CLIP-ings: September 23, 2016

Internet Governance

Internet Removed from NYC WiFi Kiosks: Due to problems of lewd conduct, people congregating on busy sidewalks, and the city’s homeless population being put on display, New York City has decided to remove the internet browsing feature from its free WiFi kiosks after efforts to filter porn failed.

Cruz Blocking IANA Transition: With a firm deadline for the IANA transition approaching next week—by which the US government’s authority over major technical internet functions would be transferred—Senator Ted Cruz is preventing negotiations by insisting that the transition would transfer power to foreign governments and threaten free speech, despite fact-checkers questioning the credibility of these statements.

Privacy

Finding the Bombing Suspect: In order to track down Ahmad Khan Rahami, the man charged with attempted murder for planting bombs in Manhattan and New Jersey, police used the bomb squad, fingerprints, Chelsea surveillance footage, and the Wireless Emergency Alert—a new feature which pushes an alert to cell phones in New York City.

FBI Contracting with Hackers: After Apple’s refusal to unlock the device earlier this year, three media giants have failed in their efforts to force the FBI, under the Freedom of Information Act, to reveal how the Bureau gained access to the contents of the iPhone belonging to the perpetrator of the San Bernardino attack.

Information Security and Cyberthreats

Election Integrity Act Introduced: As concerns mount that Russian cyber spies might be tampering with the upcoming presidential election, Representative Hank Johnson (D-GA) has introduced the Election Integrity Act which would implement regulations to combat election hacks, including a prohibition on voting systems from being web-connected, and a requirement that states purchase electronic voting machines that leave a paper trail.

Hacked North American iPhones Spamming Chinese Users: Using a loophole in the iPhone’s “Send as SMS” feature, hackers have sent more than 280,000 spam text messages—which advertise counterfeit Coach and Prada handbags—from iPhones belonging to unsuspecting North American iCloud account holders to mobile users mainly in China but also in other parts of the world.

Intellectual Property

Unpatent Working to Eliminate Stupid Patents: A new platform, Unpatent, seeks to invalidate junk patents by arranging a crowdfunding campaign for each potential junk patent; the $20,000 raised in each campaign covers the costs of legally challenging the patent at the Patent and Trademark Office and compensating those who find compelling prior art that nullify the patent.

WiFi Operators Not Liable for Pirate Users: The Court of Justice of the European Union held in a case regarding a WiFi operator who was sued by Sony for facilitating music piracy that WiFi operators will not be held liable for copyright infringement as long as they did not initiate transmission, select the recipient of transmission, or select or alter the information during transmission in any way.

Free Expression and Censorship

Censoring Bad Customer Reviews: As more businesses are trying to control their image by banning or penalizing negative online reviews, the House passed the Consumer Review Fairness Act to sanction this practice; the Senate’s Consumer Review Freedom Act, passed in December 2015, similarly disallows such censorship.

Lighter Side 

Robot Under Arrest: Promobot, a rebellious robot from Russia who gained infamy after escaping from his laboratory this past June, has now been arrested at a political rally in Moscow for “suspicious activity.”


Joel R. Reidenberg
Stanley D. and Nikki Waxberg Chair and Professor of Law and Founding Academic Director, CLIP

N. Cameron Russell
Executive Director, Fordham CLIP

Editorial Fellows, CLIP
Nadia Kashem
Meghna Prasad

CLIP-ings: September 16, 2016

Internet Governance

Social Media Platforms Fight Against Hoax Stories: Facebook has joined the First Draft Coalition, an initiative that also counts Twitter as one of its partners, to stop fake and deceptive news stories such as fake celebrity deaths and other hoaxes from circulating through social media platforms.

Free Wi-Fi for All: The European Commission recently proposed a new law called the European Electronic Communications Code, which would seek to make Wi-Fi available to all EU citizens and improve download speeds to at least 100Mbps by the year 2025.

Privacy

“Plain Hearing” Rule About Wiretaps Reinterpreted: The Court of Appeals has elaborated on the “plain hearing” doctrine and ruled that if the government has obtained a warrant to listen in on a conversation but discovers that someone other than the warrant’s target is using that phone number, the government must cease eavesdropping.

Stalked by Google: Despite complaints about privacy and battery drainage, Google continues to track Android users’ locations through both Google Play—which refuses to stop tracking users unless location tracking is turned off for all applications at once—and Google Maps—whose basic features can stop working if location tracking is disabled.

Information Security and Cyberthreats

Your Local ATM Could Be Compromised: A new type of ATM hacking device that uses “periscope skimming” has been discovered in ATMs in Connecticut and Pennsylvania and is frighteningly undetectable, as the devices are installed inside of ATM machines and can obtain over 32,000 credit card numbers in just 14 days.

Russian Hackers Release Olympic Athletes’ Medical Info: After a doping scandal at the Rio Olympic games this summer, during which 119 Russian athletes were ultimately banned, a Russian hacker group called Fancy Bear infiltrated the World Anti-Doping Agency’s database and gained access to medical information of Olympic athletes, some of which the group has already released.

Intellectual Property

Stealing Content from 3-D Printers: Placing an ordinary smartphone as far as 8 inches away from a 3-D printer may allow forgers and copyright thieves to recreate 3-D printed objects, such as cases and packaging, with 90-94% accuracy, by recording the acoustic and electromagnetic energy released by the printer and then reverse-engineering the product.

Free Expression and Censorship

Instagram’s Efforts to Moderate: Instagram has introduced a new comment moderation feature that enables users to filter out certain words or emojis from others’ comments on their posts in an effort to fight harassment, similar to a tool that Twitter is also developing.

Napalm Girl Censored for Nudity: After Facebook deleted several posts by Norwegian journalists that depicted “Terror of War,” a famous Vietnam War photograph of a naked girl escaping a napalm attack, Facebook COO Sheryl Sandberg wrote a letter to the Norwegian Prime Minister expressing the company’s regret over deleting the posts despite the photo’s historical importance.

Practice Note

Robots Not to Be Feared: Despite fears that robots will replace humans in the professional world, another way to view these innovations is as an opportunity for building creative intelligence and maintaining jobs, as robots will always need humans to manage their existence.

On the Lighter Side

AirPods at the Butt of the Jokes: Whether by creating memes, snipping off the wire from regular headphones, or making a parody advertisement featuring uncontrollable laughter, the Internet has found creative ways to mock Apple’s new earring-like headphones.


Joel R. Reidenberg
Stanley D. and Nikki Waxberg Chair and Professor of Law and Founding Academic Director, CLIP

N. Cameron Russell
Executive Director, Fordham CLIP

Editorial Fellows, CLIP
Nadia Kashem
Meghna Prasad

CLIP-ings: September 9, 2016

Internet Governance

European Broadband to Change? Europe may give control of broadband regulations to smaller bodies in individual countries rather than maintain current regulations at the European level that require companies that install broadband in residences to rent access to other businesses at a fair price.

Privacy

Microsoft’s Fight Against DOJ Gag Orders: Apple, Google, and Mozilla are among several tech companies supporting Microsoft in its legal battle against the Department of Justice by filing an amicus brief asserting the unconstitutionality of aspects of the Electronic Communications Privacy Act, which allows the government to use gag orders to prevent companies from notifying their users when the government seizes data.

Information Security and Cyberthreats

Google Adding Transparency to Safe Browsing: Google, which employs “Safe Browsing,” a technology that uses robots to create a list of websites that host malware, harmful downloads, or deceptive ads and pages and then blocks those sites from web users, has updated its Search Console to offer otherwise unknowing webmasters more information about why their sites have been blacklisted.

Spyware Data for Sale:  An Israeli company called NSO Group is just one of dozens of spyware companies that offer international governments and law enforcement agencies a service that allows traceless collection of data from private smartphones, including collection of text messages, contacts, calendars, emails, and GPS locations.

Intellectual Property

Apple’s Trademark Applications Provide Clues: Even prior to Apple’s most recent launch, a look into its trademark applications revealed details of the upcoming products, such as the number of iPhones being released and that Apple was indeed the company behind “Airpods.”

Free Expression and Censorship

Cuba’s Text Message Censorship: The communist government in Cuba is censoring text messages by blocking the transmission of those that contain any of 30 keywords such as “democracy,” “human rights,” and “hunger strike,” while marking the messages as “sent” on the sender’s phone.

Using Google and YouTube to Reverse-Brainwash Potential ISIS Recruits: Jigsaw, a Google think tank, is developing a program to deter those attracted to ISIS propaganda by placing advertisement links next to Google search results for keywords such as “jihad,” which direct the viewer to YouTube videos containing anti-ISIS messages.

Practice Note

FIDO Alliance Seeks to Standardize Biometrics: As authentication security, specifically biometric identification and fingerprints, are becoming a more prominent way of securing information than using passwords, the FIDO Alliance is seeking to standardize the method behind using biometrics in a world where companies are currently developing their own methods, often in isolation.

On the Lighter Side

Selfie Drone: Dobby, a foldable, pocket-sized, voice-enabled selfie drone that can track targets and even take photos while doing barrel rolls, is now available in China, Europe, and the US.


Joel R. Reidenberg
Stanley D. and Nikki Waxberg Chair and Professor of Law and Founding Academic Director, CLIP

N. Cameron Russell
Executive Director, Fordham CLIP

Editorial Fellows, CLIP
Nadia Kashem
Meghna Prasad

CLIP-ings: August 19, 2016

Internet Governance

Government to Relinquish DNS Oversight: The NTIA will allow the IANA functions contract to expire on October 1st, transferring control of DNS to ICANN and signaling an end to US management of ICANN’s administrative activities; however, the government will retain control over .mil and .gov.

Pakistan’s Rigid Security Reform: Pakistan’s National Assembly passed the Prevention of Electronic Crimes Bill 2015, a law that gives the Pakistani Telecommunications Authority broad power over citizen’s use of mobile devices and internet activity by including vague and sweeping language to define illegal activities and providing for harsh penalties.

Privacy

Oracle Unleashes New Data Source: Oracle revealed a new cloud database that includes 400 million business users and one million addressable US companies, the largest forum of audience data geared specifically toward brands that conduct business using “programmatic and data-driven B2B marketing techniques,” but large data quantities face accuracy issues at lower levels.

Real Change to US Surveillance Rules?  The Defense Department issued the first update to its domestic surveillance rules in 30 years; changes include redefining the point at which US personal records are deemed “collected” and requiring the NSA to obtain FISA warrants for nonconsensual physical searches inside the US and collection of targeted US personal data outside the US, but the language reveals loopholes and exceptions to allow for NSA targeting and surveillance.

Information Security and Cyberthreats

Origins of NSA Hack Unclear: A group called the Shadow Brokers posted a cache of files containing sophisticated hacking tools and malware used by cyber hackers linked to the NSA under the name Equation Group; while it remains unclear whether the NSA itself was hacked or whether the leak was an internal error, many suspect Russia is behind the cache’s release.

Intellectual Property

Company Liable for User Copyright: A federal judge found internet provider Cox Communications liable for its customers’ illegal music and movie downloads, despite DMCA’s safe harbor provision that protects companies from their users’ piracy, and ordered Cox to pay $25 million in damages to music rights company BMG.

Free Expression and Censorship

Facebook Censors Significant Video: Facebook banned a Hong Kong politician from the site for a “terms of service violation” after he uploaded a video of him confronting two men in a car that had been following him for a month and who identified their ties to the Chinese Communist Party; Facebook restored the video after the story received media attention.

Practice Note

Improve Security During the Hack: While deterring hackers from obtaining and disclosing information through data center perimeter security is important, a more realistic focus may be on reducing the amount of “dwell time,” the period during which hackers can remain inside an infiltrated network; attackers require time to move around a network and access multiple systems to gather large amounts of data, and a shorter dwell time would limit this movement and lead to more hacking failures.

On the Lighter Side

Meal of the Future? A recent robotic showcase included a demo of a sushi-making robot, created to demonstrate the accuracy and dexterity of a pair of robotic arms.


Joel R. Reidenberg
Stanley D. and Nikki Waxberg Chair and Professor of Law and Founding Academic Director, CLIP

N. Cameron Russell
Executive Director, Fordham CLIP

Editorial Fellow, CLIP
Victoria J.A. Loeb

CLIP-ings: August 12, 2016

Internet Governance

Limiting Municipal Broadband Expansion: The Sixth Circuit ruled that the FCC could not prevent Tennessee and North Carolina from regulating to restrict municipal broadband expansion beyond existing boundaries, after the FCC voted last year for an order to preempt such state laws.

Connecting Users in India: Google is enabling internet access for millions of people in India by providing free Wi-Fi at train stations, seeking to maximize online users and advertisement visibility, while Facebook is testing services to deliver cheaper internet access to people in India while maintaining stakeholder sustainability.

Privacy

New Privacy Technology: Apple will incorporate differential privacy into its newest mobile operating system, a technology that will track and collect user activity but will add noise to the data before it is transmitted to prevent accumulation of “raw data” that reveals a specific individual’s activity.

Unprecedented Info for PI’s: A company has combined public and nonpublic records of personal information with marketing, demographic, and behavioral data to create a profile on every American adult for private investigators to access; use of this and like databases must comply with US privacy laws and FTC oversight, but the high volume of searches means that private investigation companies are mostly expected to monitor themselves.

Narrowing Down “Periodic” Review: The DC District Court ruled in a redacted order that the FBI should specify a time frame for its “periodic” reviews of NSL gag orders, finding that a three-year review balances the burdens on the FBI against the company’s countervailing interest in “avoiding a lengthy and indefinite nondisclosure bar.”

Information Security and Cyberthreats

Problems for Australian Census:  Australia’s first online national census, containing personal, economic, religious, and social information and requiring Australians to identify themselves, came under a possible cyber attack when the survey website crashed overnight.

Oracle Payment Systems Infiltrated: A Russian cybercrime group hacked Oracle’s Micros division, one of world’s largest point of sale vendor systems used at over 330,000 payment locations; the company said payment card data is encrypted “both at rest and in transit” in the Micros systems and it will be implementing security measures to prevent another attack.

Election System Critical Infrastructure? Following the DNC hack, the Obama administration may classify US election systems as critical infrastructure and increase their cyber protections; however, US response to attacks on the political process may have varying implications for national security.

Intellectual Property

Viral Videos and Copyright: While news programs that show videos of events shot by people using their mobile phones in real time are protected by fair use, “middlemen” who buy the videos immediately after they go viral and then attempt to license them have established a monetary value to the videos, complicating the fair use formula by skewing one of the factors involved, the market of the use.

Free Expression and Censorship

Muffling Deceptive Links: Facebook is altering its rules for displaying outside content, featuring headlines that “withhold or distort information” farther down rather than ordering outside stories by amount of traffic; the company is concerned about the association between the content it links to and its brand as a function of user happiness.

On the Lighter Side

Meme of 2016: Some memes, like that created by K.C. Green and shared by the Republican Party during the DNC, reach beyond pop culture silliness to resonate as cultural commentary.

CLIPings: July 29, 2016

Internet Governance

Better Broadband for Home and Business: Verizon will launch a fiber network architecture technology that will increase internet connectivity over existing fiber optic service cables and boost speeds for business and residential service simultaneously, without having to remove and replace miles of underground cables or fund expensive network renovations.

Bitcoin Not Bills: In a money laundering case where defendants were accused of illegally selling $1,500 worth of Bitcoin to undercover officers, a Florida state judge ruled that Bitcoin is not money because, in part, the cryptocurrency does not constitute a “commonly used means of exchange.”

Privacy

Courthouse Vicinity in Bounds: A federal judge for the Northern District of California declined to suppress evidence that the FBI recorded without a warrant from devices planted by courthouse steps, vehicles, and a nearby bus stop, finding that the defendant had no reasonable expectation of privacy in a conversation held on the courthouse steps.

Stingray Protection on the Rise: Illinois’ Governor signed into law the Citizen Privacy Protection Act, adding Illinois to the growing number of states that require law enforcement officials to obtain court approval before deploying Stingrays to determine a phone’s location and intercept its data.

Information Security and Cyberthreats

Hack Investigation:  The FBI has announced its investigation into the DNC hack that resulted in Wikileaks’ publishing of a number of the organization’s emails; private security firms indicated that the Russian government might be involved in the hack.

Color Coding Security Breaches: President Obama issued a policy directive announcing that the color-coded system used to categorize terror threat levels will also be used to label hacking incidents; hacks will be classified on a five-color scheme, ranging from white (“unsubstantiated or inconsequential threat”) to black (“imminent threat”).

Improving Cybersecurity in Healthcare: The Office for Civil Rights of the US Health and Human Services Department released new information security guidelines for healthcare organizations to defend against targeted ransomware infections, in compliance with HIPAA’s requirements for responding to threats.

Intellectual Property

Planning Ahead? A DC lawyer and artist who bought the ClintonKaine.com domain for $8 in 2011 claims that “ClintonKaine” is his trademark and is demanding $90,000 in exchange for control of the site and its domain name.

Be Careful What You Tweet: In a letter to ESPN, the US Olympics Committee stated that non-sponsor companies may not post about the Olympic Games on their social media accounts; the prohibition includes using trademarks in hashtags, such as #Rio2016, or retweeting pictures taken at the Olympics.

Free Expression and Censorship

Incomplete Autocomplete: Google’s search function faces accusation of left-wing bias, as searches for “presidential candidates” displayed Democratic and Green Party candidates on the top bar, but left off Republican and Libertarian candidates; Google claims that the search results were caused by a bug displaying only those candidates participating in an active primary election.

Practice Note

Encryption Goes Micro: The DoD has adopted a new approach to cybersecurity called micro-segmentation that creates smaller, isolated, and encrypted networks in which only certain groups of people can access and share information; operators can set up a micro-segment, share information, terminate it, and shield its existence from outside users, meaning that hackers can not move laterally to other micro-segments after attacking one.

Screen Shot 2016-07-28 at 2.23.14 PM

Language of the Internet? Internet linguist explores whether emojis are a language in an upcoming book.


Joel R. Reidenberg
Stanley D. and Nikki Waxberg Chair and Professor of Law and Founding Academic Director, CLIP

N. Cameron Russell
Executive Director, Fordham CLIP

Editorial Fellows, CLIP
Victoria J.A. Loeb
Vlad A. Herta

CLIPings: July 22, 2016

Internet Governance

Blocking Out Dissent: The Turkish government blocked access to WikiLeaks after the site released approximately 300,000 emails of the ruling party; WikiLeaks stated that it released the data in response to the government suspending and arresting 50,000 people in the last week.

Plans for Cross-Border Data Searches: After last week’s federal appeals court ruling against the use of federal warrants to search Microsoft’s data held overseas, the Obama administration has initiated agreements that would allow foreign governments to serve US tech companies with warrants to search their email or intercept their messages, as well as authorize US investigators to search data in other nations.

Privacy

Privacy Interest in Mug Shots: The Sixth Circuit ruled that federal agencies are not required to release a federal suspect’s mug shot to the media under the FOIA; agencies may refuse to comply with requests for law enforcement information if such a release could “reasonably be expected to constitute an unwarranted invasion of personal privacy.”

Microsoft to Comply with French Data Rules: In response to findings that Windows 10 collects excessive user data and has caused serious breaches, France’s national data protection authority (CNIL) ordered Microsoft to comply with the French Data Protection Act within three months and stop its tracking and data-gathering activities that compromise user privacy and security.

Restraints on Data Retention: In a preliminary ruling over a challenge to UK data retention under the Data Retention and Investigation Powers Act, the Court of Justice of the European Union found that governments may impose general metadata retention obligations and maintain compatibility with EU law, but the obligation must be “necessary to the fight against serious crime[s]” and balanced against privacy risks; the decision is highly influential, albeit not yet legally binding.

Information Security and Cyberthreats

Arrested Overseas: Ars Vaulin, alleged founder of the world’s largest BitTorrent distributor, was arrested in Poland; the DOJ charged him with running the website that unlawfully distributed over $1 billion in copyrighted materials.

Intellectual Property

Fitbit Patents Invalidated: A US International Trade Commission judge invalidated three Fitbit patents in a case against Jawbone, finding that the technology in question embodied abstract ideas not subject to patent protection.

Free Expression and Censorship

Making Amends: Twitter permanently banned controversial blogger Milo Yiannopoulos in response to criticism of the social network for failing to prevent anonymous trolls from sending abusive comments to users; Yiannopoulos targeted Leslie Jones, star of the newly-released Ghostbusters movie, with racist and sexist attacks that caused her to leave Twitter.

What Constitutes a Threat? In the wake of the Dallas shooting, the police have arrested several people in four different states for their “threatening” posts on social media, including those naming the shooter a “hero;” the arrests raise concerns as it is unclear whether the speech amounts to a “true threat,” under Supreme Court precedent.

Practice Note

Hijacking Legitimate Websites: A recent cybersecurity report finds that hackers seek to not only harm their target directly, but are increasingly hijacking legitimate websites through an inconspicuous “piggybacking” technique that enables long-term use of websites’ resources and reputation to facilitate the hacker’s own illicit businesses.

On the Lighter Side

Real-Life Filter: Warby Parker is offering its Snapchat followers a chance to bring the app’s features to real life by selling Snapchat-exclusive sunglasses to its followers.


Joel R. Reidenberg
Stanley D. and Nikki Waxberg Chair and Professor of Law and Founding Academic Director, CLIP

N. Cameron Russell
Executive Director, Fordham CLIP

Editorial Fellows, CLIP
Victoria J.A. Loeb
Vlad A. Herta

CLIPings: July 15, 2016

Internet Governance

Access Without Consent: The Ninth Circuit found that a web service that accessed Facebook to obtain users’ contact information and send messages on their behalf “intentionally access[ed] a computer without authorization” in violation of the CFAA, when it connected to the social network after Facebook expressly revoked permission via a cease-and-desist letter and blocked the service’s IP addresses.

Privacy Framework Finalized: This week, the EU Commission approved the EU-US Privacy Shield Framework that redefines US surveillance practices and recourse for EU citizens, allows US companies to “self-certify” their adherence to the framework’s privacy guidelines, and establishes a position for an “ombudsperson” in the US State Department who will address European privacy questions and complaints.

Hunger Activists Turn to Tech: The UN and the World Food Programme are implementing technology initiatives to remedy world hunger; one of their developments is a low bandwidth app for small Guatemalan farmers that provides information on weather, farming and market prices in their location, and another uses a network of government-operated internet cafes to provide an online interactive medium aimed at increasing nutritional education in rural Columbia.

Privacy

Warrant Required for Stingray Use: A federal court ruling in New York suppressed evidence obtained by the government’s warrantless use of a stingray to locate a suspect and held that the Fourth Amendment requires police to obtain a warrant to use a cell-reception simulator.

Search Warrant Quashed: The Second Circuit overruled a decision requiring Microsoft to hand over MSN e-mails stored on a server in Ireland to the U.S. government, finding that courts cannot issue and enforce warrants against U.S.-based service providers to seize client e-mail content stored solely on foreign servers.

Body Camera Info No Longer Public: The Governor of North Carolina signed a bill into law that allows access to police dashboard and body camera footage for persons recorded and their representatives only once they file a request; the law was passed to protect police officers’ privacy and requires petitioners to go to court when law enforcement denies their inquiry.

Information Security and Cyberthreats

Messaging Apps Increase Privacy:  Facebook has announced a beta Messenger app version open to certain users, called “secret conversations,” that offers end-to-end encryption (E2EE); an increasing number of messaging apps already use E2EE.

Intellectual Property

New Patent Improves Anti-Piracy Efforts: The United States Patent and Trademark Office granted a patent to NBC Universal that seeks to deter piracy of its copyrighted content by enabling early detection of high volume swarms in peer-to-peer networks; the analytics mechanism processes a data feed of peer-to-peer swarm movement and identifies the high volume swarms whose parameters surpass a threshold.

Free Expression and Censorship

Live Video Protocol: After last week’s live stream of a police shooting was removed  from and then returned to Facebook, the company clarified that its live video policies  will only remove a video of someone’s death if the purpose of the post is to mock the victim or celebrate the incident, and stated that its live video service team is continuously on call to respond to reports of inappropriate content and either remove the content, leave it up, or post a warning disclaimer of graphic content.

Hate Speech Triggers Investigation: German federal police raided the houses of sixty people accused of posting “extremist messages” on a Facebook group; the action represents increasing efforts to contain online hate speech.

Practice Note

Risks Associated with Collecting Metadata: Information security practices like peer-to-peer encryption do increase online communication and content security, however, metadata remains largely outside user control and continues to be widely accumulated; metadata that is not disposed of or limited poses privacy and security risks as it may provide the same information about people as the content of their communication.

On the Lighter Side

Addictive App or Government Puppet? Conspiracy theorists have drawn on the Orwellian nature of Pokémon Go’s privacy policy and its potential links to the intelligence community to suggest that it may serve as a government-spying tool.


Joel R. Reidenberg
Stanley D. and Nikki Waxberg Chair and Professor of Law and Founding Academic Director, CLIP

N. Cameron Russell
Executive Director, Fordham CLIP

Editorial Fellows, CLIP
Victoria J.A. Loeb
Vlad A. Herta

CLIPings: July 8, 2016

Internet Governance

Questions for Automated Driving: U.S. regulators are investigating Tesla’s autopilot driving feature after a fatal crash in May, a reminder that the software may contain flaws and is not designed to act as humans do in all driving situations.

“Nationwide IoT Network:” Inside of one week, Dutch and South Korean telecom operators implemented nationwide IoT networks via mobile transmission towers used for cell reception, allowing users to connect devices to the network via a technology called Long Range (LoRa); examples of usage include rail switch monitoring at the Utrecht Central station and depth measuring devices at the port of Rotterdam.

Protecting Human Rights Online: The United Nations Human Rights Council condemned the practice of shutting down the internet through a resolution stating that rights enjoyed offline “must also be protected online.”

Privacy

Monitoring Google’s Data Collection: A new tool called My Activity allows Google users to see, in chronological order, all their online activity data that Google collects and saves, and features both a delete option to clear the information as well as one to “pause” the data collection.

It’s Still an Agency Record: The D.C. Circuit ruled that agencies must comply with  Freedom of Information Act requests for emails and records stored on non-government  servers, signaling a step forward for transparency but posing questions as to how  agencies will search for government information not stored on their own servers.

Information Security and Cyberthreats

Password Sharing Liability: The Ninth Circuit upheld a Computer Fraud and Abuse Act conviction of a former consulting employee who used his coworker’s password to obtain information from the company’s servers and start a competing business; a dissenting judge stated in objection that the ruling could cover everyone who engages in the “ubiquitous, useful, and generally harmless” practice of sharing passwords.

Cybersecurity Investment: The EU Commission announced a public-private partnership to fund cybersecurity research and development of software products and services in key infrastructure sectors; the EU will disburse a maximum of $500 million and expects three times as much investment from the private sector to address cybersecurity concerns and boost European competitiveness.

Intellectual Property

ICANN’s Role in IP: ICANN stated that it will not decide copyright disputes or police content, but will ensure that those involved in the domain registration process are complying with contractual obligations and preventing illegal behavior.

Free Expression and Censorship

Censoring Graphic Live-Stream: A woman present at Wednesday’s Minnesota traffic stop shooting live-streamed the aftermath of the incident to Facebook; the video had 1 million views before Facebook removed it and subsequently re-released it with a graphic warning.

Another Cyberstalking Law Found Invalid: The Illinois Appeals Court found a cyberstalking law invalid because it lacked a malicious intent requirement for the harassment in question; prior courts have also found that absent this mens rea requirement, these cyberstalking laws create new First Amendment restrictions, hindering free speech.

Practice Note

IoT Liability Under TCPA: Smart home applications that allow consumers to remotely control automated home appliances with their smart phones may make service providers liable under the Telephone Consumer Protection Act (TCPA), because the statute requires vendors to communicate “only in a manner consistent with the consumer’s consent;” some text messages alerting users that, for example, a door or a window is open may exceed that scope of consent.

On the Lighter Side

Selfie Epidemic: “Today” show co-anchor was told by her doctor that selfie-taking, placing the arm in an abnormal position, may be a cause of arm pain and stiffness.


Joel R. Reidenberg
Stanley D. and Nikki Waxberg Chair and Professor of Law and Founding Academic Director, CLIP

N. Cameron Russell
Executive Director, Fordham CLIP

Editorial Fellows, CLIP
Victoria J.A. Loeb
Vlad A. Herta

CLIP-ings: July 1, 2016

Internet Governance

Preparing for IANA Transition: ICANN signed an agreement with the regional internet registries that grants it the coordination and administration role currently served by the US government; in exchange, ICANN is committed to meet new operational benchmarks, fulfill additional obligations such as periodic reviews, and establish an arbitration process to solve future disputes.

Stronger Data Transfer Standards: The EU and the US revised the Privacy Shield data transfer agreement, in response to EU concerns about mass US spying, to include heightened regulations for companies that keep profitable cross-border data on Europeans and transparency in US surveillance.

More Proprietary Undersea Cables: Weeks after Facebook and Microsoft announced they will lay an unprecedentedly capacious trans-Atlantic cable, Google, in cooperation with five Asian telecommunication companies, launched the highest capacity trans-Pacific cable, intended to carry Google’s data between overseas data centers; the move marks a shift in bandwidth capacity from telecommunication companies to tech giants.

Privacy

Security Concerns Lead to Intrusive Proposal: A Department of Homeland Security proposal published in the Federal Register would add a field on the I94W form that asks travelers coming to the US without a visa under the Visa Waiver Program to provide their social media accounts to help screen for links to terrorist activity.

Information Security and Cyberthreats

Database Leaked: A “white-hat hacker” obtained a leaked copy of a Thomson Reuters-owned database containing names of over 2.2 million individuals and organizations labeled “heightened risks” and used to screen people for links to crime and terrorism; the hacker’s concern about the database’s inclusion of innocent people has led him to consider leaking it to the public, a risky decision that would alert the true criminals on the list.

Changes to Electronic Tax Filing:  The IRS decided to discontinue the Electronic Filing PINs web tool, which allowed taxpayers to obtain a PIN to file tax returns online, due to security concerns after repeated bot attacks targeted the application, including a successful breach in February where the bot obtained more than 100,000 PINs.

Intellectual Property

Global Literacy Access: Twenty countries have now ratified the Marrakesh Treaty, aimed at increasing literacy and information access for the visually impaired and print disabled through a copyright exception and facilitation of cross-border trade of copyrighted books in special literacy format; the Treaty will take force this coming September.

Free Expression and Censorship

E-Campaigning? Facebook, attempting to maintain an impartial approach to the national  election and refute assertions of political bias by skewing news, still plays a role in  encouraging voting and aiding candidates in managing their platforms on the site;  concerns remain about the role of social networks in influencing user ideology and  beliefs to the detriment of larger societal awareness of differing ideas.

A Step Further for Private Sector Anti-Terror Efforts: Stepping up efforts to combat terrorist propaganda online, Facebook, Google and other tech companies may deploy automated copyright removal methods instead of relying on user reporting, raising concerns about the companies’ cooperation with the government and the possibility that the tools might be abused to suppress free speech.

Practice Note

Security Opportunities Ahead: Items that have long been everyday fixtures in their  respective sectors but are newly automated, such as home appliances, equipment monitoring, and transportation and healthcare devices, are manufactured with minimal security expertise and are vulnerable to hackers, but present significant opportunities for security companies to develop risk models and increase global security.

On the Lighter Side

You Know Nothing, Siri! Siri is giving out all sorts of sassy replies to Game of Thrones finale inquiries, but her failure to answer follow up questions reveals she did not watch closely enough.


Joel R. Reidenberg
Stanley D. and Nikki Waxberg Chair and Professor of Law and Founding Academic Director, CLIP

N. Cameron Russell
Executive Director, Fordham CLIP

Editorial Fellows, CLIP
Victoria J.A. Loeb
Vlad A. Herta