle K. Citron

Faculty Scholarship

Fiction and visual representations can alter our understanding of human experiences and struggles. They help us understand human frailties and suffering in a visceral way. Nick Drnaso’s graphic novel Sabrina does that in spades. In Sabrina, a woman is murdered by a misogynist, and a video of her execution is leaked. Conspiracy theorists deem her murder a hoax. A cyber mob smears the woman’s loved ones as crisis actors, posts death threats, and spreads their personal information. The attacks continue until a shooting massacre redirects the cyber mob’s wrath to other mourners. Sabrina captures the breathtaking velocity of disinformation online …

Hacking For Intelligence Collection In The Fight Against Terrorism: Israeli, Comparative, And International Perspectives, Asaf Lubin

Articles by Maurer Faculty

תקציר בעברית: הניסיון של המחוקק הישראלי להביא להסדרה מפורשת של סמכויות השב״כ במרחב הקיברנטי משקף מגמה רחבה יותר הניכרת בעולם לעיגון בחקיקה ראשית של הוראות בדבר פעולות פצחנות מצד גופי ביון ומודיעין ורשויות אכיפת חוק למטרות איסוף מודיעין לשם סיכול עבירות חמורות, ובייחוד עבירות טרור אם בעבר היו פעולות מסוג אלה כפופות לנהלים פנימיים ומסווגים, הרי שהדרישה לשקיפות בעידן שלאחר גילויי אדוארד סנודן מחד והשימוש הנרחב בתקיפות מחשב לביצוע פעולות חיפוש וחקירה לסיכול טרור מאידך, מציפים כעת את הדרישה להסמכה מפורשת. במאמר זה אבקש למפות הן את השדה הטכנולוגי והן את השדה המשפטי בכל האמור בתקיפות מחשבים למטרות ריגול ומעקב. …

Deep Fakes: A Looming Challenge For Privacy, Democracy, And National Security, Danielle K. Citron, Robert Chesney

Faculty Scholarship

Harmful lies are nothing new. But the ability to distort reality has taken an exponential leap forward with “deep fake” technology. This capability makes it possible to create audio and video of real people saying and doing things they never said or did. Machine learning techniques are escalating the technology’s sophistication, making deep fakes ever more realistic and increasingly resistant to detection. Deep-fake technology has characteristics that enable rapid and widespread diffusion, putting it into the hands of both sophisticated and unsophisticated actors. While deep-fake technology will bring with it certain benefits, it also will introduce many harms. The marketplace …

Data Scams, Roger Allan Ford

Law Faculty Scholarship

Targeting platforms like Google and Facebook are usually seen as presenting tradeoffs between utility and privacy. This Article identifies and describes a different, non-privacy cost of targeting platforms: they make it easier for malicious actors to scam others. They do this by making it easier for scammers to reach the most promising victims, hide from law-enforcement authorities and others, and develop better scams. Technology offers potential solutions, since the same data and targeting tools that enable scams could help detect and prevent them, though neither platforms nor law-enforcement officials have both the incentives and expertise needed to develop and deploy …