Cyberwarfare and the Computer Fraud and Abuse Act
John Thurston As technology proliferates, cyberspace is becoming increasingly polluted with crime targeted at private enterprises. The escalation is the result of ineffective cybercrime laws. Although an international solution may be ideal, no treaty seems imminent. The U.S. government should focus on a more attainable solution in the short-term: amending the Computer Fraud and Abuse Act (CFAA). This Essay considers how revising the CFAA to allow qualified private companies to engage in offensive tactics would alter incentive structures. It concludes that such a revision would be an efficient solution to increase deterrence and reduce cybercrime. Read Full Text Here
Health-Tech Apps: Unclear Regulations and Their Effects on Progress
Emily Dieli The increased emphasis on creating a more streamlined healthcare system in the United States has led to a rise in digital health-tech apps and devices. To protect the privacy of personal health data on these technologies, policymakers have turned towards regulation. The Federal Trade Commission’s (FTC) recent statement on the Health Breach Notification (HBN) Rule has extended the scope of the 2009 regulation to include previously unregulated health-tech entities. Nevertheless, the statement is vague and will have a negative impact on health-tech innovation. Policymakers should consider the implications of their regulations on health-tech progress before making such hasty...
Through the Spying-Glass: Data Privacy Concerns Regarding Mobile Spyware Apps
Payton P. Reisinger Spyware app surveillance technologies are rising in popularity for both legitimate monitoring and also to illegally spy on unsuspecting victims. In 2021, the Federal Trade Commission (FTC) issued its first ban of a spyware app, SpyFone, due to deceptive and unfair trade practices and lack of data security provisions. Some call for specific legislation to curb the effects of growing spyware apps, but opponents of regulation claim that legislative efforts will be too restrictive on growing technological industries or the legitimate uses of spyware apps. This Essay agrees with the policy rationale for implementing spyware legislation and...
Mind over Data: A Case for Increased Privacy Protections in Mobile Mental Health Apps
Marian Lemont As mobile mental health apps gain popularity as an emotional support alternative, privacy concerns regarding how consumers’ sensitive health data is handled are at an all-time high. Current federal privacy provisions provide insufficient consumer protection and thus render consumers’ sensitive information vulnerable to unwanted third-party sharing practices. The recently passed California Privacy Rights Act of 2020 (CPRA) includes new provisions governing businesses’ handling and deletion of sensitive user data. This article discusses how these new CPRA provisions provide a helpful framework to begin addressing this regulatory gap and identifies ways future privacy legislation can continue to strengthen mobile...
The Intersection of Product Liability Law and the Internet of Things
Lucas M. Amodio Every year, an increasing number of Internet of Things devices are released. These devices can make our lives easier, but they also make our data, and potentially ourselves, more vulnerable to hackers. The question is no longer theoretical, as many of these devices can have a real impact on the world around them, like a networked sprinkler system that, if hacked, could flood a target’s basement. Going forward, we can look to the current law of product liability and the Federal Trade Commission to protect individuals from harm and loss when these devices might be compromised. Read...
The Liquidation of Data Privacy: How an Outdated Bankruptcy Code Threatens Consumer Information
Michael R. Akselrad In the modern world, billions of people share personal information online every day, ranging from consumer preferences to biometric and genetic identifiers, leading to the commoditization of user data, the value of which may dwarf the other assets of even large, multinational corporations. In the ordinary course of business, this user data may be kept confidential through such measures as privacy policies, statutory protections, and the reputational backlash facing a company that acts too brazenly with users’ sensitive information. In bankruptcy, however, some of these safeguards are eliminated in the interest of maximizing the value of the...
Data Privacy Concerns Regarding COVID-19 Contact Tracing Apps and Implications for the Field of Cybersecurity
Elana Lerner Brockmann The COVID-19 public health emergency has led to the development of contact tracing apps that enable governments and public health officials to track outbreaks and take appropriate measures in response. Contact tracing apps also allow individuals to be notified of potential contacts with infected individuals, promoting self-quarantine and reducing further spread of the virus. Although contact tracing apps have the potential to slow and reduce the spread of COVID-19, they have also brought to light data privacy and security concerns, which pose challenges to their overall use and efficacy. Congress should enact legislation to protect consumer data...
The Case for the Use of Facial Recognition Technology
Ye-Eun Sung Consumers often unknowingly enter brick-and-mortar stores that utilize facial recognition technology. Many are, therefore, at risk of their biometric data being wrongfully used without their consent or knowledge. The delay in the courts’ and the federal government’s response to facial recognition technology has allowed its development and use to remain unregulated. Although regulation of this technology is essential, its use should not be banned outright. Due to the changing retail landscape, facial recognition technology provides brick-and-mortar stores with information that allows them to remain relevant in a market that relies significantly on the internet and e-commerce. Read Full...
Defenseless in the Zombie Infested Internet: Why Audio-Visual Works Demand Exemption Under the Digital Millennium Copyright Act
Eric Maher In the aftermath of Napster and Pirate Bay’s shameless disregard for copyrights, DRM strategies are necessary to protect the incentives that encourage artists and programmers to create and publicly display their works. Yet the security risks associated with DRM levy a high cost on the public, on whose patronage the content creators depend. By restricting research and investigation into security risks in popular public technologies, U.S. copyright law, particularly under the anti-circumvention provisions of the Digital Millennium Copyright Act (“DMCA”), removed necessary safeguards for the public. The large influx of new consumer electronics demands exemption from the anti-circumvention...
Clear Signatures, Obscure Signs
Adam White Scoville There are two kinds of digital signatures: signatures good enough for a six dollar trade among friends, and signatures good enough for a six figure trade between strangers. This Article considers both, from the digital equivalent of an initialed placemat to secure verification techniques more like notarizations. Nationally and internationally, diverse groups and bodies have been propelling the development of digital signature and certificate authority regulation and legislation. This Article examines the need for such legislation, questioning the assumption that current law presents, at best, uncertainties or, at worst, outright barriers to the use of electronic records...