Blog
Public Private Partnerships in National Cybersecurity
Introduction Our national infrastructure is undergoing a major digital migration. Physical infrastructure assets are merging with the digital world via the Fourth Industrial Revolution (4IR) technologies. 4IR technologies have the potential to make our infrastructure more sustainable, efficient, and connected while enabling once-futuristic ideas such as “Smart Cities” and autonomous transportations. However, such technological developments pose a grave threat to our national security. When the physical world and the digital world are integrated, repercussions from a cyberattack can materialize in the real world. This means a hacker can take control of a nation’s critical infrastructure digitally and extend his or her control to the physical world. A cyberattack debilitating an entire nation by digitally attacking its critical infrastructure is not entirely hypothetical anymore. Despite the national interest in bolstering our cybersecurity, deficiencies in our national cybersecurity continue to grow. An expansion of public-private partnerships (P3s) can be an efficient way to narrow the gaps in our national cybersecurity despite concerns raised by cyber legal scholars. The Fourth Industrial Revolution The rapid convergence of the physical world and the digital world is driving the world economy into another major industrial revolution. The World Economic Forum has coined this significant shift the “Fourth Industrial Revolution.” 4IR technologies have the potential to create more connected, efficient, and sustainable infrastructure by allowing physical infrastructure assets to integrate with the digital world. With the emergence of technologies such as autonomous vehicles and the Internet of Things (IoT), the speed of the digitalization of such assets is likely to only increase. The European Union Agency for Cyber Security identified recent trends of deploying IoT in...Privacy Considerations in the Implementation of Dodd Frank’s Section 1033
The Dodd Frank Act was enacted in 2010 in response to the 2008 financial crisis. Among the protections that it sought to create was Section 1033, which provides consumers increased access to – and control of – the personal data held by financial institutions.[1] Specifically, 1033 requires that financial institutions provide consumers with copies of their data upon request. The Consumer Financial Protection Bureau (CFPB) started gathering stakeholder opinions on Section 1033 several years after its passage and, in November of 2020, issued an Advanced Notice of Proposed Rulemaking (ANPR). FinTech companies and industry groups wrote comments in response to the ANPR in support of promulgating rules for Section 1033. They are eager for consumers to have the opportunity to pipe personal financial data from banks to their platforms. There are benefits to this system: with enhanced data portability, smaller companies have a greater chance of accessing the data they need to build innovative products that improve competition and are useful to the public. New toolscould aid in overdraft fee protection, credit score improvement, financial inclusivity, small business loans, fraud mitigation, and much more. However, there are potentially negative privacy implications if the CFPB implements Section 1033 without thoughtful consumer protection. CapitalOne’s comment on the Section 1033 ANPR voices concerns about “lightly regulated non-bank companies, particularly Data Aggregators and Data Users” gaining access to data that would otherwise be subject to the banking industry’s heightened data-handling rules. CapitalOne recommends that, for example, third parties who gain access to consumer data under Section 1033 become subject to the Gramm-Leach Bliley Act, which governs the management of individuals’ data by financial...Legal Uncertainties Surrounding the Realm of NFTs
Introduction to NFTs Throughout 2021, non-fungible token (NFT) artwork has sold for record breaking prices and is rapidly increasing in popularity. In the second quarter of 2021, NFT sales surged to $2.5 billion, which is a tremendous increase from the $13.7 million in sales during the first half of 2020. In March 2021, the artist Beeple sold his NFT through Christie’s for $69.3 million. In June 2021, one of 10,000 CryptoPunks NFTs created by the artist duo Larva Labs resold for $11.8 million through Sotheby’s. An NFT is a digital asset or unit of data that stores information on blockchains. Blockchains are digital ledgers that record information chronologically in “blocks”, which are then chained together to form an irreversible timeline of data. Whereas databases store data in tables, blockchains store data in chains of blocks. Blockchains function similarly to a bank ledger in that they reveal the entire transaction history of digital assets, allowing for easy verification of asset ownership and authenticity. Most NFTs are part of the Ethereum blockchain, which is a decentralized, open-source blockchain where no single group or person has control over the blockchain. Rather, all users retain control over this blockchain. As a result, the data entered into the blockchain is irreversible and permanent—it cannot be modified, deleted, or pirated as all transactions are permanently recorded and viewable by the public. Digital assets created on blockchains can be transferred between parties. These transferable assets are called tokens. An NFT is a non-fungible token, which means it is a one-of-a-kind asset. This is unlike Bitcoin, which is fungible and replicable. One Bitcoin can be traded for...What President Biden’s EO on Section 230 signals on policy reform
On May 14, President Biden issued an executive order (EO 14029) on Section 230, the once obscure provision of the Communications Decency Act that is now at the heart of political fights over regulating speech on online platforms, and more broadly, the power of big technology companies. If you missed the roll-out of EO 14029, you can certainly be forgiven. There was no public signing ceremony, no accompanying presidential remarks — not even a press briefing. With a yawn inducing title — “Executive Order on the Revocation of Certain Presidential Actions and Amendments” — it almost seems that the order was supposed to fly under the radar. EO 14029 was not even the biggest executive order on technology policy signed that week: just two days prior, the President rolled out a much-anticipated “Executive Order on Improving the Nation’s Cybersecurity.” So, what does the order do? As a policy matter, the most straightforward answer is: not a whole lot. It simply revokes a slew of Trump-era orders, including EO 13925 or “Preventing Online Censorship,” which was probably of minimal legal effect anyway. In another sense, however, President Biden’s action moves Section 230 policy debate away from the executive branch, signaling that the responsibility for reform lies squarely with Congress. To fully appreciate the implications of President Biden’s action, it’s useful to take a few steps back. What is Section 230, anyway? Section 230 of the Communications Decency Act, codified at 47 U.S.C §230, was passed in 1996 in order to protect innovation on the internet, then a fledgling industry. The gist of the statute is...Make Way for Robocalls: Understanding the Implications of Facebook v. Duguid
In 1991, Congress took action against the onslaught of undesired robocalls faced by households and individuals. The Telephone Consumer Protection Act (TCPA) established a variety of safeguards aimed at reducing the amount of uninvited calls consumers receive. One of the most important provisions of the TCPA prohibits the use of “any automatic telephone dialing system” (autodialer) to place unsolicited calls. The statute defines an autodialer as “equipment which has the capacity– (A) to store or produce telephone numbers to be called, using a random or sequential number generator; and (B) to dial such numbers.” Precisely what falls within the scope of an autodialer has already been subject to much debate. In 2003, the Federal Communications Commission, the agency with authority to administer the TCPA, determined that the use of an autodialer encompassed sending text messages. Much more recently in 2018, the U.S. Court of Appeals for the District of Columbia rejected the FCC’s interpretation of “capacity” which included potential functionalities or future possibilities, as opposed to merely present capacity, as impermissibly broad. The Facebook v. Duguid Decision On April 1, 2021, the Supreme Court issued a decision that renders another important interpretive judgment as to what falls under the scope of an autodialer. The recent case, Facebook v. Duguid, determined whether automated text messages sent by Facebook violate the TCPA. The Ninth Circuit had held that the autodialer prohibition applies to notification systems like Facebook’s that automatically dial stored numbers. Upon Facebook’s appeal, however, the Supreme Court unanimously disagreed. The Supreme Court’s ruling hinged on the statute’s specification that an autodialer must use a “random or sequential number generator.”...Privacy Concerns for Digital COVID-19 Contact Tracing and Implications for Incorporation of Artificial Intelligence
Contact tracing has been a key measure in an attempt to slow the spread of COVID-19. Many countries, including the United States, have used contact tracing to track and control the spread of the disease. The measure has been touted as a success in the states and countries that managed to implement a well-functioning system with adequate preparation, testing and tracking, welfare support, and effective leadership. However not all contact tracing efforts were successful. The United Kingdom’s contact tracing efforts have been noted to be a failure, with the country’s government scientific advisory group reporting that the program had a “marginal impact on transmission.” The United States has similarly experienced failures in several states. Some of the reasons that programs fail include lack of local support, sheer number of cases, and delays in testing and identification. Even strong advocates for robust contact tracing programs have conceded that “it is impossible to do meaningful or substantial contact tracing with huge numbers of cases.” Shortage in personnel performing contact tracing also likely contributes to the difficulty. One key tool that could have mitigated some of the problems with contact tracing is the use of digital contact tracing. In fact, several countries, notably South Korea and Singapore, have successfully implemented digital contact tracing programs. Apple and Google partnered to create a COVID-19 contact tracing technology which utilizes Bluetooth technology. Claims have been made that implementing AI mechanisms in such technology would further increase the effectiveness of Bluetooth contact tracing by boosting the ability of the phones to detect nearby phones, which remains shaky with just the use of Bluetooth technology. Pairing Bluetooth...Intellectual Property Law in the Era of COVID-19
Basic research conducted by scientists at federally funded academic laboratories has been essential to the rapid development of COVID-19 vaccines, and the federal government has poured billions of dollars into vaccine companies since the pandemic began to accelerate the delivery of their products. However, coronavirus vaccines are likely to be worth billions to the drug industry, and even though vaccine supplies are steadily improving, groups like Doctors Without Borders are urging governments to seize the patents on any coronavirus therapies from taxpayer-funded research to prevent price gouging. Patentholders object to government intervention because their implementation would set a dangerous precedent and interfere with people’s incentives to invest in research and development for future treatments and vaccines. However, given the state of the current public health crisis, the U.S. may opt to take such drastic measures to ensure a COVID-19 vaccine is widely accessible, and their legal implications should be studied carefully. March-In Rights Under the Bayh-Dole Act If key patents for an approved vaccine are publicly funded, the federal government may be able to exercise its march-in rights under the Bayh-Dole Act of 1980. The Moderna vaccine, for example, emerged directly out of a partnership between Moderna and a federally funded academic laboratory. March-in rights were included to prevent big businesses from licensing federally funded technologies from universities, only to shelve the technologies and not commercialize them. In specific circumstances, the U.S. government has the right to “march-in” and either grant licenses or require the patent holder/licensee to grant licenses to third parties if several conditions are satisfied. If the U.S. government decides to exercise its march-in rights, the...Arthrex, PTAB, and the Unitary Executive
Patent law is often thought of as a statutory area of law, governed primarily by Title 35 of the U.S. Code and the long history of judicial opinions interpreting it. But with the passage of the AIA came the Patent Trial and Appeal Board (PTAB) and the rapid expansion of the role of the USPTO in not only granting patents, but in adjudicating disputes over them. Suddenly, administrative law was a fundamental piece of the puzzle of patent litigation. And while the PTAB has faced challenges to its validity and authority since, the Supreme Court seems to have ruled that, for now, it’s here to stay. This doesn’t mean that PTAB’s path forward is free of any administrative hurdles, however. As is evident in United States v. Arthrex, Inc. (which heard oral arguments at the Supreme Court this March), the new frontier of administrative patent trials comes with the typical issues of constitutionality other administrative courts have encountered. In Arthrex, the familiar issue of the principal/inferior status of administrative officers is center-stage, with Smith & Nephew and the United States arguing for Administrative Patent Judges (APJs) as inferior officers (and thus preserving the current system where APJs are appointed solely by the Secretary of Commerce) while Arthrex touts them as principal officers (whose appointments require the advice and consent of the Senate). The ultimate decision of the Supreme Court likely won’t cause a major shift in what technologies are granted patents, or even in the administrative process around patent disputes. After all, even if the Court determines the APJs to be unconstitutionally appointed, the system can stay so long...Will NFTs Solve Existing Legal Problems or Will They Create New Ones?
The recently released Netflix documentary Made You Look, highlights one of the biggest fraud scandals in the high-end art world. The Knoedler Gallery in New York City was found to have sold over 80 million dollars’ worth of forged artwork over a roughly 10-year period. This spectacle underscored the issue of provenance in the high-end art world. Provenance is paperwork or documentation that verifies the authenticity of the artwork. Unfortunately, it is common for expensive artwork to lack provenance. The documentation might not have ever been created because the artist was obscure at the time the work was created, or it might have simply gone missing as a result of time or theft. American case law is littered with disputes arising from art purchasers being defrauded and purchasing fake works, as well as disputes over ownership of artwork that was stolen at some point. As society and art moves toward an increasingly digital world, a potential solution to this issue can be found in non-fungible tokens (NFTs). Recently, NFTs have begun to make headlines as the technology rises in popularity, not only in the art market, but also in other areas such as sports trading cards. This recent rise in popularity has seen NFTs sell at exorbitant prices. The latest examples include, the artist Beeple selling his digital artwork at Christie’s for over $69 million dollars and the New York Times selling a digital column for over $700 thousand dollars. NFTs function in a similar manner to cryptocurrency tokens in that they are built on a blockchain, the most popular one being Ethereum. Unlike cryptocurrencies such as Bitcoin, the...From Third-Party Data to First-Party Data: Is FLoC right for the future?
Third-party cookies are often used by advertisers to track users’ activities across websites to show them relevant ads. While these cookies are beneficial for websites due to the advertising revenue they generate, these cookies are often criticized for the lack of privacy they provide users and the amount of data they collect. The data these cookies provide can be used to build a significant profile of an individual without their consent or knowledge. In addition, this data is often sold without the user’s explicit knowledge and consent to various companies for marketing or other purposes. Issues with third-party cookies afflict even reputable news organizations, who create privacy risks through their advertising on controversial articles while simultaneously reporting on privacy violations by government agencies such as the NSA. Fortunately, the European Union has required since 2019 that users must give their informed consent to non-essential cookies and users are assumed to have opted out unless they opt in. Websites must provide this consent option through banners displayed at the top or the bottom of a page which over time have grown to include additional disclosure information. A European court has determined that an already checked box is insufficient consent and the user must check the box themselves. Privacy laws similar to those passed in the EU have also been passed in Canada and Brazil. Unfortunately, these banner alerts are often not effective because users simply click past the alerts without reading the website’s cookie policy, which can be many pages long. In some cases, users view these alerts more as pop-ups and a nuisance rather than as informative or important,...Big Data: Transitioning Away From the White Male Norm
As the capacity to generate and use digital information increases, the use of big data has permeated many industries. Its usage in medicine is poised to make major impacts on clinical practice. There are many benefits to the quality and efficiency of healthcare that can be achieved through the utilization of big health data. But there is a need for an understanding of how big data will affect populations that face disparities and inequalities in medicine – women and people of color. In medicine, the white male is generally the default. This default often affects how women and people of color are diagnosed and treated. Women may go undiagnosed and untreated due to having “exclusively female disease” or diseases that occur more frequently in women than men. Or they are misdiagnosed because their symptoms don’t manifest in the same way they do in men. For people of color, differences in race may affect the efficacy of drugs and medical devices. For both populations, they may ultimately have to be sicker or wait longer to qualify for the same treatment as a white man. Big data may help overcome these disparities through recognition of patterns in the treatment of women and people of color. Data generated during the course of care can be used to measure quality, develop hypotheses, and compare effectiveness of different treatments. Artificial intelligence (AI) technology provides the ability to take massive data sets and find patterns. These identified patterns may reveal gender and racial differences that affect diagnosis and treatment. Through the use of big data in precision medicine, for example, the identification of “biological variation...California’s Prop 22: A Cautionary Tale
Even before COVID-19 hit last year, food delivery apps such as Caviar and Postmates had gained popularity as a convenient and relatively quick way to order food without the hassle of long lines or even needing to leave home. After the pandemic led to shelter-in-place orders and temporarily closed indoor dining in several states, there was an even greater demand for these food delivery services that provided a safe alternative to going out to eat or walking inside a restaurant to pick up a carry-out order. Additionally, even though these delivery apps are run by large corporations, this technology made it easier for diners to support local restaurants at a time when their patronage was even more impactful. According to MarketWatch, in the six months between April 2019 and September 2019, four of the major delivery app services – DoorDash, Uber, Grubhub, and Postmates – collectively brought in $2.5 billion in revenue. In the same time period the following year, which covered the early days of the pandemic, revenue for these four companies more than doubled to a combined $5.5 billion. However, as the popularity of these apps grew, so did the criticism and controversies surrounding their business practices. All eyes have been on California for the past few years with regard to the laws surrounding this relatively new type of employment and how to classify “gig” workers employed by rideshare and food delivery companies. Originally, companies like Uber and DoorDash were able to cut operating costs by hiring independent contractors as opposed to full-time employees. By doing so, these companies were able to deny their workers minimum wage,...Political neutrality in content moderation compels private speech
Lots of online life today takes place on social media platforms. These platforms have become a place for communication of all types of ideas. Platforms establish community guidelines and moderate content for a variety of reasons. Congress saw a problem with platforms becoming liable for user content when they moderated “bad” content that was established in case law, so they passed section 230. This protects platforms from liability for content provided by users, while also allowing good faith moderation without revoking that protection. This protection has allowed platforms to create their own terms of service and define what type of content a user can post. If content violates the terms of use or is otherwise objectionable, platforms can remove it without fear of becoming liable as publishers of content on their site, instead of leaving all content untouched out of fear of incurring liability. Recently this section has come under fire. Specifically, because section 230 protects moderation that is not politically neutral on some of the biggest internet platforms. Several bills have been introduced to address this and mandate neutrality in moderation of content. The problem with this approach is that it will compel social media platforms to host content that they do not want to. Forcing a private company to do so violates their first amendment rights. The first amendment protects freedom of speech in the U.S. but section 230 provides enhanced protections. Congress conferred a benefit to internet platforms in the form of liability protections. These protections allow platforms to operate without fear of overwhelming lawsuits because of user posted content. It also allows platforms the freedom...Uncovering the Burial of Transformative Trademark & Copyright Measures in Congress’ 2021 Stimulus Package: Protections to Come for Content Creators
The recently passed stimulus package quietly incorporates consequential changes to American intellectual property laws via the advent of the Trademark Modernization Act of 2020 (“the TMA”), the Copyright Alternative in Small-Claims Enforcement Act of 2020 (the “CASE Act”), and the Protecting Lawful Streaming Act (the “PLSA”). On December 21, 2020, about eight months into the sudden and persistent COVID-19 pandemic, Congress swiftly passed the Consolidated Appropriations Act, 2021 (“the Act”), a long-awaited bill focused on providing another round of pandemic relief and economic stimulus; and avoiding a government shutdown. Six days later, then President Donald Trump signed the Act into law. Buried within $900 billion in stimulus provisions and a $1.4 trillion federal agency funding deal, the Act includes provisions that amend trademark and copyright laws and thus, impact creators in the booming digital economy. The TMA, the CASE Act, and the PLSA will offer trademark and copyright owners, thereby many content creators, meaningful benefits, including (i) making it easier for trademark owners to obtain injunctive relief; (ii) creating a small-claims court for copyright infringement disputes; and (iii) imposing a felony on unlawful streaming of copyrighted material. The Trademark Modernization Act (TMA) of 2020: Resolving a Circuit Split The TMA, among other initiatives to expand and fortify the accuracy and integrity of the federal trademark register, settles a long-standing circuit split: whether the Supreme Court’s ruling in eBay, Inc. v. MercExchange LLC, 547 U.S. 388 (2006) (holding that irreparable harm could not be presumed in a patent infringement lawsuit) applies to trademark infringement. Historically, to obtain preliminary injunctive (PLI) relief, the movant has the burden...Trans-Atlantic Data Transfers After Schrems II
In July 2020, the European Court of Justice released Schrems II, an opinion finding the EU/US Privacy Shield insufficient to guarantee compliance with EU data protection laws. The decision marked the second time the ECJ would invalidate a data privacy adequacy decision between the EU and US, sabotaging once more an enterprise meant to safeguard trans-Atlantic data transfers without compromising US national security activities. Consequently, US companies who house or process EU data outside of the EU are now exposed to serious liability when they send data across the Atlantic, something many companies do in the regular course of business. Schrems II left open a potential means of escaping liability through Standard Contractual Clauses (SCCs), but the ECJ seemed poised to invalidate that mechanism the next time it comes under their scrutiny. The decision arises out of the acutely conservative approach the EU takes to data privacy. In the EU, “[p]rivacy rights are given the status of a fundamental right,” enshrined in the EU Charter of Fundamental Rights and formally guaranteed to all EU citizens under the 2009 Lisbon Treaty. In addition to general privacy protections provided under the Charter, the Charter specifically establishes a “right to the protection of personal data concerning him or her.” That right includes a guarantee that an EU citizen’s data will be processed fairly and only for “specified purposes.” According to the EU supervisory data authority, the right to be “in control of information about yourself…plays a pivotal role” within the notion of dignity enshrined in the Charter. With this historical context, the European Commission passed the GDPR, which came into effect in...AI v. Lawyers: Will AI Take My Legal Job?
Artificial Intelligence (AI) is changing the global workforce, generating fears that it will put masses of people out of work. Indeed, some job loss is likely as computers, intelligent machines, and robots take over certain tasks done by humans. For example, passenger cars and semi-trailer trucks will be able to drive themselves in the future, and that means that there won’t be a need for quite as many drivers. Elon Musk, the co-founder and CEO of Tesla and SpaceX, predicts that so many jobs will be replaced by intelligent machines and robots in the future that eventually “people will have less work to do and ultimately will be sustained by payments from the government.” The World Economic Forum concluded in a recent report that “a new generation of smart machines, fueled by rapid advances in artificial intelligence (AI) and robotics, could potentially replace a large proportion of existing human jobs.” All of this raises the question of whether lawyers and even judges will eventually be replaced with algorithms. As one observer noted, “The law is in many ways particularly conducive to the application of AI and machine learning.” For example, legal rulings in a common law system involve deriving axioms from precedent, applying those axioms to the particular facts at hand, and reaching conclusions accordingly. Similarly, AI systems also learn to make decisions based on training data and apply the inferred rules to new situations. A growing number of companies are building machine learning models that ask the AI to assess a host of factors—from the corpus of relevant precedent, venue, to a case’s particular fact pattern–to predict the outcomes of pending cases. ...Deep-Fake, Real Pain: The Implications of Computer Morphing on Child Pornography
The proliferation of “deep-fake” internet videos—in which a person in an existing video is replaced with the likeness of another—has called into question our most basic method for perceiving the world: using our own eyes. While the definition of deep-fake transforms as the technology develops, the video technology is generally regarded as the use of machine-learning to replace the face of one individual with another. Troublingly, deep-fakes have changed the landscape of digital pornography. Advances in computer morphing software have produced a new category of child pornography: “morphed” child pornography, in which a child’s face is virtually superimposed onto the body of an adult performing sexually explicit acts. Today, the rapidly changing field of technology has created an unresolved legal question: is “morphed” child pornography protected under the First Amendment? In February of 2020, the Fifth Circuit Court of Appeals weighed in on the debate in United States v. Mecham. When Clifford Mecham Jr. took his computer to a technician for repairs, the technician discovered thousands of images depicting the nude bodies of adults with faces of children superimposed. Once notified, the Corpus Christi Police Department seized several hard drives, revealing over 30,000 pornographic photos and videos with “morphed” child pornography. The Fifth Circuit affirmed Mecham’s conviction, but remanded his case to reduce his sentence, holding that the sentencing enhancement for “sadistic or masochistic conduct” does not apply to morphed child pornography as there is no depictions of “contemporaneous infliction of pain.” While child pornography is not protected under the First Amendment, virtual child pornography, sexually explicit images created with adults who look like minors or created solely by...Patent Trolls Show Immunity to Antitrust: Patent Trolls Unscathed by Antitrust Claims from Tech-Sector Companies
Patent trolls have become a prominent force to be reckoned with for tech-sector companies in the United States, and tech-sector companies’ recent failure in using antitrust law to combat patent trolls indicates a continuation of that prominence. Patent trolls have been quite the thorn in the side of tech-sector companies. The term “patent troll” is the pejorative pop culture title for the group of firms also known as non-practicing entities, patent assertion entities, and patent holding companies. These entities buy patents, not with the purpose of utilizing the patent’s technology, but with the purpose of suing companies for patent infringement. Patent trolls have made up around 85% of patent litigation against tech-sector companies in 2018. Moreover, in comparison to the first four months of 2018, the first four months of 2020 saw a 30% increase in patent litigation from patent trolls. At a high-level, antitrust law appears to be a proper tool for wrangling patent trolls. Antitrust law cracks down on anticompetitive agreements and monopolies for the sake of promoting consumer welfare. Patents are effectively legal monopolies over a claimed invention, and patent trolls use these legal monopolies to instigate frivolous patent infringement lawsuits on companies. Such lawsuits increase litigation and licensing costs for companies who can then push such costs, via increased product prices, onto the downstream consumer. In an attempt to go on the offensive, tech-sector companies have brought antitrust claims against patent trolls. The antitrust claims have operated on one of two theories. In Intellectual Ventures I LLC v. Capital One from 2017, Capital One counterclaimed antitrust remedies on the basis of a patent troll suing...Apple vs. Facebook: The Demand of Growing Data Ethics
In January, WhatsApp announced the release of a new privacy policy that allows the messenger service to share user data with its parent company Facebook. The policy has been met with public outcry and resulted in many users flocking to rival companies such as Signal. The backlash led to WhatsApp deciding to postpone the update, and it recently clarified that the new update relates to how people interact with businesses and how users will be asked to review its privacy terms. Previously, users saw a full-screen message prompting them to accept policy changes. With the new update, users will see a small banner near the top of their screen requesting them to review the company’s privacy policy, and they will then have the option to download a more detailed PDF of the update. According to the new policy, customers interacting with businesses could have their data collected and shared with Facebook and its companies. This means that customer transactions and customer service chats could be used for targeted advertising. Facebook’s change of the WhatsApp privacy policy is fuel to its existing war over data privacy with one of the other largest tech companies, Apple. In 2014, Apple’s chief executive Tim Cook criticized companies like Facebook by saying, “If they’re making money mainly by collecting gobs of personal data, I think you have a right to be worried.” Apple also heightened its words into actions: it is introducing a new App Tracking Transparency feature to be automatically enabled in iOS in early spring, which requires every iOS app developer to explicitly request user permission to track and share...Limitations on AI in the Legal Market
In the last 50 years, society has achieved a level of sophistication sufficient to set the stage for an explosion in AI development. As AI continues to evolve, it will become cheaper and more user friendly. Cheaper and easier to use AI will provide an incentive for more firms to invest. As more firms invest, AI use will become the norm. In many ways, the rapid development of AI can look like an ominous cloud to those with careers in the legal market. For some, like paralegals and research assistants, AI could mean a career death sentence. Although AI is indeed poised to alter the legal profession fundamentally, AI also has critical shortcomings. AI’s two core flaws should give those working in the legal market faith that they are not replaceable. Impartiality and Bias AI programs excel in the realm of fact. From chess-playing software to self-driving cars, AI has demonstrated an ability to perform factual tasks as well as, if not better, than humans. That is to say, in scenarios with clear-cut rights and wrongs, AI is on pace to outperform human capabilities. It is reasonable to conclude that AI is trending towards becoming a master of fact. However, even if AI is appropriately limited to the realm of fact, AI’s ability to analyze facts also has serious deficiencies. Similar to the process by which bias can infiltrate and cloud human judgment, bias can also infiltrate and corrupt AI functionality. The two main ways that bias can hinder AI programs are called algorithmic bias and data bias. First, algorithmic bias is the idea that the algorithms underlying...Waive or enforce? The Debate over Intellectual Property Issues in Covid-19 Vaccines
In December of 2020, the long-awaited coronavirus vaccines began to slowly roll out across the world. The vaccines give people some hope of taming the virus, but the logistical hurdles of the vaccines seem worrisome. The daunting task of manufacturing, delivering, and administering massive quantities of vaccines on a global scale has highlighted many intellectual property issues in the drug industry. Recently, there has been a contentious debate, with the central issue concerning how intellectual property rules will influence the availability of the Covid-19 vaccines. At the meeting of the World Trade Organization in October, South Africa, India, and many other developing countries, proposed that intellectual property rules’ application to the vaccines be waived. Specifically, the basic position of these countries is that the exceptional circumstances created by the pandemic should warrant the “exemption of member countries from enforcing some patent, trade secrets or pharmaceutical monopolies” under the organization’s trade-related intellectual property agreements. This would allow drug companies in developing countries to manufacture generic versions of the Covid vaccines. The wealthier countries, namely – the United States, the European Union, Britain, Norway, Switzerland, Japan, Canada, Australia and Brazil – opposed the proposal by suggesting that doing so would upend the “incentives for innovation and competition.” This disagreement raises a big question: will the waiver subvert the purposes of the intellectual property laws by disincentivizing innovation or will it lead to a win-win situation for all by massively increasing access to and affordability of the Covid vaccines while allowing investors and the pharmaceutical industry to get a sufficient return on the research investment? As part of coming up with a...Intellectual Property Considerations for Protecting Autonomous Vehicle Technology
Autonomous vehicle technology has progressed significantly in the past decade, and a growing number of automotive and electronics organizations are working to create these self-driving vehicles. While the race to autonomy is heating up, so is the race to own IP rights and protect technological advancements in this domain. This blog will discuss the different types of intellectual property that automotive and technology companies are utilizing to protect their technological advancements in the field of autonomous vehicles. First, it is important to understand what exactly autonomous vehicles are. Autonomous vehicles are cars capable of sensing their environment and operating without human involvement. There are currently six levels of driving automation ranging from level zero, fully manual, to level five, fully autonomous. Level five has not been achieved yet, but many automotive and technology companies are racing to be the first with a fully autonomous car. To do this, “autonomous vehicles rely on sensors, actuators, complex algorithms, machine-learning systems and powerful processors to execute software.” Considering all of the technology and development that goes into producing an autonomous vehicle, it is not surprising that companies would want to protect their intellectual property. In fact, in the last several years automakers and their suppliers have significantly increased the number of patent applications filed in the United States and abroad. However, since autonomous vehicles will require automakers and suppliers to develop technology outside of the scope of their traditional product development, patents may not provide substantial protection for these inventions. Instead trade secret protection may provide more appropriate intellectual property protection for autonomous vehicle technology. Companies must therefore decide which type of...Law Enforcement’s Newest Witness, Alexa
On July 12, 2019, Adam Reechard Crespo and his girlfriend, Silvia Galva, got into an argument at Crespo’s home in Hallandale Beach, Florida. What happened next remains unclear, but it ended with Galva stabbed through the chest. Crespo said he pulled the blade from Galva’s chest and tried to stop the bleeding. It was too late though. Galva died, leaving police to rely solely upon the stories told by Crespo and Galva’s friend who said she overheard the fight. That is, until police realized that there may have been a silent “witness” of sorts. Crespo had an Amazon Echo, commonly known as Alexa, in his home. The device was not actively in use at the time of the crime, but police believed it may have heard something that could shed light on the otherwise private final moments of Galva’s life. One month after the alleged crime was committed, police successfully obtained a warrant for those recordings and ultimately received them. Crespo was charged with murder. The Amazon Echo is a voice activated AI virtual assistant that will tell you the weather, read you the news, or play your favorite song, among other things. But beyond its intended uses, the Echo has proved useful to law enforcement officers, offering a rare, inside look into the crucial moments before a crime was committed. The Amazon Echo made headlines for its role as a potential key witness in the investigations of a 2015 suspected murder in Arkansas and a 2017 New Hampshire double homicide. In each of these cases, the conversation inevitably turned to privacy concerns as questions...Zooming in on Children’s Online Privacy
An era of remote learning raises questions about children’s data privacy. As COVID-19 spread through the United States this spring, school districts across the country scrambled to find a way to teach students remotely. Many turned to Zoom, the videoconferencing platform that has rapidly become a household name. But as the usage of Zoom skyrocketed, the platform’s data privacy policies came under heightened scrutiny. Just a few weeks after Zoom CEO Eric Yuan gave K-12 schools in the U.S. free accounts in mid-March, the New York attorney general and Senators Ed Markey and Elizabeth Warren sent letters to the company requesting more information about its privacy and security measures. Both parties were particularly concerned about how Zoom handled children’s personal data now that so many minors were using the service for their education. Children’s online privacy in the United States is governed by the Children’s Online Privacy Protection Act (COPPA). Passed in 1998, COPPA is intended to protect the privacy of children under 13 by giving their parents control over the kind of information that is collected about them online. COPPA applies to web services that are either aimed at children under 13 or have “actual knowledge” that they collect and store personal information from children under 13. Personal information includes data like a child’s name, contact information, screennames, photos and videos, and geolocation information. In order to comply with COPPA, covered websites must publish their privacy policies, provide notice to parents and obtain their consent before collecting personal information from children, and give parents the opportunity to review and delete the information and opt-out of further collection. The...Posts on the MTLR Blog are editorial opinion pieces written by student-editors of the Michigan Technology Law Review. The opinions expressed in these editorial posts are not espoused or endorsed by the University of Michigan or its Law School. To view scholarly Articles and Notes published by the Michigan Technology Law Review, please visit the MTLR home page.