Home | About | RSS Feed | Contact and Publicity Guidelines | Comment Policy the Law, the Universe, and Everything 

advertise-here4


Slip Opinions


New Supreme Court website (DJS)

A digital-age bird man for Alcatraz?  Tweeting oneself to jail. (DJS)

NYT: How privacy vanishes online (DJS)

Orin Kerr critiques the 11th Circuit on email and the Fourth Amendment (DJS)

Identification by your germs (DJS)

Interview of Professor William Stuntz (DJS)

Professor Eric Goldman on the proposed federal Anti-SLAPP Bill (DJS)

Important advice for new profs: DO NOT make jokes (online or otherwise) about killing your students. (kw)

FTC Report: ID theft is down but overall fraud is up (DJS)

Balkin on reconciliation vs. filibuster (DJS)

Our Podcast

Subscribe to Law Talk

law-rev-contents2.jpg


  • Posts by Author

  • Categories

  • Archives


  • Recent Comments

    • Mark S. Devenow on My Bad!: The Supreme Court’s Assault on Judicial Elections

    • AF on Deem and Pass

    • another anon on Spring 2010: Is the Window Open? (re-re-bumped)

    • PublishingProf on Spring 2010: Is the Window Open? (re-re-bumped)

    • NotAProf on Spring 2010: Is the Window Open? (re-re-bumped)

    • NotAProf on Spring 2010: Is the Window Open? (re-re-bumped)

    • Aspirant on Spring 2010: Is the Window Open? (re-re-bumped)

    • ParanoidProf on Spring 2010: Is the Window Open? (re-re-bumped)

    • Aspirant on Spring 2010: Is the Window Open? (re-re-bumped)

    • Andrew Lund on Test Executive Pay by Contract Law, not Delaware Corporate Law

    • Fred B. McKinley on Why the Innocent Are Punished More Harshly Than the Guilty

    • Lawrence Cunningham on Test Executive Pay by Contract Law, not Delaware Corporate Law

    • PublishingProf on Spring 2010: Is the Window Open? (re-re-bumped)

    • Aspirant on Spring 2010: Is the Window Open? (re-re-bumped)

    • Bruce Boyden on Used Car Salesmen in Delaware

    •  

    Site Meter

Archive for the ‘Technology’ Category

The Right to the Internet

posted by Danielle Citron

According to a poll sponsored by the BBC World Service, four in five adults in more than 26 countries believe that Internet access is a fundamental right.  The poll asked more than 27,000 adults about their attitudes towards the Internet and found that 87 percent of regular Internet users agree that access should be a “fundamental right of all people.”  More than 71 percent of non-Internet users felt that they should have the right to access the global network.

Crucial to our access to the Internet is our continued adherence to the end-to-end principle.  As legal scholar and computer scientist Barbara van Schewick explained in her Opening Statement at the FCC’s Workshop on Innovation, Investment, and the Open Internet, the “network was designed to be as general as possible in order to support a wide variety of applications with different needs.  So when a new application comes along, the network doesn’t have to be changed to allow the application to run.  All the innovator has to do is write the program that runs on a computer attached to the Internet.”  As van Schewick notes, the low cost of developing new applications has enabled the creation of eBay and Skype, even though many questioned those applications’ ability to succeed in the marketplace (who would buy goods through online auctions?) or their plausibility (network engineers didn’t initially think internet telephony was possible).

Now, however, sophisticated technology is available that “enables network providers to identify the applications and content on their network and control their execution.”    According to van Schewick, the “original Internet was application-blind,” but “today’s Internet is not.”  This matters to access and innovation.  Although a programmer may have a great idea for a video platform that will revolutionize the way people watch television, cable providers could squash it.  They could block the inventor’s application or slow it down.  Why would they do that?  As van Schewick explains, maybe the application competes with theirs, maybe they want a share of the inventor’s profits, maybe they don’t like the content, or maybe the application is slowed down to manage bandwidth.  Whatever the reason, the network provider can ensure the failure of the inventor’s project, chasing away potential investors and other inventors.  In the end, this risks the diversity of innovation and its concomitant societal benefits.  If network providers “pick winners and losers on the Internet, if they decide how users can use the network, users may end up with applications that they would not have chosen, and may be forced to use the Internet in a way that does not create the value it could.”

In short, our failure to commit to network neutrality, to permit discrimination among applications, has a deep impact on what people now believe is their fundamental right.  van Schewick closed her Open Statement with a telling story.  She asked if the audience had tried to explained to their partners’ grandparents why they should get the Internet.  She explained that she had and noted that she didn’t say: “Grandma, you have to get the Internet?  It’s cool!  It lets you send data packets back and forth.”  “No, I said: ‘If you get the Internet, you can call us and see your grandchildren on the screen.  And if we have new pictures, you’ll be able to see them immediately after we send them.  And you can read about everything you can possibly imagine’ . . . “  Thus, by “protecting the factors that have fostered application innovation in the past, we can make sure that the Internet will be even more useful and valuable in the future.”

  March 8, 2010 at 8:53 am   Posted in: Architecture, Culture, Current Events, Cyberlaw, Technology  Print This Post Print This Post   3 Comments

Law & Technology

posted by Gerard Magliocca

I am teaching a seminar on law and technology next semester, and I’m looking for a book or an article that addresses–at a relatively high level of generality–the disruptive impact of technological change on doctrine. (Or perhaps an excellent case study of how this occurred in a particular area).  Any suggestions would be most welcome.

  March 7, 2010 at 7:33 am   Posted in: Technology  Print This Post Print This Post   11 Comments

Innovative Architectures of Privacy

posted by Danielle Citron

As Daniel J. Weitzner recently noted to the New York Times, our current notice-and-choice model of privacy may soon be dead and good riddance.  Since the 1990s, we have relied upon websites’ privacy policies to inform individuals about whether their information would be collected, used, and shared.  Consumers usually don’t read these policies and, if they did, they likely would not understand them.  This leaves us with with much room to do better.

In “Redrawing the Route to Online Privacy,” the New York Times discusses how law and technology might get help us out of this mess.  The article highlighted several intriguing technical innovations.  A group at Carnegie Mellon University has designed software that will nudge consumers about the privacy implications of sharing certain information.  As CMU’s  Lorrie Faith Cranor explains, social network site users often share their birth dates, hoping to receive online greetings from friends yet doing so runs the risk of marketing profiling, identification, and identity theft.  Software could inform consumers of these risks before they share their birth dates.  M. Ryan Calo, a fellow at Stanford Law School’s Center for Internet and Society who has done exciting work on the privacy implications of robots, is exploring voice and animation technology emulating humans that would provide “visceral notice.”  Before someone puts information in a personal health record like GoogleHealth, a virtual nurse could explain the privacy implications of sharing the information.  Calo explains that people naturally react more strongly, in a more visceral way, to anthropomorphic cues.  The think tank Future of Privacy led by Jules Polonetsky and Chris Wolff is testing the effectiveness of using new icons and key phrases to provide web surfers with more transparency and choice about behavioral advertising practices.  Princeton’s Ed Felten (whose important computer science research has rightly preoccupied government and industry) is working on re-engineering the Web browser for greater privacy.  Felten would alter the software’s design so that information about on-screen viewing sessions is kept separate and not routinely passed along so a person’s browsing behavior can be tracked.

As these efforts make clear, code is crucial to the protection of consumer privacy.  To what extent, if at all, should we invoke law to regulate websites’ information practices?  Congress and the Federal Trade Commission is mulling rules that would limit a site’s use of information collected online.  As the New York Times notes, government might ban the use of recorded trails of a person’s web-browsing in employment or health insurance decisions.  It would be worth considering limits on data collection and retention practices too.  Law could require the deletion of certain information after a certain time, in the manner suggested by Viktor Mayer-Schonberger’s work.  All worth pondering.

  March 2, 2010 at 10:21 am   Posted in: Architecture, Privacy, Privacy (Consumer Privacy), Technology, Web 2.0  Print This Post Print This Post   3 Comments

Sometimes It Really Is Big Brother

posted by Danielle Citron

Metaphors have long had a profound impact on the way we conceptualize problems.  Sometimes they persist, never to be shaken.  Other times, they wane in relevance, at times taking on a misleading character.  In privacy, the Big Brother metaphor has stuck, but has been superseded by others, notably Dan Solove’s invocation of Kafka’s The Trial.  As Dan underscores in The Digital Person: Technology and Privacy in the Information Age, unseen bureaucracies collect, process, and distribute our personal information in ways that have great power over our lives.  Information brokers, for instance, amass digital dossiers on individuals that often include incomplete and misleading data, selling them to potential employers who decline to interview or hire them.  In most instances, individuals have no idea that such digital dossiers have cost them work opportunities.  They also have no means to force data brokers to disclose or correct their dossiers.

Only in the exceptional case do people discover that such dossiers contain incorrect information about them.  For instance, as CNN reports, in 2009, data broker ChoicePoint provided an employer with a dossier on a Georgia man, which falsely asserted that he had two felony convictions.  The employer initially refused to hire the man and explained their reason to him.  The man contacted his congressman about the problem and, with his help, managed to convince ChoicePoint to remove the false criminal information from his dossier.

The metaphor of Kafka’s The Trial is so fitting.  Most, unlike the Georgia man, lose work opportunities, never knowing that a data broker has rendered a verdict on them:  Smoker!  Criminal!  Fiscally Irresponsible!  Employers care about these things, and in this environment may decline to hire a smoker or Crohn’s sufferer whose health bills may be high, no matter how capable the person seems.

But now comes news of a Main Lain Pennsylvania school that allegedly can remotely turn on the web cameras in its students’ laptops, watching kids at home and punishing them for their activities there.  (Cory Doctorow, who wrote the ingenious book Little Brother, quite fittingly broke the story on boingboing.)  The school confirmed that it can remotely monitor the students’ web cam inputs but only does so to locate missing or stolen laptops.  A student claims, however, that an assistant principal used images from his laptop to punish him for activities at home.  The student claims that the administrator mistook Mike & Ike candy on his home desk for drugs.  With this example, the Big Brother metaphor seems so utterly apt.

  February 24, 2010 at 7:14 am   Posted in: Privacy, Privacy (Consumer Privacy), Privacy (Electronic Surveillance), Technology, Uncategorized  Print This Post Print This Post   No Comments

Boyden on Google Buzz and COPPA

posted by Danielle Citron

Guest blogger Professor Bruce Boyden has terrific insights on all things technology and law and so I invited him to comment on the Children’s Online Privacy Protection Act and its impact on the Google Buzz phenomenon.  So here is Professor Boyden:

Thanks, Danielle, for inviting me to expand on my comment yesterday on your post on the Google Buzz story. Google Buzz has been obviously been all over the news lately, in part for various complaints about Google’s privacy practices. Those complaints have focused on the way in which Buzz, enrollment in which was automatic for Gmail users, initially defaulted to effectively sharing users’ email contacts with the public. EPIC has filed a complaint with the FTC arguing that this combination of automatic enrollment and “opt-out” of information-sharing was an unfair or deceptive trade practice in violation of Section 5 of the FTC Act.

But that’s not what caught my attention in Danielle’s post. What really set off alarm bells in my head was Danielle’s recounting how her children and their friends, all under the age of 13, suddenly had their Gmail accounts turned into Google Buzz accounts,  and then proceeded to upload all sorts of information about themselves using the service. That raises the prospect that Google Buzz, by collecting such information without getting the appropriate parental consent, violated the Children’s Online Privacy Protection Act, or COPPA. I haven’t seen any discussion of this issue anywhere else.

COPPA is one of the few privacy statutes with real bite: it has strict rules that require substantial effort to follow, and the FTC has shown itself to be a vigorous enforcer. Indeed, the FTC has gone after two social networking sites for COPPA violations recently, and in one case imposed a fine of $1 million. So is Google violating COPPA? The answer is unclear but there’s definitely risk for Google here.

COPPA regulates the online collection of information from children under the age of 13. It applies to two classes of websites: those that have “actual knowledge” that they are collecting information from children, and those that are “directed to children.” If a website in either category is going to collect personally identifiable information (PII) from children, it first has to get “verifiable consent” from a parent. The FTC uses a “sliding scale” to determine what sort of verifiable parental consent is required; for information that is going to be publicly disclosed, as here, the FTC’s COPPA regulations require something like a mail-in form or a credit card. Read the rest of this post »

  February 17, 2010 at 9:34 am   Posted in: Architecture, Cyber Civil Rights, Cyberlaw, Privacy, Privacy (Consumer Privacy), Social Network Websites, Technology, Web 2.0  Print This Post Print This Post   One Comment

Links and short thoughts on Amazonfail

posted by Kaimipono D. Wenger

Deven has already mentioned Amazonfail, in which Amazon temporarily delisted all MacMillan books — one-sixth of its inventory — because of a disagreement over Kindle pricing. (MacMillan was tired of Amazon using its books as a loss leader to get folks to buy Kindles).

It’s been interesting to read over folks’ analyses. The best overview comes from Scalzi, who lists seven ways that this was a complete fail on Amazon’s part. There’s also very good analysis from Cory Doctorow; another very good analysis from Tobias Bucknell; yet another very good analysis from Scott Westerfield (and there are more good analyses out there); a funny photoshopped picture at Engadget; and of course calls for revolution from a variety of folks, such as Tobias Bucknell.

At the end of the day, I’m thinking that the critics were right. Amazon apparently can’t be trusted not to do really stupid things, which may seriously harm readers and authors (and publishers with whom Amazon is squabbling). Amazon’s move was really stupid, and puts a major dent in their credibility. I can’t speak for everyone, but I can say that I read a variety of MacMillan titles, and I own a Kindle — and following this whole kerfuffle, I’m seriously thinking about Apple’s new feminine-products device.

  February 6, 2010 at 3:52 pm   Posted in: Amazon, Articles and Books, Technology  Print This Post Print This Post   2 Comments

The Secret Behind Amazon and Macmillan’s Fight: Google?

posted by Deven Desai

Many may know about the fight between Amazon and Macmillan publishing. Yes it is about e-books and pricing, and the death of an industry, the death of print, and heck throw in Death in Venice if you like. But the real move may have been to highlight something else Amazon is quite worried about: Google and the Book Settlement.

Would Amazon really refuse to carry all books from one of the largest publishers in the Untied States? As my friend John Scalzi pointed out (He was one of the first to notice the move, because his publisher is part of Macmillan, and his fans asked him why his books were not available almost immediately after Amazon’s move.), Amazon waited until late Friday to remove the Macmillan books. John thought that the timing was probably designed to mitigate any negative responses that might go Amazon’s way. I think John was correct, but I think this statement reveals a perhaps bigger reason for the bluff:

“We have expressed our strong disagreement and the seriousness of our disagreement by temporarily ceasing the sale of all Macmillan titles,” Amazon said. “We want you to know that ultimately, however, we will have to capitulate and accept Macmillan’s terms because Macmillan has a monopoly over their own titles, and we will want to offer them to you even at prices we believe are needlessly high for e-books.”

Just to repeat it: “Macmillan has a monopoly over their own titles, and we will want to offer them to you even at prices we believe are needlessly high for e-books.” Where else does monopoly and books arise? Ah yes, when Amazon (and others) opposes the Google Book Settlement.

I think this move provides an interesting, concrete example that will be offered to argue that the GBS will provide Google with power equal to or greater than Macmillan’s. The question is, if it is a monopoly as Amazon claims, why aren’t folks attacking all major publishers? Amazon may argue that Google will have a unique position in the e-book market, but those claims require more details if one is to sort them properly.

  February 3, 2010 at 4:17 pm   Posted in: Cyberlaw, Google & Search Engines, Intellectual Property, Technology  Print This Post Print This Post   No Comments

BRIGHT IDEAS: Helen Nissenbaum’s Privacy in Context: Technology, Policy, and the Integrity of Social Life

posted by Danielle Citron

I’d like to second Dan’s enthusiasm for Helen Nissenbaum’s newest book, Privacy in Context: Technology, Policy, and the Integrity of Social Life (Stanford University Press 2009).  Privacy in Context is engrossing and important, and, lucky for us, I had a chance to interview Professor Nissenbaum about the book, her scholarship, and her thoughts on the future of privacy.  First, let me tell you a bit about Professor Nissenbaum.  Then, I will reproduce our interview below.

Helen Nissenbaum is Professor of Media, Culture and Communication, and Computer Science, at New York University, where she is also Senior Faculty Fellow of the Information Law Institute.  Her areas of expertise span social, ethical, and political implications of information technology and digital media. Nissenbaum has written extensively in journals of philosophy, politics, law, media studies, information studies, and computer science and has written and edited four books (including the book we highlight today).  She has also authored several important studies of values embodied in computer system design, including search engines, digital games, and facial recognition technology.

DC:  Why did you write this book?

HN:  I had published a series of articles on how privacy, conceptually and in practice, had been challenged by IT and digital media. Although, initially, these had been mainly critical in tone, for example, demonstrating how “privacy in public” exposed glaring weaknesses not only in predominant understandings of privacy but in approaches law and regulation, as well, they ultimately yielded the substantive idea of privacy as a claim to appropriate flows of personal information within distinctive social contexts, modeling this idea in terms of contextual integrity and — what I call in the book — “context-relative informational norms.” IT systems and digital media are often felt as privacy threats because they are disruptive of entrenched flows, they violate norms.

With these articles in far-flung journals, I realized it would be hard, if not impossible, for anyone to pull the whole argument together, to recognize the problems in certain other approaches and how contextual integrity addressed some of these. A book would consolidate these works into a coherent whole in what I imagined it would be the work of a mere few months — an extravagant miscalculation, of course.

While collaborating with colleagues from the PORTIA project (Adam Barth, Anupam Datta, and John Mitchell) to develop a formal expression of contextual integrity (in linear temporal logic), I came to realize that it needed significant sharpening. Further, it became increasingly clear that the theory needed a far more robust and fleshed out prescriptive (or normative) dimension, which I had only briefly sketched in the Washington Law Review article. This component would be absolutely essential to the success of contextual integrity as a whole, if the theory was to have moral “teeth.” And, of course, the longer I worked the larger the field became, more cases with which to reckon, more outstanding work to take into consideration. Mere months became a couple years.

DC:  What for you are the most pressing concerns that the book addresses.

HN:  Among the most pressing for me were:

First, to demonstrate that the private-public distinction, as useful as it may be in other areas of political and legal philosophy, is a terrible dead-end for conceptualizing a right to privacy and for formulating policy. In my view, far too much time has been wasted deciding whether this or that piece of information is private or public, whether this or that place is private or public, when, in fact, what ultimately we care about is what constraints ought to be imposed on the flows of this or that information in this or that place. We could make much more rapid progress addressing urgent privacy questions if we addressed the latter questions head-on instead of tying ourselves in knots over the former.

Second, to challenge the definition of privacy as control over information about oneself, which dominates policy realms, even if not to that extent in academia. The trouble with this definition is that it immediately places privacy at odds with other values, conceived as more pro-social. If the right to privacy is the right to control then of course it must be moderated, traded-off, compromised for the general good!  Moreover, it not even clear that control offers the best protection to the subject. Imagine, for example, if all that stood between individuals and access to their complete health records was subject consent and place these individual in a situation where a job, or mortgage, the chance to win the lottery, … hung in the balance. Fortunately, U.S. law recognizes that we need substantive constraints on information flow in certain areas – contexts – of life and though critics have pointed out many weaknesses in the letter of these laws, I believe the approach is dead right. Read the rest of this post »

  January 18, 2010 at 11:04 am   Posted in: Architecture, Articles and Books, Bright Ideas, Privacy, Technology  Print This Post Print This Post   3 Comments

Penalty Clauses and the Nexus One

posted by Dave Hoffman

nexus-one-europeTech blogs are astir today at the fine print in Google’s Nexus One’s terms of sale. Turns out, if you buy a subsidized phone through google and cancel your phone contract “early”, not only must you pay a fee to the carrier, but google also wants you to pay it the difference between the list price of the phone and the sale price.

“You agree to pay Google an equipment subsidy recovery fee (the “Equipment Recovery Fee”) equal to the difference between the full price of the Nexus handheld device without service plan and the price you paid for the Nexus handheld device if you cancel your wireless plan prior to 120 days of continuous wireless service. For example, if the full price of the Nexus handheld device without service plan was $529 USD and the price you paid for the Nexus handheld device was $179 USD with a service plan, the Equipment Recovery Fee you pay will be $350 USD in the event you cancel within the first 120 days of carrier service . . . You authorize Google to charge the Equipment Recovery Fee directly to your credit card, or other payment method used to purchase the Nexus handheld device, upon cancellation of your wireless plan . . .

You agree that the Equipment Recovery Fee is not a penalty but is for liquidated damages Google will incur as a result of such cancellation. These damages may include, but are not limited to, loss of compensation and administrative costs associated with such cancellation or changing of wireless service provider(s), market changes, and changes in ownership. Please note that the Equipment Recovery Fee is imposed by Google and not your chosen carrier and is in addition to any early termination fees that may be charged by your chosen carrier in connection with termination of your wireless plan prior to fulfillment of your chosen carrier’s service agreement term.”

Notwithstanding the language of agreement that this is a liquidated damages clause, I’m pretty sure that customers could legitimately challenge this fee in court as a penalty .  As many have noted, customers will end up paying more in termination fees than the cost of the phone (since both google and the carrier can charge in this model).  As we all know, liquidated damages must be either a fair estimate of an uncertain harm, or be relatively close to the actual damages suffered by the promisee.  The harm here isn’t at all uncertain, and I don’t think that charging more than the sales price constitutes a good measure of the seller’s actual damages.  Notably, we can’t simply use the difference between list price and sales price as the lost expectation, since the sales price is inflated by the business model (sort of like health care costs charged by hospitals).

The collection method that google built into contract here is also a problem.  It’s a form of self-help which customers ought to be able to challenge with their credit card companies.  Indeed, the clause is so riddled with obvious legal issues that I started to wonder whether google wrote it seeking to take advantage of behavioral research suggesting that liquidated damages clauses change individuals’ feelings about breach.  What do you think?  Is google’s new slogan “Don’t be evil.  But if you must be evil, be really good at it?”


  January 15, 2010 at 3:02 pm   Posted in: Behavioral Law and Economics, Consumer Protection Law, Contract Law & Beyond, Technology  Print This Post Print This Post   19 Comments

Timothy B. Lee’s “Google Attacks Highlight the Importance of Surveillance Transparency”

posted by Deven Desai

The Google China news deserves some thought for a range of reasons. The questions about democracy, censorship, and more that swirled around Google and China’s relationship are important. One issue that is easily lost is the relationship between the claimed reasons for Google’s leaving China and policies about surveillance. My colleague at CITP, Timothy B. Lee, wrote an excellent piece at Freedom to Tinker about this issue. Ordinarily I would summarize and point folks to the post. It captured my attention so much, however, that I asked Tim whether I might repost it in full here. I am happy that he has agreed.

Google Attacks Highlight the Importance of Surveillance Transparency

by Timothy B. Lee

Ed posted yesterday about Google’s bombshell announcement that it is considering pulling out of China in the wake of a sophisticated attack on its infrastructure. People more knowledgeable than me about China have weighed in on the announcement’s implications for the future of US-Sino relations and the evolution of the Chinese Internet. Rebecca MacKinnon, a China expert who will be a CITP visiting scholar beginning next month, says that “Google has taken a bold step onto the right side of history.” She has a roundup of Chinese reactions here.

One aspect of Google’s post that hasn’t received a lot of attention is Google’s statement that “only two Gmail accounts appear to have been accessed, and that activity was limited to account information (such as the date the account was created) and subject line, rather than the content of emails themselves.” A plausible explanation for this is provided by this article (via James Grimmelmann) at PC World:

Drummond said that the hackers never got into Gmail accounts via the Google hack, but they did manage to get some “account information (such as the date the account was created) and subject line.”

That’s because they apparently were able to access a system used to help Google comply with search warrants by providing data on Google users, said a source familiar with the situation, who spoke on condition of anonymity because he was not authorized to speak with the press.

Obviously, this report should be taken with a grain of salt since it’s based on a single anonymous source. But it fits a pattern identified by our own Jen Rexford and her co-authors in an excellent 2007 paper: when communications systems are changed to make it easier for US authorities to conduct surveillance, it necessarily increases the vulnerability of those systems to attacks by other parties, including foreign governments.

Rexford and her co-authors point to a 2006 incident in which unknown parties exploited vulnerabilities in Vodafone’s network to tap the phones of dozens of senior Greek government officials. According to news reports, these attacks were made possible because Greek telecommunications carriers had deployed equipment with built-in surveillance capabilities, but had not paid the equipment vendor, Ericsson, to activate this “feature.” This left the equipment in a vulnerable state. The attackers surreptitiously switched on the surveillance capabilities and used it to intercept the communications of senior government officials.

It shouldn’t surprise us that systems built to give law enforcement access to private communications could become vectors for malicious attacks. First, these interfaces are often backwaters in the system design. The success of any consumer product is going to depend on its popularity with customers. Therefore, a vendor or network provider is going to deploy its talented engineers to work on the public-facing parts of the product. It is likely to assign a smaller team of less-talented engineers to work on the law-enforcement interface, which is likely to be both less technically interesting and less crucial to the company’s bottom line.

Read the rest of this post »

  January 15, 2010 at 2:05 pm   Posted in: Criminal Procedure, Google & Search Engines, Privacy (Electronic Surveillance), Privacy (Law Enforcement), Technology  Print This Post Print This Post   2 Comments

Double Serendipity: Danielle Allen and the Institute for Advanced Study’s Sympoium on Technology and Education

posted by Deven Desai

One thing that Dan Burk, Mike Madison, Dan Solove, and a few others told me as I started my academic career was that it was important to read, read, read; attend conferences; and engage with other professors about their work. With that base one slowly but surely develops better material and grows a network of colleagues who will be able to let you know where you work is strong and where it needs improvement. I took that idea to mean go ahead and contact folks when you have something to say.

Just before I heard that I was going to be at Princeton, I contacted an old friend, Danielle Allen because some of her work on democracy and rhetoric caught my attention. Danielle and I had attended K-8 grades together but lost touch after that. It turns out that she just had seen my name in the acknowledgment section of one of Dan Solove’s books and wondered whether that was the same person she knew. It was. Danielle is at the Institute for Advanced Studies here in Princeton. We caught up over lunch, had a great time, and I learned about her work at IAS. One of her projects is the The Dewey Seminar: Education, Schools and the State, which she co-organized with Rob Reich. Here is the scope of the project:

Every society and political regime develops educational institutions and practices that substantially shape its evolution, revolutions, and stabilization over time. The Dewey Seminar will explore the interrelationships among education, justice, schools, and the state. Because of the centrality of education to the continuity of sociopolitical orders, its analysis embraces virtually all the social sciences. A significant number of the School’s Members this year will pursue work related directly to this theme-from exploring how diverse educational practices are linked to specific political orders to studying contemporary pressures on education and its capacity to support democratic political systems.

In 1916 the philosopher John Dewey published Democracy and Education: an introduction to the philosophy of education. He sought an account of education that could enable human flourishing both individually and collectively for democratic citizens. Our seminar takes its inspiration from his aspirations.

Anyone interested in these topics should go to the Seminar’s home page and check the participant list.

The seminar has various components one of which is a symposium series with practitioners. At lunch, Danielle mentioned that the January symposium is on Technology and Education. The people involved and their projects to use technology to generate real change in education are ambitious and inspiring. I will be attending and thinking about how these ideas connect to IP as a barrier to innovation, the Google Book deal, and where a combination of law and technology might be able to break through current problems in technology and education. In short, I have caught up with an old friend, and I get to hear leaders in their fields talk about the promises and challenges of technology and education. It is a great start to the new year, and I am grateful to those who were part of my enjoying a little double serendipity.

  January 14, 2010 at 8:52 am   Posted in: Conferences, Education, Technology  Print This Post Print This Post   No Comments

Understanding Privacy, A Book Review

posted by Danielle Citron

My colleague Leslie Meltzer Henry and I just posted, on SSRN, our piece Visionary Pragmatism and the Value of Privacy in the Twenty-First Century, 108 Michigan Law Review (forthcoming 2010), a book review of Dan Solove’s Understanding Privacy.  Although we have a tight timeline for editing, we would love feedback on it.

  January 5, 2010 at 1:06 pm   Posted in: Articles and Books, Legal Theory, Privacy, Technology  Print This Post Print This Post   No Comments

A “Content Loss Ratio” for Cable Companies?

posted by Frank Pasquale

I’ve been following the debate over ala carte cable TV pricing, and the recent Fox/Time Warner showdown has put it back in the news. Brian Stelter’s NYT article on the topic reveals some interesting revenue figures in the cable industry:
Read the rest of this post »

  January 4, 2010 at 7:23 pm   Posted in: Consumer Protection Law, Culture, Cyberlaw, Economic Analysis of Law, Law and Inequality, Media Law, Technology  Print This Post Print This Post   One Comment

Managing Global Data Privacy

posted by Danielle Citron

Privacy Clearinghouse reports that over 341 million records of sensitive personal information have been leaked, hacked, or otherwise compromised since 2005.  It lists data leaks by the responsible entity and total number of released records.  Most recently, on December 17, 2009, the North Carolina Library System’s central server in Raleigh suffered a security breach, resulting in the release of 51,000 drivers license numbers and Social Security numbers.  On December 18, 2009, the Dickinson School of Law discovered that a computer containing 261 Social Security numbers from an archived class list had been “infected with malware that enabled it to communicate with an unauthorized computer outside the network.”

Privacy Clearinghouse helps us identify easy privacy breach cases, i.e.,  those 1151540_digicity_1involving easily identifiable, static sources such as infected computers, hacked servers or centralized databases, stolen flash drives, and the like.  Yet as privacy scholar Paul Schwartz highlights in an important new study entitled Managing Global Data Privacy: Cross-Border Information Flows in a Networked Environment, privacy problems increasingly involve a much more complex set of circumstances.

As Schwartz’s study explains, in the recent past, companies largely maintained localized data sets and processes.  A data transfer usually occurred at a predictable moment and into databases controlled by a single entity.  In the present, however, international data flows occur continuously in a “multi-directional fashion” through the globe and involve a multitude of entities.  As Schwartz thoughtfully explores, networked technologies, such as cloud computing, change a firm’s Coasean “make or buy” decisions in innovative ways.  Functions and operations can now be “packaged as modular units that can be pulled apart and re-assembled.”  Data flows can be “de-aggregated and de-coupled to allow companies to develop novel business approaches to operations and activities.”

Exciting as these developments may be, they complicate privacy and security protections afforded dynamic data flows.  Schwartz’s case studies reflect that firms take data privacy and security seriously.  We have seen a professionalization of corporate data protection.  Companies now have Chief Privacy Officers and Chief Information Officers.  Although the study offers a number of important insights, it emphasizes the adoption of accountability principles to protect privacy and data security of global data flows.  This seems a wise move and one worth tracking.

  January 3, 2010 at 11:29 am   Posted in: Cyberlaw, Privacy, Technology, Web 2.0  Print This Post Print This Post   No Comments

Recognizing Bottlenecks on the Net

posted by Frank Pasquale

Adam Raff’s editorial on “search neutrality” in the NYT today has already provoked critical commentary and schadenfreude. But I found the editorial both informative and compelling. Principles of search neutrality are bound to be more complex than the network nondiscrimination rules made notable in the net neutrality debate. But we must realize (as forward-thinking cyberlaw activists like Sherwin Siy do) that “bottlenecks” at any layer of the internet—physical, social, applications, or content—can be problematic.
Read the rest of this post »

  December 28, 2009 at 5:46 pm   Posted in: Cyberlaw, Google & Search Engines, Technology  Print This Post Print This Post   11 Comments

Cell Phones, Dogs, and Prisons: A Better Policy Is Needed

posted by Deven Desai

I call friends and family during the holidays. For me, unlike email and social networking options, talking to someone is a more intimate and fun experience. Regardless of how one “reaches out and touches someone” as AT&T used to say, it is easy to take the ability to do so for granted. As I thought about how much I rely on being able to connect with those close to me, I remembered how to manage the way in which inmates can communicate with the outside world poses some challenges. There is evidence that crimes are planned when inmates have cell phones and other means of communication. Yet, there are benefits to letting inmates have better ability to communicate with family and counsel. Unfortunately, the press about the problem has been a bit inflammatory, and one of article buried the real solution: fix the market for communication by inmates. When land line calls from prison cost hundreds of dollars a month, it may not be surprising that a black market for cell phones arises and may cause more problems than the ban on cell phones prevents.

There is a plausible argument for the ban on cell phones in prison. According to an article about Florida’s acquisition of a second cell phone sniffing dog (yes, a dog that can smell whether one has a cell phone): “Inmates can use phones for a variety of purposes, none of them good, corrections officials say. Among the most worrisome: using cell phones secreted behind bars to contact former associates on the outside to keep criminal operations going – something that’s far more difficult to do on monitored land lines.” Even Wired seems to agree that cell phones in prison are a problem and recently ran an article entitled “Prisoners Run Gangs, Plan Escapes and Even Order Hits With Smuggled Cellphones.” Yet, these perspectives seem to miss some key points about why these problems occur.

Before law and order screeching begins, let me be clear. I do not think letting prisoners have easy means to perpetuate bad acts is a good thing. And I do not doubt that some prisoners, maybe even many, use phones for all sorts of nefarious deeds. Nonetheless, one may want to ask why the incredible demand for cell phones? For example, according to Wired, “One California officer told investigators he made more than $100,000 in a single year selling phones.” Now prisons are investing in special dogs and expensive cell signal detectors. Some want the Federal government to allow cell jamming.

As the Wired article finally admits, “While the squabbling continues, what might be the most effective way of cutting illicit phone use is largely ignored: making it easier for inmates to place calls legally.”

As the article explains:

[I]nvestigations have established that most calls placed on contraband mobiles are harmless—just saying hi to family and friends. Whatever their crimes, most convicts have parents, children, and others they’re desperate to stay in touch with. Letters are slow, and personal visits often involve expensive, time-sucking travel. Some prisons have public phones for making collect calls, but access is limited, conversations are often monitored, and phone companies often charge much higher rates than on the outside.

And there is the problem. As a friend of mine informed me, even calling one’s counsel is difficult and quite expensive. I am not sure who is at fault, but either the prisons or the phone companies have set up system that costs so much money, one cannot be surprised that smuggling cell phones makes sense. One person ended up spending $800 a month to make land line calls. In an era of flat rate bills that is ridiculous.

Furthermore, the Wired article notes that letting prisoners have better connections with their families helps society in general because:

Read the rest of this post »

  December 27, 2009 at 8:55 am   Posted in: Criminal Law, Politics, Privacy, Privacy (Electronic Surveillance), Privacy (Law Enforcement), Technology  Print This Post Print This Post   One Comment

Open Information, Open Government, and Better Nutrition: A Possibility To Explore

posted by Deven Desai

Starbucks FritterWhat if you could easily track and the nutrition information for the food you or your kids ate? As open government and open standards increase their success, I have begun to wonder about the nature of labels and commercial information. The recent shift in New York to requiring that food have calorie labels seemed like it should have helped people limit their impulse to buy empty calorie foods. I know of several iPhone apps and online services that offer ways to track calories and additional nutrition data. People who use those types of apps would want more and better information. One could track cholesterol, sugar, and other vital statistics that the New York labels do not seem to offer up front. All of which made me think that this could be a great moment for open government and information.

I am not sure what the rules regarding food labels are. But given that most foods now bear rather rich nutrition information, it seems that the FDA or some other part of government should have a depository for what companies claim their products contain. If so, the government should make that information available in an open format (a la Government Data and the Invisible Hand). After that app providers and websites could pull that data so one could more easily track what one ate to stay on a diet and/or provide doctors with a better sense of what might be causing cholesterol or diabetes issues. In addition, as the country faces obesity problems, a public interest group might be able to build tools for school foods. That tool could allow parents to see not just what the menu was, but the nutritional value of the food in a real way. Communities could better argue about the food quality and costs than they do now. I think that all of these benefits and more might be unleashed with open data and information tools. I am certain there are important questions about this idea that I may have missed. Please share constructive comments about the idea. The more people who tinker with the plan, the better it could be.

PS For those interested in some related reading, Margaret Chon’s article Marks of Rectitude is an excellent study of the intersection between trademarks, certification marks, and the desire to signal sustainability and/or social responsibility. It asks “Can marks of rectitude bear the weight of the various goals that have proliferated in the global regulatory marketplace?”

  December 23, 2009 at 12:53 pm   Posted in: Administrative Law, Health Law, Technology  Print This Post Print This Post   2 Comments

Privacy and Facebook: Give a Little Here, Take a Little There?

posted by Danielle Citron

Over the past year, Facebook has seemed more protective of privacy than ever before.  Its fan pages for government entities and businesses exemplified an exciting new way that technology can enshrine privacy into its architecture.  Facebook fan pages resemble one-way mirrors (or sorts), permitting individuals to provide feedback to government agencies and bFacebookusinesses and to gain insight into those entities’ worlds while forbidding those entities from peering back into their fans’ personal profiles.  This encourages civic engagement while eliminating concerns that fans’ social media data will be used for purposes that individuals’ would not endorse, such as law enforcement, immigration matters, etc.   In a forthcoming piece in the George Washington Law Review, I credit Facebook as a privacy norm entrepreneur for building fan pages and urge sites like MySpace to follow Facebook’s lead.  Doing so might even enhance user loyalty if stories emerge regarding government’s misuse of social media data from competitors’ sites.

Facebook’s launch of its new privacy settings this week, however, dampened my enthusiasm about its role as a privacy change leader.  To be sure, Facebook should be credited for explaining consumers’ choices more clearly with its new privacy settings.  But unfortunately they tend to push users to share more information, more widely, than the previous settings.  They also don’t provide a default setting that would permit more granular privacy choices vis-a-vis one’s social relationships.  Unless users take the time to customize particular postings (i.e., each time they write a wall post, upload a picture, etc.), privacy settings provide broad accessibility to wall postings, photos, etc. (to everyone as a default matter now) rather than permitting users to choose which friends can see those materials as a default matter.  This matters because users tend not to change default settings, a particularly likely result as users access Facebook via their PDAs and cellphones.

Granular default settings would more appropriately accord with our lived experiences.  Indeed, this is precisely the point that Dan Solove makes in The Future of Reputation: because our social relationships are nuanced and our levels of comfort in sharing information varies depending on the particular relationship, privacy settings should allow us to map those differences and honor them.  Although some note that the new privacy settings make it harder to preserve privacy (that may be true or untrue, I trust that social network experts like Dan, James Grimmelmann, and Bill McGeveran will drill down on that issue), my great disappointment is that the new privacy settings failed to introduce more granularity as a default matter–a missed opportunity indeed.  So Facebook has given us much with fan pages and not much more with its new privacy settings.  But let’s be thankful for what we did get, it’s the holiday season after all.

UPDATE:  Logical Extremes has a superb list of links for those interested in finding out more about the privacy implications and dangers of the new privacy policy.  Thanks to Bruce Boyden for helping me sort out these issues.

  December 11, 2009 at 7:04 am   Posted in: Privacy, Social Network Websites, Technology  Print This Post Print This Post   7 Comments

Facebook: Taking Out the Free in Free Expression

posted by Danielle Citron

As so many warn (and warn to no avail), self-expression on social network sites can be costly.  CBC News recently reported that an employer’s insurance company cut a Quebec employee’s long-term sick leave benefits after seeing photographs on the employee’s Facebook page.  The employee had been on leave from her job at IBM for a year and a half after being diag1211887_on_the_beach_2nosed with major depression.  The employee posted pictures of herself having a good time at a bar on her birthday and enjoying the beach while on vacation.  The insurance company investigated the woman’s Facebook page after she told her insurer about her trip.  The employee explained that her doctor advised her to have fun to combat the depression.  But that apparently did little to convince the insurer that the employee still struggled with depression.  This case demonstrates the problem of de-contextualization in our digital lives.  A strong argument exists that the insurer took pictures out of context when terminating the woman’s benefits.  This is just the kind of privacy problem that Dan Solove so astutely tackles in Understanding Privacy and urges a contextual, pragmatic approach to address it.

Not only do insurers (and employers) hold our Facebook musings against us, but government employers can as well.  As Helen Norton’s superb article Constraining Public Employee Speech: Government’s Control of its Workers’ Speech to Protect its Own Expression (59 Duke L.J. 1 (2009)) explores, government employees can be fired for off-duty online speech on the grounds that the public would associate the employee’s off-duty expression with the government entity that employed him.  For instance, the Ninth Circuit rejected a First Amendment challenge by a police officer who had been fired for maintaining a sexually explicit website featuring his wife even though the website never referred to law enforcement generally or the plaintiff’s employment specifically.  The court explained: “it can be seriously asked whether a police officer can ever disassociate himself from his powerful public position sufficiently to make his speech (and other activities) entirely unrelated to that position in the eyes of the public and his superiors. . .  . the sleazy activities [of plaintiff and his wife] could not help but undermine [the public's] respect” for the police department.  Given the current state of First Amendment doctrine, it seems possible that government employers could fire employees for participating in Facebook groups with unpopular viewpoints on the grounds that such support would undermines the public’s respect for the particular government employer (the Facebook groups supporting Nazi ideology and Holocaust denial come to mind).  Norton elegantly addresses the value of government speech and that of its employees and, like Solove, prefers a contextual approach that honors First Amendment values and employees’ expressive autonomy.

Hat tip: Raymond Cha

  November 30, 2009 at 4:12 pm   Posted in: First Amendment, Privacy, Privacy (Consumer Privacy), Privacy (Gossip & Shaming), Privacy (Medical), Technology, Uncategorized  Print This Post Print This Post   One Comment

Google, The Good: Free Law!

posted by Deven Desai

Although I have used this space to question the Google Book Deal, I do not think that all The Google does is bad. Indeed, the fundamentals of where the Google Book Deal began were good. And now, as some of you may know, Google is trying to go where no one has gone (successfully as far as I can tell) before. Yes, as of last week, The Google is

enabling people everywhere to find and read full text legal opinions from U.S. federal and state district, appellate and supreme courts using Google Scholar. You can find these opinions by searching for cases (like Planned Parenthood v. Casey), or by topics (like desegregation) or other queries that you are interested in. For example, go to Google Scholar, click on the “Legal opinions and journals” radio button, and try the query separate but equal. Your search results will include links to cases familiar to many of us in the U.S. such as Plessy v. Ferguson and Brown v. Board of Education, which explore the acceptablity of “separate but equal” facilities for citizens at two different points in the history of the U.S. But your results will also include opinions from cases that you might be less familiar with, but which have played an important role.

I like the premise that Google wants to “empower the average citizen by helping everyone learn more about the laws that govern us all.” And I was interested to see that the pagination seems to be accurate. As Google improves features such as signaling whether a case has been overruled (the citation history is there but I was not sure that one could easily tell what a case’s status was in a Shepperd’s or Key Cite way), and improves search so that one can target a document as well as one can on Westlaw or Lexis (which at this stage seem to be still superior to Google’s offering), the service may be a threat to the pay services.

So why would Google offer this service? It may be a commitment to openness. It may be a play for value-added services for a fee for those who currently use Westlaw or Lexis. Or it may be that studying how law and policy folks search a discrete body of text to find specific items will provide a great testbed for improving search in general. My bet is that it is a combination of the above is at work, with the last reason being the strongest. This quote explains why.

we were struck by how readable and accessible these opinions are. Court opinions don’t just describe a decision but also present the reasons that support the decision. In doing so, they explain the intricacies of law in the context of real-life situations. And they often do it in language that is surprisingly straightforward, even for those of us outside the legal profession. In many cases, judges have gone quite a bit out of their way to make complex legal issues easy to follow.

I often tell students to beware of opinions because they fail to live up to the view Google has of opinions. That being said, some opinions match Google’s view. To me, Google called out the language, because Goolge is interested in how a set of information is constructed, can be mapped, and mined. Legal opinions have some set rules that probably make them highly useful to those interested in search and I think the area of computer science called machine learning.

I must, as always, note the privacy issues that arise whenever online searches for information in sensitive topics occurs. Individuals may need to be cautious and lawyers seeking to save money may, I stress may, need to think about confidentiality issues. I don’t think that letting someone know you read a case or searched for information about a legal topic, necessarily runs afoul of the rules. Still, as it becomes easier to connect dots, one might find a group of lawyers who think that such searches for clients pose problems.

  November 23, 2009 at 2:52 pm  Tags: Google Law, Google Scholar, Lexis, Westlaw  Posted in: Google & Search Engines, Technology  Print This Post Print This Post   3 Comments


  • « Older Entries

Authors

Daniel J. Solove
Kaimipono Wenger
Dave Hoffman
Nate Oman
Frank Pasquale
Deven Desai
Danielle Citron
Lawrence Cunningham
Sarah Waldeck
Jaya Ramji-Nogales
Solangel Maldonado
Gerard Magliocca

Guests

Robert Ahdieh
Lisa Fairfax
Michelle Harner
Sherrilyn Ifill
Angela Onwuachi-Willing
Tuan Samahon
Alfred Yen










Previous Guests

Michael Abramowicz
Michelle Adams
Robert Ahdieh
Michelle Anderson
Laura Appleman
Ann Bartow
Adam Benforado
Francesca Bignami
Jeremy Blumenthal
Kathleen Boozang
Bruce Boyden
Donald Braman
Al Brophy
Neil H. Buchanan
Bill Burke-White
Scott Burris
Paul Butler
Naomi Cahn
Anupam Chander
Miriam Cherry
Jack Chin
Jennifer Collins
Thomas Crocker
Allison Danner
Brannon Denning
Deven Desai
Mike Dimino
Mark Edwards
David Fagundes
Christine Haight Farley
Kim Ferzan
Dan Filler
Michael Froomkin
Amanda Frost
Timothy Glynn
Rachel Godsil
Eric Goldman
David Gray
Craig Green
Tristin Green
Jeffrey Harrison
Erica Hashimoto
Carissa Hessick
Laura Heymann
Robert Hillman
Christine Hurt
Darian Ibrahim
John Ip
Kevin Johnson
Kristin Johnson
Dan Kahan
Jeffrey Kahn
Brian Kalt
Sam Kamin
Michael Kang
Chimène Keitner
Orin Kerr
Nancy Kim
Heidi Kitrosser
Adam Kolber
Russell Korobkin
Alex Kreit
Anita S. Krishnakumar
Susan Kuo
Greg Lastowka
Sarah Lawsky
Erik Lillquist
Jeff Lipshaw
Jonathan Lipson
Jacqueline Lipton
Joseph Liu
Michael Madison
Solangel Maldonado
Jason Mazzone
Linda McClain
William McGeveran
Salil Mehra
Carrie Menkel-Meadow
Max Minzner
Viva Moffat
Scott Moss
Eric Muller
Jaya Ramji-Nogales
Helen Norton
Elizabeth Nowicki
Paul Ohm
Michael O'Shea
David Opderback
Kristen Osenga
Rafael Pardo
Marcy Peek
Eduardo Peñalver
Robert Percival
David Post
Shruti Rana
Geoffrey Rapp
Neil Richards
Lori Ringhand
Alice Ristroph
Susan Scafidi
Paul Secunda
Jonathan Siegel
Jessica Silbey
Peter Smith
Adam Steinman
Charles Sullivan
Rick Swedloff
Steph Tai
Andrew Taslitz
Robert Tsai
Jenia Turner
Steve Vladeck
Spencer Weber Waller
Howard Wasserman
Melissa Waters
Frank Wu
Alfred Yen
Corey Yung
David Zaring
Timothy Zick
Michael Zimmer
Jonathan Zittrain

Ownership

Concurring Opinions is a
general-interest legal blog
operated by Concurring
Opinions LLC, a Pennsylvania
Limited Liability Corporation.

Blogroll

Above the Law
ACS Blog
Althouse
Balkinization
Becker-Posner Blog
BlackProf
BoingBoing
Chicago Law Faculty Blog
Conglomerate
CrimLaw
Crime & Federalism
CrimProf Blog
Crooked Timber
Discourse.net
Dorf on Law
Election Law
Emergent Chaos
The Faculty Lounge
Feminist Law Profs
43(B)log
Freakonomics Blog
Freedom to Tinker
Google Blogoscoped
How Appealing
Ideoblog
Info/Law
Instapundit.com
Juris Novus
Jurisdynamics
Law and Humanities Blog
Law and Letters
Law Librarian Blog
Legal Profession Blog
Legal Theory Blog
Legal Times Blog
Leiter Reports
Brian Leiter's Law School Reports
Lessig Blog
Madisonian Theory
Media Law Blog
Mirror of Justice
The Moderate Voice
National Security Advisors
Opinio Juris
Point of Law
PrawfsBlawg
ProfessorBainbridge.com
Property Prof Blog
Red Tape Chronicles
The Right Coast
Schneier on Security
SCOTUSBlog
Security Dilemmas
Sentencing Law and Policy
Simple Justice
Sivacracy.net
The Situationist
Susan Crawford
TalkLeft
Talking Points Memo
TaxProf Blog
Tech & Marketing Law
Truth on the Market
Volokh Conspiracy
WorkPlace Prof Blog
WSJ Law Blog
Wonkette
The Yin Blog


© Concurring Opinions

Powered by WordPress