Category: Cyberlaw

1

It’s About Data Hoards – My New Paper Explains Why Data Escrow Won’t Protect Privacy

A core issue in U.S. v. Jones has noting to do with connecting “trivial” bits of data to see a mosaic; it is about the simple ability to have a perfect map of everywhere we go, with whom we meet, what we read, and more. It is about the ability to look backward and see all that information with little to no oversight and in a way forever. That is why calls to shift the vast information grabs to a third party are useless. The move changes little given the way the government already demands information from private data hoards. Yes, not having immediate access to the information is a start. That might mitigate mischief. But clear procedures are needed before that separation can be meaningful. That is why telecom and tech giants should be wary of “The central pillar of Obama’s plan to overhaul the surveillance programs [which] calls for shifting storage of Americans’ phone data from the government to telecom companies or an independent third party.” It does not solve the problem of data hoards.

As I argue in my new article Constitutional Limits on Surveillance: Associational Freedom in the Age of Data Hoarding:

Put differently, the tremendous power of the state to compel action combined with what the state can do with technology and data creates a moral hazard. It is too easy to harvest, analyze, and hoard data and then step far beyond law enforcement goals into acts that threaten civil liberties. The amount of data available to law enforcement creates a type of honey pot—a trap that lures and tempts government to use data without limits. Once the government has obtained data, it is easy and inexpensive to store and search when compared to storing the same data in an analog format. The data is not deleted or destroyed; it is hoarded. That vat of temptation never goes away. The lack of rules on law enforcement’s use of the data explains why it has an incentive to gather data, keep it, and increase its stores. After government has its data hoard, the barriers to dragnet and general searches—ordinarily unconstitutional—are gone. If someone wishes to dive into the data and see whether embarrassing, or even blackmail worthy, data is available, they can do so at its discretion; and in some cases law enforcement has said they should pursue such tactics. These temptations are precisely why we must rethink how we protect associational freedom in the age of data hoarding. By understanding what associational freedom is, what threatens it, and how we have protected it in the past, we will find that there is a way to protect it now and in the future.

2

Robotics and the New Cyberlaw

Cyberlaw is the study of the intersection between law and the Internet.  It should come as no surprise, then, that the defining questions of cyberlaw grew out of the Internet’s unique characteristics.  For instance: an insensitivity to distance led some courts to rethink the nature of jurisdiction.  A tendency, perhaps hardwired, among individuals and institutions to think of “cyberspace” as an actual place generated a box of puzzles around the nature of property, privacy, and speech.

We are now well in to the cyberlaw project.  Certain questions have seen a kind of resolution.  Mark Lemley collected a few examples—jurisdiction, free speech, the dormant commerce clause—back in 2003.  Several debates continue, but most deep participants are at least familiar with the basic positions and arguments.  In privacy, for example, a conversation that began around an individual’s control over their own information has evolved into a conversation about the control information affords over individuals to whoever holds it.  In short, the twenty or so years legal and other academics have spent studying the Internet have paid the dividends of structure and clarity that one would hope.

The problem is that technology has not stood still in the meantime.  The very same institutions that developed the Internet, from the military to household-name Internet companies like Google and Amazon, have initiated a significant shift toward a new transformative technology: robotics.  The word “significant” is actually pretty conservative: these institutions are investing, collectively, hundreds of billions of dollars in robotics and artificial intelligence.  People like the Editor-in-Chief of Wired Magazine—arguably the publication of record for the digital revolution—are quitting to found robotics companies.  Dozens of states now have robot-specific laws.

What do we as academics and jurists make of this shift?  It seems to me, at least, that robotics has a distinct set of essential qualities than the Internet and, therefore, will raise a novel questions of law and policy.  If anything, I see robotics as departing even more abruptly from the Internet than did the Internet from personal computers and telephony.  In a new draft article, I explore in detail how I think cyberlaw (and law in general) will change with the ascendance of robotics as a commercial, social, and cultural force.  I am particularly interested in whether cyberlaw—with its peculiar brand of interdisciplinary pragmatism—remains the proper intellectual house for the study of this new transformative technology.

I follow robotics pretty closely but I don’t purport to have all the answers.  Perhaps I have overstated the importance or robotics, misdiagnosed its likely impact, or otherwise selected an unwise path forward.   I hope you read the paper and let me know.

0

UCLA Law Review Vol. 61, Issue 3

Volume 61, Issue 3 (February 2014)
Articles

How to Feel Like a Woman, or Why Punishment Is a Drag Mary Anne Franks 566
Free: Accounting for the Costs of the Internet’s Most Popular Price Chris Jay Hoofnagle & Jan Whittington 606
The Case for Tailoring Patent Awards Based on Time-to-Market Benjamin N. Roin 672

 

Comments

Here Comes the Sun: How Securities Regulations Cast a Shadow on the Growth of Community Solar in the United States Samantha Booth 760
Restoration Remedies for Remaining Residents David Kane 812

 

 

 

0

Could Revenge Porn Victims Seek Civil Liability Against Hunter Moore?

Suppose that former revenge porn operator Hunter Moore is convicted of federal crimes of conspiracy to engage in computer hacking. Could individuals whose nude photos appeared on his site next to their home addresses and screenshots of their Facebook profiles sue Moore for intentional infliction of emotional distress and public disclosure of private fact? Probably not, but it’s worth exploring the issue.

The closest case law involves civil penalties provided for under federal criminal law. In M.A. v. Village Voice, a federal district court judge found that Backpage.com enjoyed Section 230 immunity for civil penalties under the child trafficking statute, 18 U.S.C. 2255. Section 2255 allows victims of child trafficking to recover damages from those who had committed or profited from the crimes against them. provides that, “[a]ny person who, while a minor, was a victim of a violation of [criminal statutes concerning child trafficking] and who suffers personal injury as a result of such violation may sue” and “recover actual damages such person sustained.” The representatives of a victim of child trafficking argued that Section 230 immunity was inapplicable because Backpage.com had profited from the plaintiff’s victimization in violation of Section 2255. As the court held, however, Section 2255 was a “civil damages” provision of Title 18, not federal criminal law.

The only remaining question is whether Moore materially contributed to the contested content–nude photos and Facebook screen shots. If so, he could be found liable as a co-developer of the content that often was tantamount to cyber stalking. Of course, the question of liability would remain. Just because a site operator does not enjoy immunity from liability does not mean he would be strictly liable for torts of intentional infliction of emotional distress, for instance. The question would be whether he intentionally inflict emotional distress on particular individuals? Recall that Moore boasted to the press that the more embarrassing and destructive the material, the more money he made. When a reporter told him that revenge porn had driven people to commit suicide, Moore said that he did not want anybody to die, but if it happened, he would be grateful for the publicity and advertising revenue it would generate; “Thank you for the money . . . from all of the traffic, Googling, redirects, and press.” Earlier this year, Moore told Betabeat’s Jessica Roy that he was relaunching his site including not just of people’s Facebook accounts, but their home addresses. “We’re gonna introduce the mapping stuff so you can stalk people,” he told Roy. When talking to Forbes’s Kashmir Hill, Moore backed off his statement, claiming to be drunk, but had tweeted, “I’m putting people’s house info with google earth directions. Life will be amazing.”

More broadly, sites that principally host revenge porn are making a mockery of Section 230. As Citizen Media Law Project’s Sam Bayard explains, a site operator can enjoy the protection of Section 230 while “building a whole business around people saying nasty things about others, and . . . affirmatively choosing not to track user information that would make it possible for an injured person to go after the person directly responsible.” In my book Hate Crimes in Cyberspace, I explore the possibility of Section 230 reform to ensure that the worst actors don’t enjoy immunity. It’s certainly a perverse result that the “Good Samaritan” provision of the Communications Decency Act immunizes from liability sites that solicit and principally host revenge porn and other forms of cyber stalking. More to come in August, when Harvard University Press publishes the book.

 

I
0

4 Points About the Target Breach and Data Security

There seems to be a surge in data security attacks lately. First came news of the Target attack. Then Neiman Marcus. Then the U.S Courts. Then Michael’s. Here are four points to consider about data security:

1. Beware of fraudsters engaging in post-breach fraud.

After the Target breach, fraudsters sent out fake emails purporting to be from Target about the breach and trying to trick people into providing personal data. It can be hard to distinguish the real email from an organization having a data breach from a fake one by fraudsters. People are more likely to fall prey to a phishing scheme because they are anxious and want to take steps to protect themselves. Post-breach trickery is now a growing technique of fraudsters, and people must be educated about it and be on guard.

2. Credit card fraud and identity theft are not the same.

The news media often conflates credit card fraud with identity theft. Although there is one point of overlap, for the most part they are very different. Credit card fraud involving the improper use of credit card data can be stopped when the card is cancelled and replaced. An identity theft differs because it involves the use of personal information such as Social Security number, birth date, and other data that cannot readily be changed. It is thus much harder to stop identity theft. The point of overlap is when an identity thief uses a person’s data to obtain a credit card. But when a credit card is lost or stolen, or when credit card data is leaked or improperly accessed, this is credit card fraud, and not identity theft.

3. Data breaches cause harm.

What’s the harm when data is leaked? This question has confounded courts, which often don’t recognize a harm. If your credit card is just cancelled and replaced, and you don’t pay anything, are you harmed? If your data is leaked, but you don’t suffer from identity theft, are you harmed? I believe that there is a harm. The harm of credit card fraud is that it can take a long time to replace all the credit card information in various accounts. People have card data on file with countless businesses and organizations for automatic charges and other transactions. Replacing all this data can be a major chore. People’s time has a price. That price will vary, but it rarely is zero.

Read More

0

Google Books and the Social (Justice) Contract

In channeling Judge Baer, Judge Chin at long last dropped the other shoe in the judicial effort to bring new information technology uses for copyrighted works fully in to the copyright regime. Congress has been slow to address the challenge of tapping the full copyright social utility/justice potential of these advances and it’s been left to the courts to sort it all out in the context of individual adversarial conflicts. Poignantly, when Jonathan Band asks “What [was] the Authors Guild fighting for?”, he also illustrates the tree-myopic/forest blind nature of the Guild’s position. What the Guild failed to see is that property rights fit into a larger socio-legal system: Yes your neighbor is precluded from trespassing on to your land but your ability to engage in whatever “private” activity strikes your fancy while thereon is limited by the legal system as a whole. Your land is individual private property, not an independent sovereign state.

 

Judge Baer reminded rights holders of this aspect of the social contract and now Judge Chin has made it clear to the Guild that this is not some narrow, eccentric application of copyright social utility. Property rights, including copyrights, exist to advance society, and to state the obvious, information technology has evolved our society. Like all other rights, customs, and expectations, however, whereas some aspects of copyright as previously envisioned fit comfortably into our new configuration others don’t fit at all. And when that ill-fit impedes important social progress modifications must be made, and if necessary, expectations altered.

 

The courts’ reasoning in both Hathitrust and Google Books moves fair use jurisprudence further toward the express consideration of copyright social justice in the application of the doctrine. As Kevin Smith notes, the judges in both cases have seized this opportunity to retrofit fair use, and it seems to me that these decisions push beyond questions of aesthetic and even functional transformation and pave the way for weighing social transformation in assessing the first fair use factor. I have also applied some of the legal conclusions drawn from Bill Graham Archives and other Grateful Dead archive projects to specific copyright social justice needs, for example, that of socially beneficent access to the literature of the Harlem Renaissance. Like some other historically and culturally important works, many of these books enjoy only marginal commercial market value and similar to the information harvested through data mining, “digital fair use” may be the only means by which to return these works to the general public. The social resuscitation of significant works through mass-digitization, and other uses that serve important and otherwise unattainable copyright social objectives, should be considered a purpose that satisfies the first fair use factor.

 

Authors and other copyrights holders would do well to finally get ahead of the information technology curve. The Authors Guild’s mistake was not so much in the effort to preserve what they considered to be their property rights or even in the effort to extract every conceivable drop of revenue out those rights, but rather, in failing to accept that in order for these rights to retain any value they must function as part of a thriving societal system or eventually forfeit the basis for legal recognition. In the analog world, the public’s access to most books remains largely dependent upon the vagaries of the commercial marketplace. Digital information technology has presented the opportunity to compile the world’s books toward the creation of global libraries accessible to every human being on a socially equitable basis. To believe that analog social inequity will be permitted to endure indefinitely in the face of digital information possibilities is simply unrealistic. Keeping in mind that the stimulation, perpetuation, and re-ignition of the cultural expression/dissemination/inspiration combustive cycle is the raison d’etre of copyright will enable authors to embrace digital change and as Gil Scott Heron sang, possibly even direct the change rather than simply be put through it.

 

0

Drones, Amazon, Pizza, and More

As I saw that Amazon is tinkering with drone delivery, I thought “How very Stephenson” and that the opening of Snow Crash tracked the idea of 30 minutes or less delivery. Of course, others thought of this connection overnight. And although Fox News hyped the idea as the Senate holding hearings on Amazon and Drones (“Senate to hold hearing to discuss Amazon package delivery drones“), the hearings were already in place as Fox reports. The Amazon glory is icing on the cake of let’s freak out about drones. And, yes, there are reasons to think about drones and what, if anything, should be done to regulate them. In this post I am more interested in the labor issues. Chris Taylor’s thoughts at Mashable get into this question. There are many limits to the tech. But as I wrote before, Amazon strikes me as well-placed to press into new ways to use this sort of technology to reduce its labor needs. Local distribution sites, same day or now maybe within an hour delivery, maybe on-demand printing of books (or 3D things), and Amazon could yet again change shopping. The Supreme Court declined to hear the case about forcing retailers to collect taxes even when they have no presence in a state. Amazon’s response of moving into states and taking on local retailers may prove to increase competition locally and in an ironic twist the idea that imposing taxes would be fair may prove to be what eats at local businesses more than expected.

0

Neutrality or Nirvana?

Trade law should not allow countries to insist on a regulatory nirvana in cyberspace unmatched in real space.

Reading Anupam Chander’s The Electronic Silk Road has been a real treat, and thanks to the folks at Concurring Opinions for organizing this terrific online symposium and including me. The book offers a wide-ranging and insightful discussion about global electronic commerce and its regulation and management. Anupam proposes general principles—rules of the road, essentially—to guide policymakers in this process of regulating and managing global e-commerce. The very first principle introduced in the book–the quotation above captures its essence–is that of technological neutrality: To keep cybertrade free and open, the online provision of a service should not be subject to more onerous regulatory burdens than its offline counterpart.

I wish to focus on this first principle. It seems a balanced and uncontroversial prescription. Why should local regulators saddle online service providers with heavier regulatory burdens than the local bricks-and-mortar competitors? The specter of protectionism lurks!

For me, Anupam’s technological neutrality principle is insufficiently ambitious with respect to the possibilities for effective regulation of e-commerce. Anupam’s concerns are free trade concerns, with which I am sympathetic. At the same time, though, e-commerce may actually be able to do better than brick and mortar on a number of important regulatory fronts, but technological neutrality gives up on those possibilities. It relieves the pressure to pursue more efficient regulation in cyberspace.

Read More

0

Opportunities and Roadblocks Along the Electronic Silk Road

977574_288606077943048_524618202_oLast week, Foreign Affairs posted a note about my book, The Electronic Silk Road, on its Facebook page. In the comments, some clever wag asked, “Didn’t the FBI shut this down a few weeks ago?” In other venues as well, as I have shared portions of my book across the web, individuals across the world have written back, sometimes applauding and at other times challenging my claims. My writing itself has journed across the world–when I adapted part of a chapter as “How Censorship Hurts Chinese Internet Companies” for The Atlantic, the China Daily republished it. The Financial Times published its review of the book in both English and Chinese.

International trade was involved in even these posts. Much of this activity involved websites—from Facebook, to The Atlantic, and the Financial Times, each of them earning revenue in part from cross-border advertising (even the government-owned China Daily is apparently under pressure to increase advertising) . In the second quarter of 2013, for example, Facebook earned the majority of its revenues outside the United States–$995 million out of a total of $1,813 million, or 55 percent of revenues.

But this trade also brought communication—with ideas and critiques circulated around the world.  The old silk roads similarly were passages not only for goods, but knowledge. They helped shape our world, not only materially, but spiritually, just as the mix of commerce and communication on the Electronic Silk Road will reshape the world to come.

Read More

1

Upcoming Online Symposium on Professor Anupam Chander’s The Electronic Silk Road

Silk Road coverDanielle and I are happy to announce that next week, Concurring Opinions will host an online symposium on Professor Anupam Chander’s The Electronic Silk Road: How the Web Binds the World Together in Commerce. Professor Chander is a professor at U.C. Davis’s King Hall School of Law. Senators, academics, trade representatives, and pundits laud the book for its clarity and the argument Professor Chander makes. He examines how the law can facilitate commerce by reducing trade barriers but argues that consumer interests need not be sacrificed:

On the ancient Silk Road, treasure-laden caravans made their arduous way through deserts and mountain passes, establishing trade between Asia and the civilizations of Europe and the Mediterranean. Today’s electronic Silk Roads ferry information across continents, enabling individuals and corporations anywhere to provide or receive services without obtaining a visa. But the legal infrastructure for such trade is yet rudimentary and uncertain. If an event in cyberspace occurs at once everywhere and nowhere, what law applies? How can consumers be protected when engaging with companies across the world?

But will the book hold up under our panel’s scrutiny? I think so but only after some probing and dialogue.

Our Panelists include Professor Chander as well as:

Paul Berman

Miriam Cherry

Graeme Dinwoodie

Nicklas Lundblad

Frank Pasquale

Pierluigi Perri

Adam Thierer

Haochen Sun

Fred Tung

And of course

Danielle Citron and I will be there too.