Last Week in Tech Law and Policy, Vol. 16: The Art of Deception: a Gift or a Curse?

(by Annie Tooley, Colorado Law 2L)

Following on last week’s post, another dark cloud continues to loom over the Internet: malware. Malware is somewhat two-faced.  On one side, hackers use malware to gain access to personal information.  On the other side, the government uses malware to track down criminals and terrorists.  But what happens when the line separating the two starts to blur?  This post will explore the “good” and “bad” sides of deceptive delivery of malware.

Continue reading “Last Week in Tech Law and Policy, Vol. 16: The Art of Deception: a Gift or a Curse?”

Last Week in Tech Law and Policy, Vol. 15: The Internet’s Lousy Summer Vacation

We’re back for Season 2 of our ongoing weekly recap of current tech policy news. As always, the TLPC Director (that’s me—Blake Reid) takes on the first blog post of the semester before the TLPC’s student attorneys take over for the duration. As summer comes to a close in Boulder, this post explores some of the dark clouds have circled over the Internet in recent weeks.

Continue reading “Last Week in Tech Law and Policy, Vol. 15: The Internet’s Lousy Summer Vacation”

Last Week in Tech Law & Policy, Vol.2: The Inside Scoop

(by Chelsea E.  Brooks, Colorado Law 2L)

State of the Union:  This week, I want to look ahead to President Obama’s State of the Union Address, which will be held Friday,  January 20th.  The President has revealed cybersecurity as being one of the key issues he will address. In particular, he is proposing a 30-day window in which companies must notify consumers that their data has been breached, is championing criminalization of selling credit card information outside of the U.S.,  and is expected to recommend to Congress a Consumer Privacy Bill of Rights.  In addition to consumer-focused proposals, the President wants to broaden the legal definition of unauthorized computer access under the Computer Fraud and Abuse Act (CFAA) and increase penalties for computer access crimes.

Back to Sony:  Connecting back to last week’s post, could the Sony hacking scandal have been influential in directing this agenda?  As mentioned in Vol.1, the Sony hack has “broad implications for the future of law enforcement, crime and punishment, privacy, and war.”  Those implications may already be coming to light as Shaun Donovan, the Director of the Office of Management and Budget, has cited to the Sony hack in writing the Administration’s cybersecurity proposals to Congress.  Donovan states:

[T]he dramatic increase in cyber intrusions and the recent destructive and coercive attack on Sony Pictures Entertainment offer a stern reminder that we must act with urgency to do everything possible to better protect the Nation and economy against cyber threats.

With that statement in mind, consider two questions posed by the New York Times:

When should the federal government step in to fight hackers? And is America’s own use of cyberweapons a complicating factor?

Blackhat:  Hollywood’s recent connections with cybersecurity don’t stop with the Sony hack.  The just-released Blackhat glamorizes the world of hacking and raises the question: could the current climate of fear of cyber crime lead to over-inclusive policy making?  Members of the Obama administration are already citing to the Sony hack as reasoning for increasing punishments and broadening the power of the CFAA. Is this reasoning justifiable?  Can increasing penalties effectively deter undesirable hacking?  (The legal ramifications didn’t seem to deter the Sony hackers.)