Cyber Security and Artificial Intelligence Forecasting: Short-Term Risk

Posted by: Alek Emery

22495460709_9f99309cf9_oRecent headlines surrounding cybersecurity incidents, like the EquiFax breach, illustrate the increasing importance of data security—and the potential harms resulting from security vulnerabilities within systems containing consumer information. It should come as no surprise then that the proliferation of artificial intelligence will likely play a crucial role in future cyber security developments. However, the convergence between public understanding of cyber security and artificial intelligence (AI) is lacking, particularly in the area of the already-occurring or near future possibilities for AI to create cyber security risks. In short, there are three (at least) compelling reasons for focusing on the short-term risks posed by AI when considering what can be done to prevent future harms. Continue reading


Patent Trolls, Silicon Valley & the Law

Posted by: Jensen Nevitt

SIGABA-patentPeople have long been intrigued by the legal profession as portrayed by the entertainment industry. Long before I ever set foot in law school, I was drawn to books by John Grisham. I was fascinated by movies ranging from serious dramas such as To Kill a Mockingbird and A Few Good Men, to more light-hearted films such as My Cousin Vinny. I loved watching the television show Suits. Few professions attract the attention of the public like the legal profession. I can think of only a few others, such as spies, doctors, to some extent politicians and journalists. After attending law school for a few semesters now, that affinity for law-based entertainment has only grown.

The difference is that now, my focus has changed. I used to watch the movies for the entertainment value. Now, I watch them with a critical eye. I watch them to for accuracy, always wondering if a lawyer or a judge would really do what the character did in a given situation. This recently occurred as I watched an episode of the HBO show Silicon Valley. In the episode, the characters confronted a patent troll. I reflected on the actions of the main character and his lawyer in the show, and asked myself if the result was realistic. I found out a little bit about software patents in Cyberspace Law class readings and decided to write this blog on the topic. I came to the conclusion that the attorney in the show did give solid advice to the main character and did so based on a conclusion that was probably also correct. Continue reading

Not so Safe Harbor for ISPs

Posted by: Rylan Stewart

2000px-Internet_Connectivity_Distribution_&_Core.svgThe battle rages on between copyright holders and internet service providers (“ISPs”) as the interests of these parties continue to be adverse. Copyright holders seek greater protection for their works under the DMCA in order to maximize revenue by stomping out infringers. At the same time, ISPs fight to maintain as many users as possible while maintaining immunity from liability under the safe harbor provisions of §512(a).

In order for ISPs to receive protection under the safe harbor provision, ISPs are required to adopt and reasonably implement a policy in which ISPs can terminate users who are found be engaging in repeat copyright infringement. The issue currently being played out is the interpretation of what it means to “reasonably implement” the policy adopted by an ISP. The interpretation of this language has huge implications as it can be the determining factor in deciding whether or not an ISP can claim the safe harbor provision as a defense against being held contributorily liable for infringing acts committed by the ISP’s users.

In the latest quarrel, BMG Rights Management (“BMG”) gained a victory for copyright holders by receiving a $25 million judgement against Cox Communications Inc. (“Cox”) for contributory liability for failing to reasonably implement a termination policy for users caught committing copyright infringement using Cox’s services.

BMG’s victory against Cox signals a victory for copyright holders by setting precedent which requires ISPs to actively terminate internet service to users who have been identified as infringers or face the consequences of being held contributorily liable for the infringements. While it is true that a user who has service terminated by one ISP for committing copyright infringement could just seek service from a new ISP, most areas have a finite number of service providers. In theory, if all ISPs were to strictly enforce termination policies, it could be a powerful tool to combat against repeat infringers. Continue reading

Cyber-Attacks as an Act of War – Would Cyber-Attacks Lead to a Conventional War?

Posted by: Ahmed Elashry

2010-05-14-USCYBERCOM_Logo_Cropped-660x660During an onstage interview at the Cloudflare Internet Summit in San Francisco, Avril Haines, a former deputy national security adviser during the Obama administration, said that while there are established norms around what counts as a physical act of war, those same metrics do not exist for digital attacks.

In the conventional world, we have a long history of rules that tell us when another country has used force, when what they do constitutes an armed attack, and therefore when we have a legal basis to respond to it in a kinetic way or in other ways,” she said.

Experts mentioned that cyber-attacks do not have the same set of laws and norms of conventional war. The question here is: would a cyber-attack lead to a conventional war?

At the invitation of NATO cooperative cyber defense center of excellence, the international group of expert prepared the Tallinn on the international law applicable to cyber warfare. Throughout the manual several issues related to cyber security and cyber laws were discussed. They defined cyber-attacks as “a cyber operation, whether offensive or defensive, that is reasonably expected to cause injury or death to persons or damage or destruction to objects”

Several countries and big tech companies have been trying to develop norms to cyberspace, especially after the recent well known WannaCry ransomware attacks which spread in around 150 countries and affected the UK’s National Health Service (NHS). The Lazarus group which have ties with North Korea was suspected of this attack. Cyber security is growing concern for governments and private sectors.

According to the National Conference of State legislators (NCSL) in 2017 at least 42 states introduced more than 240 bill or resolutions related to cybersecurity.  Continue reading

Pirates Have Long Since Abandoned Their Ships and Swords in Favor of an Internet Connection. So What’s the Harm in Internet Piracy?

Posted by: Jaren Martineau

The Pirate BayHistorical pirates on the high seas caused some serious international commerce problems in their day. A significant portion of international goods and commerce were carried by ships across oceans and vulnerable to skilled thieves. Like these pirates of the past, when internet piracy of intellectual property runs rampant, there are some serious negative economic consequences, especially to economies that have a large stake in intellectual property. The solutions to these problems are difficult to implement and may even cause additional serious consequences of their own. Continue reading

The Snap Heard ’round the Internet

Posted by Peter Brown

link-1271843_640In their early stages, computing and digitalization raised difficult and novel questions for courts interpreting copyright laws. Judges wrangled with copyright’s application to operating systems, graphical user interfaces, and other fundamental aspects of modern day computing. One core aspect of internet use is hyperlinking. Simply put, hyperlinks take you from one place on the web to another. Clicking on this hyperlink text will navigate you to another webpage (in this case, Wikipedia’s entry on hyperlinks). The interaction between hyperlinking and copyright law led to an interesting legal question: does linking to another website’s copyrighted content constitute infringement? This question was thought to be more or less settled in favor of finding non-infringement.

Commentators and practitioners alike have felt secure in the knowledge that hyperlinking and similar use of images (such as embedding) is not necessarily infringing. However, a recent New York district court decision, Goldman v. Breitbart, has turned certainty into doubt. If widely adopted, the court’s reasoning in Goldman v. Breitbart could seriously threaten the utility and structure of the internet. Continue reading

#TwitterLockOut and #FreeSpeech

Posted by: Joseph Urtuzuastegui

twitterAs I was scrolling through my twitter account last week, I noticed a peculiar hashtag trending: #TwitterPurge. This piqued my interest, so I looked into it to discover that Twitter had embarked on a mission against “Russian-bot” accounts and accounts that circulated “fake news.” This caused a stir in the “Twitter-verse” among some conservative Twitter users who claimed the company was targeting their right to free speech. (Washington Times Twitter Purge) These twitter users were so outraged that some have filed lawsuits against Twitter claiming they had violated a law in California that protects free speech in public spaces, but this law has never been applied to social media or the internet. With these interesting ideas in mind I wanted to dive a little deeper to determine whether there is such a “free speech” right when it comes to what can be tweeted into the “Twitter-sphere” and whether it should be applied to social media in this case.

The First Amendment is a cornerstone of the founding of the United States, and it reads that “Congress shall make no law…abridging the freedom of speech….” (U.S. Const. Amend. 1) There is no denying the right to free speech given by the US Constitution is one of the most important, there is a reason it is first, but it does not take a legal scholar reading the text to determine that the right to free speech is not an explicit right in all circumstances. Interpretation of these words are vital and looking to the exegesis meaning can allow a person to conclude that the founding fathers were trying to limit Congress from silencing the people, and the laws of Congress shall not keep a person from speaking their truths whether it be about the government or not. But, this interpretation approach is not always the best approach because by these principles, obscenity laws would be unconstitutional, so we must also look to the purpose of the Amendment. The Framers who came from an oppressive regime of England had the idea that a citizen should not be told by their own government what to say or believe, and the First Amendment has been the protection for all people. But again, this interpretation is saying what the United States Government cannot do, not what the likes of Twitter is allowed to censor. To break down what is protected in free speech, by this interpretation and many others, a person cannot be censored for free speech by the government or a state actor. We can rule Twitter out as the government, and they do not seem to be acting for the state in any capacity, so the First Amendment guarantee is not thrust upon them. This does not mean that our inquiry should end however, we can always dive a little deeper. Continue reading

A Tweet on Any Other Server Would Look As Sweet (But Might be a Copyright Infringement)

Posted by: Jamie Winterton

twitterWho owns a tweet? These tiny shreds of content – once 180 characters, now 260, sometimes including a photo – were originally described by Twitter founder Jack Dorsey as “short burst[s] of inconsequential information”. 12 years after Twitter’s founding, however, tweets mobilize social movements, provide a means for political organization, and occasionally perform as a role in national policy. As with any prominent technology, Twitter has played a role in a number of interesting legal battles involving libel, trademark infringement, emotional distress and, of course, copyright. The latest, Goldman v. Breitbart News et. al., is a skirmish over whether or not linking to a tweet (with a photo) counts as copyright infringement. The ruling has the potential to significantly alter online publishing, but perhaps also to provide some long-sought protections for content creators. Continue reading

The Internet of Things Cybersecurity Improvement Act of 2017: How It Helps the Good Guys―And (Potentially) Hurts Them Too

Posted by: Jordan Brunner

Internet_of_ThingsEvery day, we become more connected. And not just through Facebook. Thomas Friedman spoke truly and prophetically in 2005 when he wrote that the world is flat, largely as the result of information technology. The relentless rise of innovations in technology has facilitated the sharing of information and the breakdown of barriers. One of the most prominent trends in this vein is the increasing connectivity of devices. Computers, once the clunky domain of militaries and universities, now exist in everything from refrigerators to Jeeps known as the Internet of Things (IoT).

These connections carrying with them enormous potential for productivity and human happiness. Home IoT devices will eventually plan our commutes and prepare our meals before we even rise from bed. Industrial IoT devices ensure properly stocked inventories and provide a more efficient processing infrastructure. Medical IoT keep us fitter and healthier for longer.

But with these benefits come concerns. Being connected every moment of the day means being engaged every moment of the day―whether you like it or not. Just as Facebook collects data on each user every time they log in, so also do the myriad devices that are now operate as our own personal computers all at once. This means there is no time when we are being updated, instructed, monitored, and even controlled by something or someone. This has profound implications for privacy, especially depending on who has access to that information. Continue reading

Cryptojacking and the Computer Fraud and Abuse Act

Posted By: Peter Brown

bitcoin2In recent weeks, tech news has been awash in stories about malignant code, usually found in online ads, called cryptojacking. The word describes script that hijacks the user’s CPU and uses it to mine for cryptocurrency. Victims find CPU load shooting up to almost 100% when visiting sites serving ads with cryptojacking code. Even worse, cryptojackers run even when the user never interacts with the ad—you can be a cryptojacking victim simply by visiting a website.

Cryptojacking perpetrators tend to target websites where users will linger for a long time because the user’s CPU time is the cryptojacker’s (crypto)money. Keep an eye on your CPU next time you visit a site like YouTube, connect to Starbucks’ wifi, or download an app for your phone. While the intrusive and unwelcome nature of cryptojacking is evident, the legal consequences are less clear. With the potential overheat machines, impair access to information, and cause economic harm to businesses, cryptojacking has emerged as yet another threatening form of malicious advertising that is difficult to combat through the legal system. Continue reading