Law Commons^™

Introduction To The Symposium On Digital Evidence, Melinda (M.J.) Durkee, Megiddo Tamar

Scholarship@WashULaw

The past few decades have seen radical advances in the availability and use of digital evidence in multiple areas of international law. Witnesses snap cellphone photos of unfolding atrocities and post them online, while others share updates in real time through messaging apps. Immigration officers search cell phones. Private citizens launch open-source online investigations. Investigators scrape social media posts. Digital experts verify authenticity with satellite geolocation. These new types of evidence and digitally facilitated methods and patterns of evidence gathering and analysis are revolutionizing the everyday practice of international law, drawing in an ever-wider circle of actors who can contribute …

Ransomware Groups On Notice: U.S. Cyber Operation Against Revil Is Permissible Under International Law, Justin Singh

American University International Law Review

The continued increase in the use of ransomware by cyber criminals has had a costly impact on businesses and organizations around the world. Ransomware groups continue to initiate attacks on businesses and organizations, and states have become increasingly concerned over the potential impact it may have on their critical infrastructure and economies. The United States’ recent acknowledgement of cyber operations against ransomware groups highlights the seriousness of the issue and exposes areas of international law that are complicated when applied to cyber operations against these groups. This Comment explores the relevant international law as it applies to the United States …

Securing Patent Law, Charles Duan

Articles in Law Reviews & Other Academic Journals

A vigorous conversation about intellectual property rights and national security has largely focused on the defense role of those rights, as tools for responding to acts of foreign infringement. But intellectual property, and patents in particular, also play an arguably more important offense role. Foreign competitor nations can obtain and assert U.S. patents against U.S. firms and creators. Use of patents as an offense strategy can be strategically coordinated to stymie domestic innovation and technological progress. This Essay considers current and possible future practices of patent exploitation in this offense setting, with a particular focus on China given the nature …

When Does A Cyber Crime Become An Act Of Cyber Warfare, Luke Dickeson

Theses/Capstones/Creative Projects

Since the existence of the online world, cyber attacks have been a threat. As the online world has developed and evolved so have the attacks on them. The advancement of technology has meant the advancement and increased complexity of cyber attacks.

Cyber attacks can be broken into two categories. The first is cyber crimes, and the second is cyber warfare. The difference between these two is not black and white, but rather a very murky grey. There is no agreed upon definitive line that separates cyber attacks and cyber crimes. This is because the definitions are so eerily similar, and …

Self-Defense To Cyber Force: Combatting The Notion Of 'Scale And Effect', Thomas Eaton

Scholarly Works

The ability to reach out, with a few keystrokes or a couple lines of code, through the interconnected world of cyberspace and create militarily advantageous effects 10,000 miles away has changed warfare as previously conceived, perhaps more than any other advancement in any other domain of war. Cyber weapons are weapons, and whatever law applies to conventional weapons equally applies to cyber weapons. Long before cyber operations were even science fiction, there was much debate over what constituted a use of force that would justify force in response. In many ways, the debate over what constitutes cyber-attacks has been pasted …

Promoting International Cybersecurity Cooperation: Lessons From The Proliferation Security Initiative, Duncan B. Hollis, Matthew C. Waxman

Faculty Scholarship

Global efforts by states to cooperate through international rules in combating cyber threats have generated mixed results, at best. In this paper, we examine the architecture of the Proliferation Security Initiative (PSI) as a possible model for future cybersecurity cooperation among interested states. We identify several features of PSI’s architecture (rather than its substantive focus on non-proliferation) for further analysis, including PSI’s low entry costs, tiered structure, and flexibility, as well as its leveraging of both territorial jurisdiction and state consent. We conclude that, despite several hurdles visible in the scope of its membership and its legal framework, PSI still …

New Kids On The Blockchain: How Bitcoin's Technology Could Reinvent The Stock Market, Larissa Lee

Larissa Lee

Bitcoin is the first and most successful digital currency in the world. It is polarized in the news almost daily, with either glowing reviews of the many benefits of an alternative and international currency, or doomsday predictions of anarchy, deflation, and another tulip bubble.This Article focuses on the truly innovative aspect of Bitcoin—and that which has gone mostly unnoticed since its inception—the technological platform used to transfer Bitcoin from one party to another. This technology is called the Blockchain. The Blockchain eschews a bank or other middleman and allows parties to transfer funds directly to one another, using a peer-to-peer …

Internet Governance Is Our Shared Responsibility, Vinton Cerf, Patrick Ryan, Max Senges

Patrick T. Ryan

This essay looks at the the different roles that institutions play in the Internet governance ecosystem. We propose a model for thinking of Internet governance within the context of the layered model of the Internet. We use the example of the negotiations in Dubai in 2102 at the World Conference on International Telecommunications to show why it is important for different institutions within the governance system to focus on their areas of expertise (e.g., the ITU, ICANN, and IGF). Several areas of conflict are reviewed, such as the desire to promote more broadband infrastructure (a topic that is in the …

Unpacking The International Law On Cybersecurity Due Diligence: Lessons From The Public And Private Sectors, Scott J. Shackelford

Scott Shackelford

Although there has been a relative abundance of work done on exploring the contours of the law of cyber war, far less attention has been paid to defining a law of cyber peace applicable below the armed attack threshold. Among the most important unanswered questions is what exactly nations’ due diligence obligations are to one another and to their respective private sectors. The International Court of Justice (“ICJ”) has not yet explicitly considered this topic, though it has ruled in the Corfu Channel case that one country’s territory should not be “used for acts that unlawfully harm other States.” But …

On Climate Change And Cyber Attacks: Leveraging Polycentric Governance To Mitigate Global Collective Action Problems, Scott J. Shackelford

Scott Shackelford

Although the atmosphere and cyberspace are distinct arenas, they share similar problems of overuse, difficulties of enforcement, and the associated challenges of collective inaction and free riders. Moreover, “[m]illions of actors affect the global atmosphere[,]” just as they do the Internet. With weather patterns changing, global sea levels rising, and temperatures set to exceed 1.5 degrees Celsius by 2100, climate change is a problem affecting the entire world, but one in which the benefits are dispersed and the harms are often concentrated. Similarly, much of the cost of cyber attacks is focused in a relatively small number of nations even …

Cybercrime: A Saudi And American Perspective, Hussam M. Alkanbashi

Hussam M. Alkanbashi

Cybercrime is one of the greatest threats facing the International community. Defined as criminal activity perpetrated using computers and the internet, cybercrime has developed into a trillion dollar a year industry, affecting millions of people around the world, as well as countless businesses and the governments of every nation. With nearly 431 million victims projected in 2015, cyber related crime is one of if not the most frequent, costly and pervasive crimes worldwide. This article examines and assesses the effectiveness of Saudi and American Cyber Laws in deterring the growing global threats posed by cybercrime. The article studies cyber identity …

Proactive Cybersecurity: A Comparative Industry And Regulatory Analysis, Scott J. Shackelford, Amanda Craig, Janine Hiller

Scott Shackelford

This Article analyzes recent business realities and regulatory trends shaping the proactive cybersecurity industry. To provide a framework for our discussion, we begin by describing the historical development of the industry and how it has been shaped by the applicable law in the United States and other G8 nations. We then catalogue the proactive cybersecurity practices of more than twenty companies, focusing on four case studies that we consider in the context of polycentric “global security assemblages.” Finally, we assess the emergence of proactive cybersecurity norms, both within industry and international law, and consider the implications of this movement on …

Toward A State-Centric Cyber Peace? Analyzing The Role Of National Cybersecurity Strategies In Enhancing Global Cybersecurity, Scott J. Shackelford, Andraz Kastelic

Scott Shackelford

There is a growing consensus that nations bear increasing responsibility for enhancing cybersecurity. A related recent trend has been the adoption of long-term strategic plans to help deter, protect, and defend against cyber threats. These national cybersecurity strategies outline a nation’s core values and goals in the realm of cybersecurity law and policy, from mitigating cybercrime and espionage to preparing for cyber warfare. This Article assesses the notion that nations bear the primary responsibility for managing cyber attacks and mitigating cybercrime by analyzing thirty-four national cybersecurity strategies as a vehicle to discover governance trends that could give rise to customary …

The Cycles Of Global Telecommunication Censorship And Surveillance, Jonathon Penney

Articles, Book Chapters, & Popular Press

Internet censorship and surveillance is on the rise globally and cyber-warfare increasing in scope and intensity. To help understand these new threats commentators have grasped at historical analogies often with little regard for historical complexity or international perspective. Unfortunately, helpful new works on telecommunications history have focused primarily on U.S. history with little focus on international developments. There is thus a need for further internationally oriented investigation of telecommunications technologies, and their history. This essay attempts to help fill that void, drawing on case studies wherein global telecommunications technologies have been disrupted or censored — telegram censorship and surveillance, high …

The Evolution Of The Digital Millennium Copyright Act; Changing Interpretations Of The Dmca And Future Implications For Copyright Holders, Hillary A. Henderson

Hillary A Henderson

Copyright law rewards an artificial monopoly to individual authors for their creations. This reward is based on the belief that, by granting authors the exclusive right to reproduce their works, they receive an incentive and means to create, which in turn advances the welfare of the general public by “promoting the progress of science and useful arts.” Copyright protection subsists . . . in original works of authorship fixed in any tangible medium of expression, now known or later developed, from which they can be perceived, reproduced, or otherwise communicated, either directly or with the aid of a machine or …

Flawed Transparency: Shared Data Collection And Disclosure Challenges For Google Glass And Similar Technologies, Jonathan I. Ezor

Jonathan I. Ezor

Current privacy law and best practices assume that the party collecting the data is able to describe and disclose its practices to those from and about whom the data are collected. With emerging technologies such as Google Glass, the information being collected by the wearer may be automatically shared to one or more third parties whose use may be substantially different from that of the wearer. Often, the wearer may not even know what information is being uploaded, and how it may be used. This paper will analyze the current state of U.S. law and compliance regarding personal information collection …

Social Media And Our Misconceptions Of The Realities, Richard Sanvenero Jr.

Richard Sanvenero Jr.

This article will review the current laws of the expectations of privacy under the two-pronged Katz test, and more specifically other cases that the courts have tried to interpret the test as applicable to social media such as Facebook, Instagram, Twitter, and e-mail. Since there seems to be “no light at the end of the tunnel” with any uniform decision within the courts on the Fourth Amendment protections against search and seizure when there is a reasonable expectation of privacy with social media. This reasonable expectation standard is developed by the users themselves who will allow their rights to be …

Private Fair Use: Strengthening Polish Copyright Protection Of Online Works By Looking To U.S. Copyright Law, Michal Pekala

Michal Pekala

No abstract provided.

A Submission To The Australian Law Reform Commission On Copyright And The Digital Economy: International Law, Matthew Rimmer Dr

Matthew Rimmer

The Australian Law Reform Commission poses a question in respect of international law in the issues paper on Copyright and the Digital Economy.Question 1. The ALRC is interested in evidence of how Australia’s copyright law is affecting participation in the digital economy. For example, is there evidence about how copyright law: a. affects the ability of creators to earn a living, including through access to new revenue streams and new digital goods and services; b. affects the introduction of new or innovative business models; c. imposes unnecessary costs or inefficiencies on creators or those wanting to access or make use …

A Submission To The New Zealand Government On The Plain Packaging Of Tobacco Products, Matthew Rimmer

Matthew Rimmer

EXECUTIVE SUMMARYThis submission draws upon a number of pieces of research and policy papers on the plain packaging of tobacco products including:1. Becky Freeman, Simon Chapman, and Matthew Rimmer, 'The Case for the Plain Packaging of Tobacco Products' (2008) 103 (4) Addiction 580-590.2. Matthew Rimmer, 'A Submission to the Senate Legal and Constitutional Committee on the Trade Marks Amendment (Tobacco Plain Packaging) Bill (Cth)', September 2011, https://senate.aph.gov.au/submissions/comittees/viewdocument.aspx?id=dabfcd75-9807-493f-bc99-4a7506bf493b3A. Matthew Rimmer, 'Tobacco's Mad Men Threaten Public Health', The Conversation, 23 September 2011, http://theconversation.edu.au/tobaccos-mad-men-threaten-public-health-34503B. Matthew Rimmer, 'Big Tobacco's Box Fetish: Plain Packaging at the High Court', The Conversation, 20 April 2012, https://theconversation.edu.au/big-tobaccos-box-fetish-plain-packaging-at-the-high-court-65183C. Matthew …

Threats Escalate: Corporate Information Technology Governance Under Fire, Lawrence J. Trautman

Lawrence J. Trautman Sr.

In a previous publication The Board’s Responsibility for Information Technology Governance, (with Kara Altenbaumer-Price) we examined: The IT Governance Institute’s Executive Summary and Framework for Control Objectives for Information and Related Technology 4.1 (COBIT®); reviewed the Weill and Ross Corporate and Key Asset Governance Framework; and observed “that in a survey of audit executives and board members, 58 percent believed that their corporate employees had little to no understanding of how to assess risk.” We further described the new SEC rules on risk management; Congressional action on cyber security; legal basis for director’s duties and responsibilities relative to IT governance; …

Data Protection: Idealisms And Realisms, Rebecca Wong Dr

Dr Rebecca Wong

Following proposals to consider revising the Data Protection Directive 95/46/EC (DPD) in 2011, have the changes addressed the main areas of concern that have been the focus of much discussion? The areas of concern include the application of the Directive in the online age, particularly to social networking sites and cloud computing; the minimum/maximum standard approach by the EU Member States to data protection; the relevance and application of the data protection principles. These are some of the issues that were considered in the recent Art. 29 Working Party’s Opinion on the Future of Privacy. The article will use this …

Communications Disruption And Censorship Under International Law: History Lessons, Jonathon Penney

Articles, Book Chapters, & Popular Press

With Internet censorship on the rise around the world, a variety of tools have proliferated to assist Internet users to circumvent such censorship. However, there are few studies examining the implications of censorship circumvention under international law, and its related politics. This paper aims to help fill some of that void, with an examination of case studies wherein global communications technologies have been disrupted or censored — telegram cable cutting and censorship, high frequency radio jamming, and direct broadcast satellite blocking — and how the world community responded to that disruption or censorship through international law and law making. In …

Cloud Computing Providers And Data Security Law: Building Trust With United States Companies, Jared A. Harshbarger Esq.

Jared A. Harshbarger

Cloud computing and software-as-a-service (SaaS) models are revolutionizing the information technology industry. As these services become more prevalent, data security and privacy concerns will also rise among consumers and the companies who consider using them. Cloud computing providers must establish a sufficient level of trust with their potential customers in order to ease initial fears - and ensure certain compliance obligations will be met - at least to the extent that any such inquiring customer will feel comfortable enough to ultimately take the irreversible step of releasing their sensitive data and personal information into the cloud.

The Future Of Privacy, Rebecca Wong Dr

Dr Rebecca Wong

The Art. 29 Working Party (hereinafter “Art. 29 WP”) is an influential body comprised of representatives from the Member State Data Protection Authorities2 established under the Data Protection Directive 95/46/EC, has recently issued an opinion with the Working Party on Police and Justice. This is quite significant, since the opinion sets out some of the issues that will need to be addressed in the lead up to the revision of the Data Protection Directive 95/46/EC.3 This comes at a time, when there have been discussions on the current application of the European Data Protection Directive to the internet,4 (such as …

Social Networking: A Conceptual Analysis Of A Data Controller, Rebecca Wong

Dr Rebecca Wong

This article updates a working party looking at the definition of a "data controller" under the Data Protection Directive 95/46/EC within the context of a social networking environment. In brief, the article considers twhether the phenomenom of social networking (through Facebook (FB), MySpace and Bebo) has produced unintended consequences in the interpretation and application of the Data Protection Directive 95/46/EC to the online environment. The Data Protection Directive 95/46/EC defines a "data controller" broadly to refer to the 'natural or legal person, public authority, agency or any other body which alone or jointly with others determines the purposes and means …

Network Neutrality: Laissez Faire Approach Or Not?, Rebecca Wong Dr

Dr Rebecca Wong

The paper discusses the topical subject of network neutrality, from a US and European legal perspective. Whilst acknowledging the plethora of literature on network neutrality, it argues that regulation in favour of network neutrality should not be confined with the US/European borders but that network neutrality should be addressed from a global perspective through the OECD/WTO. The article will begin by defining network neutrality, before discussing the technology underpinning network neutrality. It will compare the different legal approaches adopted by Europe and the US to the regulation of network neutrality. In Europe, there is an existing electronic communications regulatory framework, …

A Complete Property Right Amendment, John H. Ryskamp

ExpressO

The trend of the eminent domain reform and "Kelo plus" initiatives is toward a comprehensive Constitutional property right incorporating the elements of level of review, nature of government action, and extent of compensation. This article contains a draft amendment which reflects these concerns.

Data Privacy, Data Piracy: Can India Provide Adequate Protection For Electronically Transferred Data?, Vinita Bali

ExpressO

As the wave of outsourcing to India swells, there is growing concern about the inadequacies of the India legal system in protecting data being transferred to it from other nations for the purpose of processing. India has a smattering of laws that scantily address the issue of data privacy. Under pressure from the business processing industry in India, as well as from the European Union and other nations, it is but a matter of time before India adopts a slate of laws that address the issue of data protection. Once these laws are enacted, the main issue that remains is …

Bond Repudiation, Tax Codes, The Appropriations Process And Restitution Post-Eminent Domain Reform, John H. Ryskamp

ExpressO

This brief comment suggests where the anti-eminent domain movement might be heading next.