Open Access. Powered by Scholars. Published by Universities.®
- Discipline
-
- Computer Law (5)
- Internet Law (5)
- Science and Technology Law (4)
- Law and Society (3)
- Legislation (3)
-
- Criminal Law (2)
- Intellectual Property Law (2)
- Privacy Law (2)
- Anthropology (1)
- Antitrust and Trade Regulation (1)
- Computer Sciences (1)
- Contracts (1)
- Courts (1)
- Databases and Information Systems (1)
- Economics (1)
- Human Rights Law (1)
- Information Security (1)
- Jurisprudence (1)
- Law and Economics (1)
- Legal Ethics and Professional Responsibility (1)
- Other Law (1)
- Physical Sciences and Mathematics (1)
- Political Economy (1)
- Property Law and Real Estate (1)
- Rule of Law (1)
- Science and Technology Studies (1)
- Social and Behavioral Sciences (1)
- Social and Cultural Anthropology (1)
- Sociology (1)
- Institution
Articles 1 - 9 of 9
Full-Text Articles in Law
Platforms, Encryption, And The Cfaa: The Case Of Whatsapp V Nso Group, Jonathon Penney, Bruce Schneier
Platforms, Encryption, And The Cfaa: The Case Of Whatsapp V Nso Group, Jonathon Penney, Bruce Schneier
Articles, Book Chapters, & Popular Press
End-to-end encryption technology has gone mainstream. But this wider use has led hackers, cybercriminals, foreign governments, and other threat actors to employ creative and novel attacks to compromise or workaround these protections, raising important questions as to how the Computer Fraud and Abuse Act (CFAA), the primary federal anti-hacking statute, is best applied to these new encryption implementations. Now, after the Supreme Court recently narrowed the CFAA’s scope in Van Buren and suggested it favors a code-based approach to liability under the statute, understanding how best to theorize sophisticated code-based access barriers like end-to-end encryption, and their circumvention, is now …
Hacking Antitrust: Competition Policy And The Computer Fraud And Abuse Act, Charles Duan
Hacking Antitrust: Competition Policy And The Computer Fraud And Abuse Act, Charles Duan
Articles in Law Reviews & Other Academic Journals
The Computer Fraud and Abuse Act, a federal computer trespass statute that prohibits accessing a computer "without authorization or exceeding authorized access," has often been criticized for clashing with online norms, over-criminalizing common behavior, and infringing freedom-of-expression interests. These controversies over the CFAA have raised difficult questions about how the statute is to be interpreted, with courts of appeals split on the proper construction and the Supreme Courtset to consider the law in its current October Term 2020.
This article considers the CFAA in a new light, namely its effects on competition. Rather than merely preventing injurious trespass upon computers, …
Criminal Trespass And Computer Crime, Laurent Sacharoff
Criminal Trespass And Computer Crime, Laurent Sacharoff
Sturm College of Law: Faculty Scholarship
The Computer Fraud and Abuse Act (CFAA) criminalizes the simple act of trespass upon a computer—intentional access without authorization. The law sweeps too broadly, but the courts and scholars seeking to fix it look in the wrong place. They uniformly focus on the term “without authorization” when instead they should focus on the statute’s mens rea. On a conceptual level, courts and scholars understand that the CFAA is a criminal law, of course, but fail to interpret it comprehensively as one.
This Article begins the first sustained treatment of the CFAA as a criminal law, with a full elaboration of …
Legal Risks Of Adversarial Machine Learning Research, Ram Shankar Siva Kumar, Jonathon Penney, Bruce Schneier, Kendra Albert
Legal Risks Of Adversarial Machine Learning Research, Ram Shankar Siva Kumar, Jonathon Penney, Bruce Schneier, Kendra Albert
Articles, Book Chapters, & Popular Press
Adversarial machine learning is the systematic study of how motivated adversaries can compromise the confidentiality, integrity, and availability of machine learning (ML) systems through targeted or blanket attacks. The problem of attacking ML systems is so prevalent that CERT, the federally funded research and development center tasked with studying attacks, issued a broad vulnerability note on how most ML classifiers are vulnerable to adversarial manipulation. Google, IBM, Facebook, and Microsoft have committed to investing in securing machine learning systems. The US and EU are likewise putting security and safety of AI systems as a top priority.
Now, research on adversarial …
Consenting To Computer Use, James Grimmelmann
Consenting To Computer Use, James Grimmelmann
Cornell Law Faculty Publications
The federal Computer Fraud and Abuse Act (CFAA) makes it a crime to “access a computer without authorization or exceed authorized access.” Courts and commentators have struggled to explain what types of conduct by a computer user are “without authorization.” But this approach is backwards; authorization is not so much a question of what a computer user does, as it is a question of what a computer owner allows.
In other words, authorization under the CFAA is an issue of consent, not conduct; to understand authorization, we need to understand consent. Building on Peter Westen’s taxonomy of consent, I argue …
Code Is Law, But Law Is Increasingly Determining The Ethics Of Code: A Comment, Jonathon Penney
Code Is Law, But Law Is Increasingly Determining The Ethics Of Code: A Comment, Jonathon Penney
Articles, Book Chapters, & Popular Press
“Code is Law”, the aphorism Larry Lessig popularized, spoke to the importance of computer code as a central regulating force in the Internet age. That remains true, but today, overreaching laws are also increasingly subjugating important social and ethics questions raised by code to the domain of law. Those laws — like the CFAA and DMCA — need to be curtailed or their zealous enforcement reigned; they deter not only legitimate research but also important related social and ethics questions. But researchers must act too: to re-assert control over the social, legal, and ethical direction of their fields. Otherwise, law …
Code Is Law, But Law Is Increasingly Determining The Ethics Of Code: A Comment, Jonathon Penney
Code Is Law, But Law Is Increasingly Determining The Ethics Of Code: A Comment, Jonathon Penney
Articles, Book Chapters, & Popular Press
“Code is Law”, the aphorism Larry Lessig popularized, spoke to the importance of computer code as a central regulating force in the Internet age. That remains true, but today, overreaching laws are also increasingly subjugating important social and ethics questions raised by code to the domain of law. Those laws — like the CFAA and DMCA — need to be curtailed or their zealous enforcement reigned; they deter not only legitimate research but also important related social and ethics questions. But researchers must act too: to re-assert control over the social, legal, and ethical direction of their fields. Otherwise, law …
Criminalizing Hacking, Not Dating: Reconstructing The Cfaa Intent Requirement, David Thaw
Criminalizing Hacking, Not Dating: Reconstructing The Cfaa Intent Requirement, David Thaw
Articles
Cybercrime is a growing problem in the United States and worldwide. Many questions remain unanswered as to the proper role and scope of criminal law in addressing socially-undesirable actions affecting and conducted through the use of computers and modern information technologies. This Article tackles perhaps the most exigent question in U.S. cybercrime law, the scope of activities that should be subject to criminal sanction under the Computer Fraud and Abuse Act (CFAA), the federal "anti-hacking" statute.
At the core of current CFAA debate is the question of whether private contracts, such as website "Terms of Use" or organizational "Acceptable Use …
Rights Of Access And The Shape Of The Internet, Michael J. Madison
Rights Of Access And The Shape Of The Internet, Michael J. Madison
Articles
This Article reviews recent developments in the law of access to information, that is, cases involving click-through agreements, the doctrine of trespass to chattels, the anti-circumvention provisions of the Digital Millennium Copyright Act, and civil claims under the Computer Fraud and Abuse Act. Though the objects of these different doctrines substantially overlap, the different doctrines yield different presumptions regarding the respective rights of information owners and information consumers. The Article reviews those presumptions in light of different metaphorical premises on which courts rely: Internet-as-place, in the trespass, DMCA, and CFAA contexts, and contract-as-assent, in the click-through context. It argues that …