Law Commons^™

Regulatory Sandboxes Enable Pragmatic Blockchain Regulation, Joshua Durham

Washington Journal of Law, Technology & Arts

Since blockchain technology supports digitally-native money, the centralized chokepoints that governments have traditionally targeted to regulate commerce no longer apply to our (digital) property. However, competent regulation furthers basic public policy goals and should enable responsible innovation of this promising technology. This Article discusses pragmatic policies that enable responsible innovation by cultivating regulatory expertise required to write enforceable rules. Responsible innovation is necessary because unlike the early internet, where programmers could manipulate simple colors and text on webpages, these same individuals can now create financial services applications that manipulate actual money—we are faced with an inescapable reality that more is …

The Three Laws: The Chinese Communist Party Throws Down The Data Regulation Gauntlet, William Chaskes

Washington and Lee Law Review

Criticism of the Chinese Communist Party (CCP) runs a wide gamut. Accusations of human rights abuses, intellectual property theft, authoritarian domestic policies, disrespecting sovereign borders, and propaganda campaigns all have one common factor: the CCP’s desire to control information. Controlling information means controlling data. Lurking beneath the People’s Republic of China’s (PRC) tumultuous relationship with the rest of the world is the fight between nations to control their citizens’ data while also keeping it out of the hands of adversaries. The CCP’s Three Laws are its newest weapon in this data war.

One byproduct of the CCP’s emphasis on controlling …

Small Business Cybersecurity: A Loophole To Consumer Data, Matthew R. Espinosa

The Scholar: St. Mary's Law Review on Race and Social Justice

Small businesses and small minority owned businesses are vital to our nation’s economy; therefore legislation, regulation, and policy has been created in order to assist them in overcoming their economic stability issues and ensure they continue to serve the communities that rely on them. However, there is not a focus on regulating nor assisting small businesses to ensure their cybersecurity standards are up to par despite them increasingly becoming a victim of cyberattacks that yield high consequences. The external oversight and assistance is necessary for small businesses due to their lack of knowledge in implementing effective cybersecurity policies, the fiscal …

Distributed Governance Of Medical Ai, W. Nicholson Price Ii

SMU Science and Technology Law Review

Artificial intelligence (AI) has the potential to democratize expertise in medicine, bring expertise previously limited to specialists to a variety of health-care settings. But AI can easily falter, and making sure that AI works well across that variety of settings is a challenging task. Centralized governance, such as review by the Food and Drug Administration, can only do so much, since system performance will depend on the particular health-care setting and how the AI system is integrated into setting-specific clinical workflows. This Essay presents the need for distributed governance, where some oversight tasks are undertaken in localized settings. It points …

Show Me The (Data About The) Money!, Nizan Geslevich Packin

Utah Law Review

Information about consumers, their money, and what they do with it is the lifeblood of the flourishing financial technology (“FinTech”) sector. Historically, highly regulated banks jealously protected this data. However, consumers themselves now share their data with businesses more than ever before. These businesses monetize and use the data for countless prospects, often without the consumers’ actual consent. Understanding the dimensions of this recent phenomenon, more and more consumer groups, scholars, and lawmakers have started advocating for consumers to have the ability to control their data as a modern imperative. This ability is tightly linked to the concept of open …

The Gdpr: It Came, We Saw, But Did It Conquer?, Leila Javanshir

Seattle University Law Review

On February 1, 2019, the Seattle University Law Review held its annual symposium at the Seattle University School of Law. Each year, the Law Review hosts its symposium on a topic that is timely and meaningful. This year, privacy and data security professionals from around the globe gathered to discuss the current and future effects of the General Data Protection Regulation (GDPR) that was implemented on May 25, 2018. The articles and essays that follow this Foreword are the product of this year’s symposium.

Confiding In Con Men: U.S. Privacy Law, The Gdpr, And Information Fiduciaries, Lindsey Barrett

Seattle University Law Review

In scope, ambition, and animating philosophy, U.S. privacy law and Europe’s General Data Protection Regulation are almost diametric opposites. The GDPR’s ambitious individual rights, significant prohibitions, substantive enforcement regime, and broad applicability contrast vividly with a scattershot U.S. regime that generally prioritizes facilitating commerce over protecting individuals, and which has created perverse incentives for industry through anemic enforcement of the few meaningful limitations that do exist. A privacy law that characterizes data collectors as information fiduciaries could coalesce with the commercial focus of U.S. law, while emulating the GDPR’s laudable normative objectives and fortifying U.S. consumer privacy law with a …

Privacy Statements Under The Gdpr, Mike Hintze

Seattle University Law Review

The need to include specific types of information in a privacy statement is a GDPR compliance obligation that does not get as much attention as some other GDPR requirements. Perhaps that is because privacy statements have been much maligned in recent years. They are too long and full of legalese. Nobody reads them. They are part of a notice and consent approach to privacy that puts an unrealistic burden on consumers to make informed choices. But despite these well-known criticisms, the GDPR doubles down on privacy statements. In fact, gauging by the roughly fourfold increase in privacy statement requirements compared …

Collaborative Approaches To Blockchain Regulation: The Brooklyn Project Example, Patrick Berarducci

Cleveland State Law Review

Today, I am going to discuss, at a high level, blockchain technology—what it is, what are its unique features that could revolutionize markets and economies, and how it could impact law and regulation. That is a lot to cover—far too much in the time allotted. So I will keep things at a very high level and hopefully pique some interest in everyone to dig deeper on their own.

Conceptualizing The Regulation Of Virtual Currencies And Providers: Friction Points In State And Federal Approaches To Regulating Providers Of Payments Execution And Custody Services And Products In The United States, Sarah J. Hughes

Cleveland State Law Review

This essay evaluates the state of regulation by the United States government and State legislatures of participants in emerging virtual-currency businesses. It points to friction points as both the federal government and the States experiment with their own regulatory authority over virtual-currency businesses and provides a taxonomy of differing approaches to regulating such businesses. The essay takes the position that the States need to act in the near term if they wish to maintain their longstanding role as regulators of non-depository providers of financial products and services—or they risk being preempted by Congress or federal regulatory actions. This essay also …

Smart Contracts In Traditional Contract Law, Or: The Law Of The Vending Machine, Jonathan Rohr

Cleveland State Law Review

Smart contracts are the new norm, yet state legislatures and courts have not developed set rules and answers to legal disputes that these contracts create. Is traditional contract law sufficient? Or should we create an entirely new legislative or common law scheme to deal with these disputes? The common law has proven to be successful in dealing with new technologies and contracts, particularly because of its flexibility. Although a major overhaul may be in the future, there are still solutions that we can find today with the current legal landscape given the state of contract law and its evolution over …

Regtech, Compliance And Technology Judgement Rule, Nizan Geslevich Packin

Chicago-Kent Law Review

This Article focuses on the rise of Financial Technology, which revolutionized consumer financial service products, and challenged policymakers with regulating the rapidly evolving financial industry. In particular, it explores Regulatory Technology, also known as RegTech, which is the finance industry’s use of technology, especially information technology, in the context of regulatory monitoring, reporting and compliance. RegTech is designed to solve industry needs for a more effective and efficient way to automate corporate governance and compliance processes. Not only has FinTech proven to be a vital revenue source, especially in connection with lending or money transmission services, but it also helps …

Corporate Cybersecurity: The International Threat To Private Networks And How Regulations Can Mitigate It, Eric J. Hyla

Vanderbilt Journal of Entertainment & Technology Law

Cyberattacks are occurring at an accelerating pace. Foreign nations are increasingly utilizing hacking as a tool for economic gain, acts of aggression, or international political expression. At risk are US consumers'personal data, private firms' bottom line, and the economies'integrity. In response, federal and state lawmakers have issued a series of disparate, uncoordinated policies seeking to strengthen cybersecurity practices. However, recent events indicate that these policies are less than ideal. This Note suggests that a unified response to cybersecurity is required and calls for the establishment of a single, central federal agency with authority over all cybersecurity regulations. Such an agency …

Regulating Black-Box Medicine, W. Nicholson Price Ii

Michigan Law Review

Data drive modern medicine. And our tools to analyze those data are growing ever more powerful. As health data are collected in greater and greater amounts, sophisticated algorithms based on those data can drive medical innovation, improve the process of care, and increase efficiency. Those algorithms, however, vary widely in quality. Some are accurate and powerful, while others may be riddled with errors or based on faulty science. When an opaque algorithm recommends an insulin dose to a diabetic patient, how do we know that dose is correct? Patients, providers, and insurers face substantial difficulties in identifying high-quality algorithms; they …

The Oversimplification Of Deregulation: A Case Study On Clinical Decision Support Software, Deeva V. Shah

Michigan Telecommunications & Technology Law Review

Until the December 2016 passage of the Cures Act, the FDA had regulatory power over clinical decision support (CDS) software; however, the Act removed a large group of CDS software from the FDA’s statutory authority. Congressional intent was to increase innovation by removing regulatory blockades—such as device testing and certification—from the FDA’s purview. This note argues that the enactment of this specific provision of the Act will instead stymie innovation and overlook the unfortunate safety consequences inherent in its deregulation. CDS software is a burgeoning field ripe for innovation; however, rapid innovation can often lead to a slew of mistakes—mistakes …

Need For Informed Consent In The Age Of Ubiquitous Human Testing, Caitlyn Kuhs

Loyola of Los Angeles Law Review

No abstract provided.

Up In The Cloud: Finding Common Ground In Providing For Law Enforcement Access To Data Held By Cloud Computing Service Providers, Matthew Mckenna

Vanderbilt Journal of Transnational Law

Cloud computing is an everyday part of the modern world; a technology that is increasingly transcending international borders. Disregarding international borders allows cloud computing to operate more efficiently and thus provides better service to users. Yet, the global nature of cloud computing raises a question--what happens if multiple countries apply facially similar laws to cloud computing providers differently? This scenario is common, especially in the context of law enforcement seeking access to cloud computing data. The United States and the United Kingdom have similar laws regarding the government's ability to acquire users' data. Importantly, neither law explicitly addresses the question …

Costing A Pretty Penny: Online Penny Auctions Revive The Pestilence Of Unregulated Lotteries, David R. Konkel

Seattle University Law Review

Penny auctions, an online phenomenon imported from Europe, operate by the hundreds in the United States without meaningful oversight from consumer protection agencies. In a penny auction, consumers compete for items one penny at a time. To date, no significant inquiry, either academic or practical, into the legitimacy of the penny auction has occurred. Although marketed as auctions, online penny auctions may actually qualify as lotteries. Unlike the multifarious and confusing definitions of gambling, the long-accepted definition of a lottery consists of three elements: prize, consideration, and chance. If a penny auction satisfies this definition then, under well-established case law …

Opening Bottlenecks: On Behalf Of Mandated Network Neutrality, Bill D. Herman

Federal Communications Law Journal

This Article calls for mandated "network neutrality," which would require broadband service providers to treat all nondestructive data equitably. The Author argues that neutral networks are preferable because they better foster online innovation and provide a more equitable distribution of the power to communicate. Without mandated network neutrality, providers in highly concentrated regional broadband markets will likely begin charging content providers for the right to send data to end users at the fastest speeds available. The Author demonstrates that regional broadband competition and forthcoming transmission technologies are unlikely to prevent broadband discrimination, ad hoc regulation under current statutory authority is …

The Legacy Of The Federal Communications Commission’S Computer Inquiries, Robert Cannon

Federal Communications Law Journal

The FCC and the computer industry have learned much in the 35 years since the agency first began to regulate computer networks. Safeguards were imposed on common carriers for the benefit of the networks. This Article examines the so-called Computer Inquiries and how they have repeatedly re-examined and redefined the nature of the regulatory treatment of computer networks over communications networks. The Author reviews Computer I, in which the FCC first attempted to divide the world technologically between computers that ran communications networks ("pure communications") and computers at the end of telephone lines with which people interacted ("pure data processing"). …

Global Trecs: The Regulation Of International Trade In Cyberspace, J. Steele

Canadian Journal of Law and Technology

This paper provides an overview of trade-related aspects of electronic commerce, and examines three approaches for regulating international trade in cyber- space. A model which integrates these approaches is then proposed, emphasizing private standards of self-regula- tion within a broader public framework of minimal background standards. A summary of potential areas of conflict between competing regulatory approaches fol- lows, and the paper concludes that both the WTO and the OECD have important roles to play in the develop- ment of international consensus towards a harmonized framework for the regulation of global TRECs.

Climbing The Walls Of Your Electronic Cage, Steven Hetcher

Michigan Law Review

Space. The final frontier. Not so, say the doyennes of the firstgeneration Internet community, who view themselves as the new frontiersmen and women staking out a previously unexplored territory - cyberspace. Numerous metaphors in the Internet literature picture cyberspace as a new, previously unexplored domain. Parallels are frequently drawn to the American colonies, the Western frontier, or outer space. In Code: And Other Laws of Cyberspace, Lawrence Lessig says, "Cyberspace is a place. People live there." In this place, we will build a "new society" (p. 4). A sense of this background is helpful in appraising Lessig's claims. He argues …

The International Application Of The Second Computer Inquiry, Robert M. Frieden

Michigan Journal of International Law

This article chronicles the FCC's attempt to confront the confluence of telecommunications and data processing technologies by fashioning a regulatory scheme designed primarily for the United States. The Commission has chosen to apply this scheme, without significant qualification, internationally. Given the different objectives and structure of United States and foreign communications industries, the FCC's system cannot be transplanted abroad without prior consultation and substantial modification. After reviewing the international problems created by the Commission's application abroad of its newly developed scheme, this article concludes with recommendations for resolving these conflicts that currently threaten the well-being of carriers, customers, and international …

Integrated Servies Digital Network: Issues And Options For The World's Future Communications Systems, A. M. Rutkowski

Michigan Journal of International Law

There has been virtually no public discussion of the significant public policy issues raised because of the intimidating nature of network engineering which forms the basis for nearly all the current dialogue. This paper discusses current ISDN developments, and sets forth an analytical framework within which these issues may be discussed.

The Fcc Computer Inquiry: Interfaces Of Competitive And Regulated Markets, Michigan Law Review

Michigan Law Review

Since the advent of computer technology, data processing and communication services have become increasingly interdependent. In 1966, the Federal Communications Commission launched the Computer Inquiry to explore the broad range of regulatory and policy problems generated by this technological development.2