Law Commons^™

Governing Smart Cities As Knowledge Commons - Introduction, Chapter 1 & Conclusion, Brett M. Frischmann, Michael J. Madison, Madelyn Sanfilippo

Book Chapters

Smart city technology has its value and its place; it isn’t automatically or universally harmful. Urban challenges and opportunities addressed via smart technology demand systematic study, examining general patterns and local variations as smart city practices unfold around the world. Smart cities are complex blends of community governance institutions, social dilemmas that cities face, and dynamic relationships among information and data, technology, and human lives. Some of those blends are more typical and common. Some are more nuanced in specific contexts. This volume uses the Governing Knowledge Commons (GKC) framework to sort out relevant and important distinctions. The framework grounds …

Securing Patent Law, Charles Duan

Articles in Law Reviews & Other Academic Journals

A vigorous conversation about intellectual property rights and national security has largely focused on the defense role of those rights, as tools for responding to acts of foreign infringement. But intellectual property, and patents in particular, also play an arguably more important offense role. Foreign competitor nations can obtain and assert U.S. patents against U.S. firms and creators. Use of patents as an offense strategy can be strategically coordinated to stymie domestic innovation and technological progress. This Essay considers current and possible future practices of patent exploitation in this offense setting, with a particular focus on China given the nature …

An Essay About Privacy, Ronald Griffin

Journal Publications

Jessye Norman was an American opera singer. She died on October 1, 2019. On October 2, 2019, my wife got a grim diagnosis that put me in a stupor and reminded me, now more than ever, that my generation (that did so much good in the world) stands in line waiting for the Grim Reaper’s call. In a seventy-years (that have gone by too fast) I have watched my peers run from the realms of privacy, spaces where people implemented life plans uninterrupted by neighbours that were discernible, palpable, and real to everybody, to a realm where there is none. …

Content Moderation As Surveillance, Hannah Bloch-Wehba

Faculty Scholarship

Technology platforms are the new governments, and content moderation is the new law, or so goes a common refrain. As platforms increasingly turn toward new, automated mechanisms of enforcing their rules, the apparent power of the private sector seems only to grow. Yet beneath the surface lies a web of complex relationships between public and private authorities that call into question whether platforms truly possess such unilateral power. Law enforcement and police are exerting influence over platform content rules, giving governments a louder voice in supposedly “private” decisions. At the same time, law enforcement avails itself of the affordances of …

Platforms, Encryption, And The Cfaa: The Case Of Whatsapp V Nso Group, Jonathon Penney, Bruce Schneier

Articles, Book Chapters, & Popular Press

End-to-end encryption technology has gone mainstream. But this wider use has led hackers, cybercriminals, foreign governments, and other threat actors to employ creative and novel attacks to compromise or workaround these protections, raising important questions as to how the Computer Fraud and Abuse Act (CFAA), the primary federal anti-hacking statute, is best applied to these new encryption implementations. Now, after the Supreme Court recently narrowed the CFAA’s scope in Van Buren and suggested it favors a code-based approach to liability under the statute, understanding how best to theorize sophisticated code-based access barriers like end-to-end encryption, and their circumvention, is now …

The New Bailments, Danielle D'Onfro

Scholarship@WashULaw

The rise of cloud computing has dramatically changed how consumers and firms store their belongings. Property that owners once managed directly now exists primarily on infrastructure maintained by intermediaries. Consumers entrust their photos to Apple instead of scrapbooks; businesses put their documents on Amazon’s servers instead of in file cabinets; seemingly everything runs in the cloud. Were these belongings tangible, the relationship between owner and intermediary would be governed by the common-law doctrine of bailment. Bailments are mandatory relationships formed when one party entrusts their property to another. Within this relationship, the bailees owe the bailors a duty of care …

Legislating Data Loyalty, Woodrow Hartzog, Neil Richards

Faculty Scholarship

Lawmakers looking to embolden privacy law have begun to consider imposing duties of loyalty on organizations trusted with people’s data and online experiences. The idea behind loyalty is simple: organizations should not process data or design technologies that conflict with the best interests of trusting parties. But the logistics and implementation of data loyalty need to be developed if the concept is going to be capable of moving privacy law beyond its “notice and consent” roots to confront people’s vulnerabilities in their relationship with powerful data collectors.

In this short Essay, we propose a model for legislating data loyalty. Our …

Submission To The Province Of Nova Scotia On Its Review Of The Intimate Images And Cyber-Protection Act - Leaf, Suzie Dunn, Rosel Kim

Reports & Public Policy Documents

The Women’s Legal Education and Action Fund (LEAF) commends the Nova Scotia government for reviewing its Intimate Images and Cyber-protection Act (the Act) and seeking public input for this review. Nova Scotia has been, and continues to be, a leader in Canada for its role in advancing innovative laws and supports for people targeted by technology-facilitated violence (TFV), digital abuse, and the non-consensual distribution of intimate images (NCDII). As these forms of harmful behaviour evolve and become better understood, it is important to revisit this legislation to assess whether it is providing meaningful and accessible responses to such serious social …

The Right To Contest Ai, Margot E. Kaminski, Jennifer M. Urban

Publications

Artificial intelligence (AI) is increasingly used to make important decisions, from university admissions selections to loan determinations to the distribution of COVID-19 vaccines. These uses of AI raise a host of concerns about discrimination, accuracy, fairness, and accountability.

In the United States, recent proposals for regulating AI focus largely on ex ante and systemic governance. This Article argues instead—or really, in addition—for an individual right to contest AI decisions, modeled on due process but adapted for the digital age. The European Union, in fact, recognizes such a right, and a growing number of institutions around the world now call for …

Artificial Intelligence And Trade, Anupam Chander

Georgetown Law Faculty Publications and Other Works

Artificial Intelligence is already powering trade today. It is crossing borders, learning, making decisions, and operating cyber-physical systems. It underlies many of the services that are offered today – from customer service chatbots to customer relations software to business processes. The chapter considers AI regulation from the perspective of international trade law. It argues that foreign AI should be regulated by governments – indeed that AI must be ‘locally responsible’. The chapter refutes arguments that trade law should not apply to AI and shows how the WTO agreements might apply to AI using two hypothetical cases . The analysis reveals …

Good Health And Good Privacy Go Hand-In-Hand (Originally Published By Jnslp), Jennifer Daskal

Joint PIJIP/TLS Research Paper Series

No abstract provided.

The Law Of Black Mirror - Syllabus, Yafit Lev-Aretz, Nizan Packin

Open Educational Resources

Using episodes from the show Black Mirror as a study tool - a show that features tales that explore techno-paranoia - the course analyzes legal and policy considerations of futuristic or hypothetical case studies. The case studies tap into the collective unease about the modern world and bring up a variety of fascinating key philosophical, legal, and economic-based questions.

Is Data Localization A Solution For Schrems Ii?, Anupam Chander

Georgetown Law Faculty Publications and Other Works

For the second time this decade, the Court of Justice of the European Union has struck a blow against the principal mechanisms for personal data transfer to the United States. In Data Protection Commissioner v Facebook Ireland, Maximillian Schrems, the Court declared the EU-US Privacy Shield invalid and placed significant hurdles to the process of transferring personal data from the European Union to the United States via the mechanism of Standard Contractual Clauses. Many have begun to suggest data localization as the solution to the problem of data transfer; that is, don’t transfer the data at all. I argue …

Politics Of Adversarial Machine Learning, Kendra Albert, Jonathon Penney, Bruce Schneier, Ram Shankar Siva Kumar

Articles, Book Chapters, & Popular Press

In addition to their security properties, adversarial machine-learning attacks and defenses have political dimensions. They enable or foreclose certain options for both the subjects of the machine learning systems and for those who deploy them, creating risks for civil liberties and human rights. In this paper, we draw on insights from science and technology studies, anthropology, and human rights literature, to inform how defenses against adversarial attacks can be used to suppress dissent and limit attempts to investigate machine learning systems. To make this concrete, we use real-world examples of how attacks such as perturbation, model inversion, or membership inference …

Ethical Testing In The Real World: Evaluating Physical Testing Of Adversarial Machine Learning, Kendra Albert, Maggie Delano, Jonathon Penney, Afsaneh Ragot, Ram Shankar Siva Kumar

Articles, Book Chapters, & Popular Press

This paper critically assesses the adequacy and representativeness of physical domain testing for various adversarial machine learning (ML) attacks against computer vision systems involving human subjects. Many papers that deploy such attacks characterize themselves as “real world.” Despite this framing, however, we found the physical or real-world testing conducted was minimal, provided few details about testing subjects and was often conducted as an afterthought or demonstration. Adversarial ML research without representative trials or testing is an ethical, scientific, and health/safety issue that can cause real harms. We introduce the problem and our methodology, and then critique the physical domain testing …

Law School News: Logan To Serve As Adviser On Restatement Third Of Torts 11-07-2019, Michael M. Bowden

Life of the Law School (1993- )

No abstract provided.

Linn Foster Freedman Room Dedication At Rwu School Of Law 11-01-2019, Roger Williams University School Of Law, Michael M. Bowden

School of Law Conferences, Lectures & Events

No abstract provided.

Review Of Ian Kerr And Jane Bailey, The Implications Of Digital Rights Management For Privacy And Freedom Of Expression, 2 Journal Of Information, Communication & Ethics In Society 87 (2004), Ann Bartow

Law Faculty Scholarship

Ian Kerr, who passed away far too young in 2019, was an incisive scholar and a much treasured colleague. The wit that sparkled in his papers was matched only by his warmth toward his friends, of whom there were many. He and his many co-authors wrote with deep insight and an equally deep humanity about copyright, artificial intelligence, privacy, torts, and much much more.

Ian was also a valued contributor to the Jotwell Technology Law section. His reviews here display the same playful generosity that characterized everything else he did. In tribute to his memory, we are publishing a memorial …

Towards Standard Information Privacy, Innovations Of The New General Data Protection Regulation, Ali Alibeigi, Abu Bakar Munir, Md Ershadulkarim, Adeleh Asemi

Library Philosophy and Practice (e-journal)

Protection of personal data in recent decades became more crucial affecting by emergence of the new technologies especially computer, internet, information and communications technology. However, Europeans felt this necessity at time and provided for up-to-date and supportive laws. The General Data Protection Regulation (GDPR) is the latest legislation in EU to protect personal data of individuals based on the recent technological advancements. However, its’ domestic and international output still is debatable. This doctrinal legal study by using descriptive methods, aimed to evaluate the GDPR through analyzing and interpreting its’ provisions by especial focus on its’ innovations. The results show that …

Binary Governance: Lessons From The Gdpr’S Approach To Algorithmic Accountability, Margot E. Kaminski

Publications

Algorithms are now used to make significant decisions about individuals, from credit determinations to hiring and firing. But they are largely unregulated under U.S. law. A quickly growing literature has split on how to address algorithmic decision-making, with individual rights and accountability to nonexpert stakeholders and to the public at the crux of the debate. In this Article, I make the case for why both individual rights and public- and stakeholder-facing accountability are not just goods in and of themselves but crucial components of effective governance. Only individual rights can fully address dignitary and justificatory concerns behind calls for regulating …

The Right To Explanation, Explained, Margot E. Kaminski

Publications

Many have called for algorithmic accountability: laws governing decision-making by complex algorithms, or AI. The EU’s General Data Protection Regulation (GDPR) now establishes exactly this. The recent debate over the right to explanation (a right to information about individual decisions made by algorithms) has obscured the significant algorithmic accountability regime established by the GDPR. The GDPR’s provisions on algorithmic accountability, which include a right to explanation, have the potential to be broader, stronger, and deeper than the preceding requirements of the Data Protection Directive. This Essay clarifies, largely for a U.S. audience, what the GDPR actually requires, incorporating recently released …

A Skeptical View Of Information Fiduciaries, Lina M. Khan, David E. Pozen

Faculty Scholarship

The concept of “information fiduciaries” has surged to the forefront of debates on online-platform regulation. Developed by Professor Jack Balkin, the concept is meant to rebalance the relationship between ordinary individuals and the digital companies that accumulate, analyze, and sell their personal data for profit. Just as the law imposes special duties of care, confidentiality, and loyalty on doctors, lawyers, and accountants vis-à-vis their patients and clients, Balkin argues, so too should it impose special duties on corporations such as Facebook, Google, and Twitter vis-à-vis their end users. Over the past several years, this argument has garnered remarkably broad support …

The Role Of Satellites And Smart Devices: Data Surprises And Security, Privacy, And Regulatory Challenges, Anne T. Mckenna, Amy C. Gaudion, Jenni L. Evans

Faculty Scholarly Works

Strava, a popular social media platform and mobile app like Facebook but specifically designed for athletes, posts a “heatmap” with consensually-obtained details about users’ workouts and geolocation. Strava’s heatmap depicts aggregated data of user location and movement by synthesizing GPS satellite data points and movement data from users’ smart devices together with satellite imagery. In January of 2018, a 20-year-old student tweeted that Strava’s heatmap revealed U.S. forward operating bases. The tweet revealed a significant national security issue and flagged substantial privacy and civil liberty concerns.

Smart devices, software applications, and social media platforms aggregate consumer data from multiple data …

Right To Privacy, A Complicated Concept To Review, Ali Alibeigi, Abu Bakar Munir, Md Ershadul Karim

Library Philosophy and Practice (e-journal)

The Concept and definition of the privacy has been changed during the time affecting by different factors. At the same time, the boundaries of privacy may differ from one place to another affecting by the culture, religion, etc. Nonetheless, there is not a unique general accepted definition for the privacy. Privacy has been considered from different disciplines like sociology, psychology, law and philosophy. It is a multidisciplinary domain, having an easy concept but difficult to define. However, by reviewing all different viewpoints, it can be concluded that privacy is an individual tendency, wish and natural need to be away from …

The Gdpr’S Version Of Algorithmic Accountability, Margot Kaminski

Publications

No abstract provided.

Innovation And Tradition: A Survey Of Intellectual Property And Technology Legal Clinics, Cynthia L. Dahl, Victoria F. Phillips

All Faculty Scholarship

For artists, nonprofits, community organizations and small-business clients of limited means, securing intellectual property rights and getting counseling involving patent, copyright and trademark law are critical to their success and growth. These clients need expert IP and technology legal assistance, but very often cannot afford services in the legal marketplace. In addition, legal services and state bar pro bono programs have generally been ill-equipped to assist in these more specialized areas. An expanding community of IP and Technology clinics has emerged across the country to meet these needs. But while law review articles have described and examined other sectors of …

Artificial Intelligence In Health Care: Applications And Legal Implications, W. Nicholson Price Ii

Articles

Artificial intelligence (AI) is rapidly moving to change the healthcare system. Driven by the juxtaposition of big data and powerful machine learning techniques—terms I will explain momentarily—innovators have begun to develop tools to improve the process of clinical care, to advance medical research, and to improve efficiency. These tools rely on algorithms, programs created from healthcare data that can make predictions or recommendations. However, the algorithms themselves are often too complex for their reasoning to be understood or even stated explicitly. Such algorithms may be best described as “black-box.” This article briefly describes the concept of AI in medicine, including …

Ispy: Threats To Individual And Institutional Privacy In The Digital World, Lori Andrews

All Faculty Scholarship

What type of information is collected, who is viewing it, and what law librarians can do to protect their patrons and institutions.

Ancient Worries And Modern Fears: Different Roots And Common Effects Of U.S. And Eu Privacy Regulation, David Thaw, Pierluigi Perri

Articles

Much legal and technical scholarship discusses the differing views of the United States and European Union toward privacy concepts and regulation. A substantial amount of effort in recent years, in both research and policy, focuses on attempting to reconcile these viewpoints searching for a common framework with a common level of protection for citizens from both sides of Atlantic. Reconciliation, we argue, misunderstands the nature of the challenge facing effective cross-border data flows. No such reconciliation can occur without abdication of some sovereign authority of nations, that would require the adoption of an international agreement with typical tools of international …

Cybersecurity Stovepiping, David Thaw

Articles

Most readers of this Article probably have encountered – and been frustrated by – password complexity requirements. Such requirements have become a mainstream part of contemporary culture: "the more complex your password is, the more secure you are, right?" So the cybersecurity experts tell us… and policymakers have accepted this "expertise" and even adopted such requirements into law and regulation.

This Article asks two questions. First, do complex passwords actually achieve the goals many experts claim? Does using the password "Tr0ub4dor&3" or the passphrase "correcthorsebatterystaple" actually protect your account? Second, if not, then why did such requirements become so widespread? …