Cyberwarfare and the Computer Fraud and Abuse Act
John Thurston As technology proliferates, cyberspace is becoming increasingly polluted with crime targeted at private enterprises. The escalation is the result of ineffective cybercrime laws. Although an international solution may be ideal, no treaty seems imminent. The U.S. government should focus on a more attainable solution in the short-term: amending the Computer Fraud and Abuse Act (CFAA). This Essay considers how revising the CFAA to allow qualified private companies to engage in offensive tactics would alter incentive structures. It concludes that such a revision would be an efficient solution to increase deterrence and reduce cybercrime. Read Full Text Here
Through the Spying-Glass: Data Privacy Concerns Regarding Mobile Spyware Apps
Payton P. Reisinger Spyware app surveillance technologies are rising in popularity for both legitimate monitoring and also to illegally spy on unsuspecting victims. In 2021, the Federal Trade Commission (FTC) issued its first ban of a spyware app, SpyFone, due to deceptive and unfair trade practices and lack of data security provisions. Some call for specific legislation to curb the effects of growing spyware apps, but opponents of regulation claim that legislative efforts will be too restrictive on growing technological industries or the legitimate uses of spyware apps. This Essay agrees with the policy rationale for implementing spyware legislation and...
Mind over Data: A Case for Increased Privacy Protections in Mobile Mental Health Apps
Marian Lemont As mobile mental health apps gain popularity as an emotional support alternative, privacy concerns regarding how consumers’ sensitive health data is handled are at an all-time high. Current federal privacy provisions provide insufficient consumer protection and thus render consumers’ sensitive information vulnerable to unwanted third-party sharing practices. The recently passed California Privacy Rights Act of 2020 (CPRA) includes new provisions governing businesses’ handling and deletion of sensitive user data. This article discusses how these new CPRA provisions provide a helpful framework to begin addressing this regulatory gap and identifies ways future privacy legislation can continue to strengthen mobile...
The Intersection of Product Liability Law and the Internet of Things
Lucas M. Amodio Every year, an increasing number of Internet of Things devices are released. These devices can make our lives easier, but they also make our data, and potentially ourselves, more vulnerable to hackers. The question is no longer theoretical, as many of these devices can have a real impact on the world around them, like a networked sprinkler system that, if hacked, could flood a target’s basement. Going forward, we can look to the current law of product liability and the Federal Trade Commission to protect individuals from harm and loss when these devices might be compromised. Read...
A Vendetta Against Alexa: Privacy Concerns in the Age of the Smart Home
Katherine Minorini A person’s right to privacy is so fundamental that it was written into the United States Constitution under the Fourth Amendment. This right, although protected, is not absolute, especially in circumstances involving voluntary disclosure of information to third parties. Issues arise when the third-party exception to the Fourth Amendment is coupled with the novel capabilities and innovations of the Internet of Things, especially with the smart home. This Essay argues that courts need to adapt their interpretation and application of the third-party doctrine so that information disclosed to and recorded by smart home manufacturers and servers respects Fourth...
Data Privacy Concerns Regarding COVID-19 Contact Tracing Apps and Implications for the Field of Cybersecurity
Elana Lerner Brockmann The COVID-19 public health emergency has led to the development of contact tracing apps that enable governments and public health officials to track outbreaks and take appropriate measures in response. Contact tracing apps also allow individuals to be notified of potential contacts with infected individuals, promoting self-quarantine and reducing further spread of the virus. Although contact tracing apps have the potential to slow and reduce the spread of COVID-19, they have also brought to light data privacy and security concerns, which pose challenges to their overall use and efficacy. Congress should enact legislation to protect consumer data...
Hackback to the Drawing Board: Ambiguity and Risk in the Active Cyber Defense Certainty Act
Robert Andrea Cyber criminals, both state-sponsored and unaffiliated, are targeting private corporations and individuals more frequently. For several years, there have been calls for legislation that would allow private entities to defend themselves in cyberspace by “hacking back” against their attackers. The Active Cyber Defense Certainty Act is a recent proposal to amend the Computer Fraud and Abuse Act to permit private entities to take active defensive measures without exposing themselves to criminal liability. Although a well-intentioned proposal, the bill uses vague language to identify when, and against whom, private entities can take defensive measures. Enabling private entities to begin...
Keeping Private Messages Private: End-to-End Encryption on Social Media
Steven Song Following recent data scandals, online users have become concerned that their private information on the Internet is susceptible to misappropriation. These concerns motivated data privacy regulations such as the General Data Protection Regulation and the California Consumer Privacy Act to ensure better protection against unauthorized access to personal data. Relatedly, Facebook has announced a plan to implement end- to-end encryption (E2EE) for all of its social media messaging systems. E2EE strictly limits access to private messages to the communicating parties. Even the company managing the messaging system cannot access these encrypted conversations. The implementation of E2EE, however, comes...
Resolving US-China IP Disputes Through the WTO: A Legal Alternative to Unilateral Sanctions
Stephen Garvey This article examines the United States’ ongoing trade dispute with China regarding Chinese abuses of American intellectual property rights. The U.S. has filed both a complaint against China before the WTO for violation of the Agreement on Trade Related Aspects of Intellectual Property Rights (“TRIPS”), and simultaneously imposed a series of unilateral sanctions on Chinese goods, in violation of the WTO Marrakesh Agreement. Imposing illegal sanctions while seeking redress from the WTO undermines the legitimacy of the U.S.’ claims and has provoked retaliatory tariffs. As the TRIPS agreement comprehensively covers the dispute in question, the U.S. should scale...
The Growing Concern Regarding US Corporate Trade Secrets
Stephen Anderson Globalization has produced many benefits for United States corporations, but a significant detraction has been the emergence of trade secret theft. As technology advances, trade secret theft has become an even more persistent threat in the general marketplace. There are various ways trade secret theft can occur, but it is increasingly common for the theft to involve cyberspace, especially as these corporations expand into foreign markets. Consequently, Congress has taken a significant interest in curbing trade secret theft, as is evidenced by the various proposals before them today. These proposals offer varying solutions to trade secret theft, which...