Open Access. Powered by Scholars. Published by Universities.®

Law Commons

Open Access. Powered by Scholars. Published by Universities.®

Data security

Discipline
Institution
Publication Year
Publication
Publication Type
File Type

Articles 61 - 83 of 83

Full-Text Articles in Law

Best Practices And The State Of Information Security, Kevin Cronin Jun 2009

Best Practices And The State Of Information Security, Kevin Cronin

Chicago-Kent Law Review

The forces of globalization, together with widely available industry standards and best practices, and heightened state legislative activity, are driving the U.S. towards a more unified approach to data security. But the success of this unified approach requires more than free market efficiency and innovation. In order to maintain a state of evolutionary equilibrium in the global information economy, the U.S. must move from a fragmented approach towards data security and privacy standards, towards a more comprehensive set of standards with new penalties and effective enforcement, to better reflect the inherent value of personal data in today's global marketplace.

Go to article

Patenting Cryptographic Technology, Greg Vetter Jun 2009

Patenting Cryptographic Technology, Greg Vetter

Chicago-Kent Law Review

The policy concerns intersecting patent law and cryptographic technology relate to the technology's beneficial uses in securing information in a commercial and social fabric that increasingly relies on computing and electronic communications for its makeup. The presence of patenting in a technology can impact diffusion of interoperable technology. Standardized embeddable cryptography facilitates its supply. Patent law for several decades has waxed and waned in its embrace of software implemented inventions rooted in abstract ideas such as the mathematics and mathematical algorithms underlying modern cryptography. This article documents the growth of cryptographic patenting. Then, in light of this growth and patent …

Go to article

Data Collection And Leakage, Philip Howard, Kris Erickson Jun 2009

Data Collection And Leakage, Philip Howard, Kris Erickson

Chicago-Kent Law Review

Every year millions of digital records containing personally identifiable information are exposed. When are malicious hackers to blame, and when is it organizational malfeasance? Which kinds of organizations—private firms, government agencies, or educational institutions—lose the most data? With over 1.9 billion records lost (on average that's 9 records per U.S. adult), a surprising number of breaches can be attributed to organizational practices.

Go to article

Trade Secrets, Data Security And Employees, Elizabeth Rowe Jun 2009

Trade Secrets, Data Security And Employees, Elizabeth Rowe

Chicago-Kent Law Review

This essay argues that data security is important to the protection of trade secret information, and that trusted employees on the inside pose the biggest threat to the protection of trade secrets. While investments in technical measures such as firewalls and encryption are important, it is also necessary for companies to consider the internal threats from employees when creating corporate security programs. Ultimately, a more comprehensive approach that includes technical and human elements, as well as consideration of inside and outside threats is likely to be more effective in the battle to secure data.

Go to article

Returning To A Principled Basis For Data Protection, Gus Hosein Jun 2009

Returning To A Principled Basis For Data Protection, Gus Hosein

Chicago-Kent Law Review

Society must remain conscious of both pragmatic and principle-based rationales for information security rules. The identity card debate in the United Kingdom provides an example of exactly why a governmental information security approach that is sensitive to civil liberties would be the best approach to data protection. In contrast, we should be cautious of a balancing test that places security in parity with civil liberties and, therefore, erroneously allows pragmatism to triumph over principle.

Go to article

Optimal Hackback, Jay P. Kesan, Ruperto Majuca Jun 2009

Optimal Hackback, Jay P. Kesan, Ruperto Majuca

Chicago-Kent Law Review

Professor Jay Kesan from the University of Illinois College of Law, in joint work with Ruperto Majuca of the University of Illinois Department of Economics, argue in favor of legal rules that allow "hacking [data] back" in certain business circumstances. They analyze the strategic interaction between the hacker and the attacked company or individual and conclude that neither total prohibition nor unrestrained permission of hack-back is optimal. Instead, they argue that when other alternatives such as criminal enforcement and litigation are ineffective, self-defense is the best response to cybercrime because there is a high likelihood of correctly attacking the criminal, …

Go to article

Information Security, Contract And Liability, Jennifer Chandler Jun 2009

Information Security, Contract And Liability, Jennifer Chandler

Chicago-Kent Law Review

Various common provisions in software end user license agreements undermine cyber security. These include anti-benchmarking provisions and broad exclusions of liability. These short comments suggest that courts and legislatures should take steps to limit the enforceability of contractual provisions that undermine cyber security.

Go to article

Reasons Why We Should Amend The Constitution To Protect Privacy, Deborah Pierce Jun 2009

Reasons Why We Should Amend The Constitution To Protect Privacy, Deborah Pierce

Chicago-Kent Law Review

Threats to consumer privacy are many, and varied. Some threats come from corporate entities such as data aggregators and social networking sites; while others come from panoptics government surveillance systems such as Secure Flight. Not only can the data be compromised, but consumers may be adversely affected by incorrect information in their files. The time may be right to explicitly protect privacy via a constitutional amendment to the U.S. Constitution.

Go to article

The U.S. Discovery-Eu Privacy Directive Conflict: Constructing A Three-Tiered Compliance Strategy, Carla L. Reyes Jan 2009

The U.S. Discovery-Eu Privacy Directive Conflict: Constructing A Three-Tiered Compliance Strategy, Carla L. Reyes

Duke Journal of Comparative & International Law

No abstract provided.

Go to article

Dos And Don'ts Of Data Breach And Information Security Policy, Fred H. Cate, Martin E. Abrams, Paula J. Bruening, Orson Swindle Jan 2009

Dos And Don'ts Of Data Breach And Information Security Policy, Fred H. Cate, Martin E. Abrams, Paula J. Bruening, Orson Swindle

Articles by Maurer Faculty

No abstract provided.

Go to article

Privacy Protection: When Is “Adequate” Actually Adequate?, Nikhil S. Palekar Apr 2008

Privacy Protection: When Is “Adequate” Actually Adequate?, Nikhil S. Palekar

Duke Journal of Comparative & International Law

No abstract provided.

Go to article

E-Contract Doctrine 2.0: Standard Form Contracting In The Age Of Online User Participation , Shmuel I. Becher, Tal Z. Zarsky Jan 2008

E-Contract Doctrine 2.0: Standard Form Contracting In The Age Of Online User Participation , Shmuel I. Becher, Tal Z. Zarsky

Michigan Telecommunications & Technology Law Review

The growing popularity of e-commerce transactions revives the perennial question of consumer contract law: should non-salient provisions of consumer standard form contracts be enforced? With the focus presently on an ex-ante analysis, scholars debate whether consumers can and should read standardized terms at the time of contracting. In today's information age, such a focus might be misguided. The online realm furnishes various tools, so-called "Web 2.0" applications, which encourage the flow of information from experienced to prospective consumers. This Article, therefore, reframes the analysis of online consumer contracts while taking into account this new flow of information. In doing so, …

Go to article

When Mobile Phones Are Rfid-Equipped - Finding E.U.-U.S. Solutions To Protect Consumer Privacy And Facilitate Mobile Commerce, Nancy J. King Jan 2008

When Mobile Phones Are Rfid-Equipped - Finding E.U.-U.S. Solutions To Protect Consumer Privacy And Facilitate Mobile Commerce, Nancy J. King

Michigan Telecommunications & Technology Law Review

New mobile phones have been designed to include delivery of mobile advertising and other useful location-based services, but have they also been designed to protect consumers' privacy? One of the key enabling technologies for these new types of phones and new mobile services is Radio Frequency Identification (RFID), a wireless communication technology that enables the unique identification of tagged objects. In the case of RFID-enabled mobile phones, the personal nature of the devices makes it very likely that, by locating a phone, businesses will also be able to locate its owner. Consumers are currently testing new RFID-enabled phones around the …

Go to article

Opinionated Software, Meiring De Villiers Jan 2008

Opinionated Software, Meiring De Villiers

Vanderbilt Journal of Entertainment & Technology Law

Information security is an important and urgent priority in the computer systems of corporations, governments, and private users. Malevolent software, such as computer viruses and worms, constantly threatens the confidentiality, integrity, and availability of digital information. Virus detection software announces the presence of a virus in a program by issuing a virus alert. A virus alert presents two conflicting legal issues. A virus alert, as a statement on an issue of great public concern, merits protection under the First Amendment. The reputational interest of a plaintiff disparaged by a virus alert, on the other hand, merits protection under the law …

Go to article

Information Security Breaches: Looking Back & Thinking Ahead, Fred H. Cate Jan 2008

Information Security Breaches: Looking Back & Thinking Ahead, Fred H. Cate

Articles by Maurer Faculty

No abstract provided.

Go to article

Information Governance: A Model For Security In Medical Practice, Patricia A. Williams Jan 2007

Information Governance: A Model For Security In Medical Practice, Patricia A. Williams

Journal of Digital Forensics, Security and Law

Information governance is becoming an important aspect of organisational accountability. In consideration that information is an integral asset of most organisations, the protection of this asset will increasingly rely on organisational capabilities in security. In the medical arena this information is primarily sensitive patient-based information. Previous research has shown that application of security measures is a low priority for primary care medical practice and that awareness of the risks are seriously underestimated. Consequently, information security governance will be a key issue for medical practice in the future. Information security governance is a relatively new term and there is little existing …

Go to article

'Code' And The Slow Erosion Of Privacy, Bert-Jaap Koops, Ronald Leenes Sep 2005

'Code' And The Slow Erosion Of Privacy, Bert-Jaap Koops, Ronald Leenes

Michigan Telecommunications & Technology Law Review

The notion of software code replacing legal code as a mechanism to control human behavior--"code as law"--is often illustrated with examples in intellectual property and freedom of speech. This Article examines the neglected issue of the impact of "code as law" on privacy. To what extent is privacy-related "code" being used, either to undermine or to enhance privacy? On the basis of cases in the domains of law enforcement, national security, E-government, and commerce, it is concluded that technology rarely incorporates specific privacy-related norms. At the same time, however, technology very often does have clear effects on privacy, as it …

Go to article

Snake-Oil Security Claims The Systematic Misrepresentation Of Product Security In The E-Commerce Arena, John R. Michener, Steven D. Mohan, James B. Astrachan, David R. Hale Apr 2003

Snake-Oil Security Claims The Systematic Misrepresentation Of Product Security In The E-Commerce Arena, John R. Michener, Steven D. Mohan, James B. Astrachan, David R. Hale

Michigan Telecommunications & Technology Law Review

The modern commercial systems and software industry in the United States have grown up in a snake-oil salesman's paradise. The largest sector of this industry by far is composed of standard commercial systems that are marketed to provide specified functionality (e.g. Internet web server, firewall, router, etc.) Such products are generally provided with a blanket disclaimer stating that the purchaser must evaluate the suitability of the product for use, and that the user assumes all liability for product behavior. In general, users cannot evaluate and cannot be expected to evaluate the security claims of a product. The ability to analyze …

Go to article

The Emergence Of Website Privacy Norms, Steven A. Hetcher Jun 2001

The Emergence Of Website Privacy Norms, Steven A. Hetcher

Michigan Telecommunications & Technology Law Review

Part I of the Article will first look at the original privacy norms that emerged at the Web's inception in the early 1990s. Two groups have been the main contributors to the emergence of these norms; the thousands of commercial websites on the early Web, on the one hand, and the millions of users of the early Web, on the other hand. The main structural feature of these norms was that websites benefitted through the largely unrestricted collection of personal data while consumers suffered injury due to the degradation of their personal privacy from this data collection. In other words, …

Go to article

Database Protection: Resolving The U.S. Database Dilemma With An Eye Toward International Protection, Michael Freno Jan 2001

Database Protection: Resolving The U.S. Database Dilemma With An Eye Toward International Protection, Michael Freno

Cornell International Law Journal

No abstract provided.

Go to article

Establishing A Legitimate Expectation Of Privacy In Clickstream Data, Gavin Skok Jun 2000

Establishing A Legitimate Expectation Of Privacy In Clickstream Data, Gavin Skok

Michigan Telecommunications & Technology Law Review

This Article argues that Web users should enjoy a legitimate expectation of privacy in clickstream data. Fourth Amendment jurisprudence as developed over the last half-century does not support an expectation of privacy. However, reference to the history of the Fourth Amendment and the intent of its drafters reveals that government investigation and monitoring of clickstream data is precisely the type of activity the Framers sought to limit. Courts must update outdated methods of expectation of privacy analysis to address the unique challenges posed by the Internet in order to fulfill the Amendment's purpose. Part I provides an overview of the …

Go to article

Encryption’S Importance To Economic And Infrastructure Security, F. Lynn Mcnulty Apr 1999

Encryption’S Importance To Economic And Infrastructure Security, F. Lynn Mcnulty

Duke Journal of Comparative & International Law

No abstract provided.

Go to article

Personal Privacy In The Computer Age: The Challenge Of A New Technology In An Information-Oriented Society, Arthur R. Miller Apr 1969

Personal Privacy In The Computer Age: The Challenge Of A New Technology In An Information-Oriented Society, Arthur R. Miller

Michigan Law Review

The purpose of this Article is to survey the new technology's implications for personal privacy and to evaluate the contemporary common-law and statutory pattern relating to data-handling. In the course of this examination, it will appraise the existing framework's capacity to deal with the problems created by society's growing awareness of the primordial character of information. The Article is intended to be suggestive; any attempt at definitiveness would be premature. Avowedly, it was written with the bias of one who believes that the new information technology has enormous long-range societal implications and who is concerned about the consequences of the …

Go to article

First Prev