Yale Journal of Law & Technology
Volume 7, 2004-2005 Fall Issue
Architectural Regulation and the Evolution of Social Norms
By Lee Tien
Lee Tien, Architectural Regulation and the Evolution of Social Norms, 7 Yale Journal of Law & Technology 1 (2004).
Current legal scholarship on architectural regulation of software focuses on how its lack of transparency may frustrate public accountability or, by the same token, enhance its effectiveness. This paper argues that architectural regulation poses deeper dangers to the very concept of law. Ordinarily, we think of law as rules that a person thinks about when deciding how to act, and which human beings must decide to enforce. Law as architecture operates differently: instead of affecting our calculus of choice, it structures the very conditions of action, such as social settings and the resources available in those settings. Thus, architectural regulation operates surreptitiously and may not even be perceived as governmental action. Architectural regulation thus allows government to shape our actions without our perceiving that our experience has been deliberately shaped, engendering a loss of moral agency. Because our norms are often the product of social experience with and discourse about new technologies, architectural regulation poses the danger that government can distort the evolution of constitutional norms like privacy.
Transborder Search: A New Perspective in Law Enforcement?
By Nicolai Seitz
Nicolai Seitz, Transborder Search: A New Perspective in Law Enforcement?, 7 Yale Journal of Law & Technology 23 (2004).
Think about the following situation: you are a German police officer investigating a serious crime. Your suspect is an American citizen using a Yahoo e-mail account to communicate with his criminal partners. Now you are informed that critical evidence (an e-mail) was sent to the suspect's e-mail-account and is currently stored on Yahoo´s e-mail-server in New York. It is Sunday morning and there are indications that the e-mail will be deleted by the suspect in a few hours. Traditional methods of gaining access to the vital evidence, like letters rogatory, might take too long. What do you do? Is it permissible for you as a German police officer to hack the suspect's e-mail account and to download the incriminating e-mail from the server located in New York?
This Article tries to find an answer to the question of when such a 'transborder search' is currently admissible under public international law. It analyses the first (at least publicly known) criminal case worldwide in which a law enforcement agency (the United States Federal Bureau of Investigation) used this method to access and download evidence stored on server in a foreign country. After analysing the current legal situation the author comes to the conclusion that up to now a transborder search to access protected data is in principle inadmissible. However, there is an exception when the data are stored in the United States and extraordinary cirstances prevail. Therefore, the author's answer regarding the question above is 'yes'.
The Fourth Amendment Unplugged: Electronic Evidence Issues & Wireless Defenses
By Tara McGraw Swaminatha
Tara McGraw Swaminatha, The Fourth Amendment Unplugged: Electronic Evidence Issues & Wireless Defenses, 7 Yale Journal of Law & Technology 51 (2004).
Launch On Warning: Aggressive Defense Of Computer Systems
By Curtis E. A. Karnow
Curtis E. A. Karnow, Launch On Warning: Aggressive Defense Of Computer Systems, 7 Yale Journal of Law & Technology 87 (2004).
Real World Problems Of Virtual Crime
By Beryl A. Howell
Beryl A. Howell, Real World Problems Of Virtual Crime, 7 Yale Journal of Law & Technology 103 (2004).
Theoretical debates about how best to address cybercrime have their place, but, in the real world, companies and individuals face new harmful criminal activity that poses unique technical and investigatory challenges. One of the greatest challenges posed by this new technology is how to combat wrongdoing effectively without netting innocent actors. This Article will present three case studies drawn from recent high-profile news stories to illustrate the pitfalls of legislating in the e-crimes arena.
Technology, Security And Privacy: The Fear Of Frankenstein, The Mythology Of Privacy And The Lessons Of King Ludd
By K. A. Taipale
K. A. Taipale, Technology, Security And Privacy: The Fear Of Frankenstein, The Mythology Of Privacy And The Lessons Of King Ludd, 7 Yale Journal of Law & Technology 123 (2004).
This article suggests that the current public debate that pits security and privacy as dichotomous rivals to be traded one for another in a zero-sum game is based on a general misunderstanding and apprehension of technology on the one hand and a mythology of privacy that conflates secrecy with autonomy on the other. Further, political strategies premised on outlawing particular technologies or techniques or seeking to constrain technology through laws alone are second-best -- and ultimately futile -- strategies that will result in little security and brittle privacy protection.
This article argues that civil liberties can best be protected by employing value sensitive technology development strategies in conjunction with policy implementations, not by opposing technological developments or seeking to control the use of particular technologies or techniques after the fact through law alone. Value sensitive development strategies that take privacy concerns into account during design and development can build in technical features that can enable existing legal control mechanisms and related due process procedures for the protection of civil liberties to function.
This article examines how identification, data aggregation and data analysis (including data mining), and collection technologies intersect with security and privacy interests and suggests certain technical features and strategies premised on separating knowledge of behavior from knowledge of identity based on the anonymization of data (for data sharing, matching and analysis technologies) and the pseudonymization of identity (for identification and collection technologies). Technical requirements to support such strategies include rule-based processing, selective revelation, and strong credential and audit.
Privacy vs. Piracy
By Sonia K. Katyal
Sonia K. Katyal, Privacy vs. Piracy, 7 Yale Journal of Law & Technology 222 (2004).
A few years ago, it was fanciful to imagine a world where intellectual property owners -- such as record companies, software owners, and publishers -- were capable of invading the most sacred areas of the home in order to track, deter, and control uses of their products. Yet, today, strategies of copyright enforcement have rapidly multiplied, each strategy more invasive than the last. This new surveillance exposes the paradoxical nature of the Internet: It offers both the consumer and creator a seemingly endless capacity for human expression -- a virtual marketplace of ideas -- alongside an insurmountable array of capacities for panoptic surveillance. As a result, the Internet both enables and silences speech, often simultaneously.
This paradox, in turn, leads to the tension between privacy and intellectual property. Both areas of law face significant challenges because of technology's ever-increasing pace of development. Yet courts often exacerbate these challenges by sacrificing one area of law for the other, by eroding principles of informational privacy for the sake of unlimited control over intellectual property. Laws developed to address the problem of online piracy -- in particular, the DMCA -- have been unwittingly misplaced, inviting intellectual property owners to create private systems of copyright monitoring that I refer to as piracy surveillance. Piracy surveillance comprises extrajudicial methods of copyright enforcement that detect, deter, and control acts of consumer infringement.
In the past, legislators and scholars have focused their attention on other, more visible methods of surveillance, namely those relating to employment, marketing, and national security. Piracy surveillance, however, represents an overlooked fourth area that is completely distinct from these other types, yet incompletely theorized, technologically unbounded, and, potentially, legally unrestrained. The goals of this Article are threefold: first, to trace the origins of piracy surveillance through recent jurisprudence involving copyright; second, to provide an analysis of the tradeoffs between public and private enforcement of copyright; and third, to suggest some ways in which the law can restore a balance between the protection of copyright and civil liberties in cyberspace.
This paper was selected as the winning entry for the 2004 Yale Law School Cybercrime and Digital Law Enforcement Conference writing competition, sponsored by the Yale Law School Information Society Project and the Yale Journal of Law and Technology.
Surfing While Muslim: Privacy, Freedom Of Expression And The Unintended Consequences Of Cybercrime Legislation
By Jason M. Young
Jason M. Young, Surfing While Muslim: Privacy, Freedom Of Expression And The Unintended Consequences Of Cybercrime Legislation, 7 Yale Journal of Law & Technology 346 (2004).
The Canadian government's Lawful Access discussion paper fails to provide empirical -- or anything beyond anecdotal -- evidence that the legislative amendments proposed are actually needed. Evidence derived from U.S. law enforcement agencies suggests that technological and administrative impediments -- more than legal ones -- are the cause of most difficulties experienced in cybercrime investigations and prosecutions, specifically: insufficient basic record keeping by telecommunications and Internet service providers; inability to effect data preservation extraterritorially; inability to circumvent encryption; and, a lack of common data-sharing protocols.
Under the guise of international obligations, the government seeks to adopt new legal investigatory tools, the effect of which would be a dilution of judicial oversight for the production of digital "traffic data" in criminal investigations. These initiatives fail to address the fact that value is inherent in all technology and must be factored into the application of laws which seek to regulate new technologies. Unlike the analog analogue, digital traffic data will often reveal a great deal about one's lifestyle, intimate relations or political or religious opinions. Canadian courts have unequivocally found that information of this nature is subject to the highest constitutional protections, particularly in the criminal investigation context.