(by James Frazier, Student Attorney)
Planes, automobiles, and artificial intelligence. This week, the FAA released new rules regulating drones, Apple and Sony threw their hats into the autonomous automobile arena, and Great Britain announced that it will release new rules governing driverless car testing in the UK. Mike Hean, a Swiss entrepreneur, suggested that driverless cars should be programed with advanced artificial intelligence that would allow an Uber-style ride sharing app. Indeed, Hean believes that driverless car should be able to own themselves, and even earn their own income. Tying these threads together, MIT’s Tech Review released an article this week outlining some contemporary concerns about artificial intelligence.
Continue reading “Last Week in Tech Law & Policy Vol. 6: Self-Driven Tech”
(by Joseph de Raismes, Colorado Law 3L)
This week, I would like to look at internet privacy, how privacy tools are funded, and what the future of privacy should look like.
Last week, ProPublica ran Julia Angwin’s excellent profile of GnuPG’s lead developer Werner Koch. Koch wrote the free email encryption tool GNuPG in 1997, and has been keeping the project alive basically single-handedly ever since. In response to ProPublica’s profile, Koch received an outpouring of support in the form of private donations and grants.
Werner Koch’s situation drew the attention of cryptographer Matt Green, who questioned the entire framework of how we fund the long-term development of privacy tools. In his post, Matt draws attention to the fact that the US government has been an extremely important funding source for key privacy tools, but questions the sustainability of the current framework for funding research and development in this area.
In light of the Snowden revelations, real name systems, perma-cookies, browser fingerprinting, and other sophisticated tracking measures, internet privacy seems more and more like a thing of the past. Is internet privacy a value that should be fostered (and funded) in a cohesive manner?
(by Chelsea E. Brooks, Student Attorney, Joseph N. de Raismes, Student Attorney, Andy J. Sayler, Student Technologist)
Last week, we filed three comments in response to the Copyright Office’s DMCA Section 1201 Tri-annual Exemption Notice of Proposed Rulemaking: a Short Comment for Class 27 (Medical Devices), a Short Comment for Class 22 (Vehicle Software), and a Long Comment for Class 25 (Security Research). All comments were filed on behalf of our client, Professor Matthew Green.
Professor Green is an Assistant Research Professor in the Information Security Institute at Johns Hopkins University and needs to be able to circumvent various access controls on software and devices in the process of conducting good faith security research. Such circumvention is chilled by Section 1201 of the Digital Millennium Copyright Act (DMCA). In our long comment, we argue for an exemption to Section 1201’s anti-circumvention provisions and show that preventing circumvention of access controls is chilling good faith security research and creating other adverse effects. Our short comments reiterate this point with respect to specific types of security research and urge the Copyright Office to grant a broad exemption to the Section 1201 anti-circumvention rules for all forms of good faith security research.
Next up in the proceedings is the second round of public comments filed by those that oppose each exemption. The objection comment deadline is March 27, 2015. Following that, there will be a third round of public comments in which supporters can respond to the objectors’ comments. This round closes on May 1, 2015, after which the Copyright Office will begin the internal process of making their decisions.
( by Allison N. Daley, Colorado Law 2L)
This week I want to focus on a specific area of tech law and policy: health care. With the advent of telemedicine as a way of providing health care at a distance, there is exciting potential for innovation, however with this innovation comes new challenges in law and policy.
As just one example, there is a new app, Harbinger, that transmits communication from Emergency Medical Service (EMS) workers in an ambulance to hospitals in real time. The hope is that such technology can improve care by sending protected health information (PHI) such as drivers licenses and insurance cards to hospitals for faster registration. The app even allows EMS workers to send pictures and videos of injuries or accident scenes for more rapid diagnosis and treatment.
With this great technology, however, privacy concerns abound. Because cell phones store data on the device itself, PHI is much more likely to fall into the wrong hands if a cell phone is lost or stolen. While the Health Insurance Portability and Accountability Act (HIPAA) does not have any official rules banning the use of cell phones, the HIPAA Privacy Rule requires health care providers to implement appropriate safeguards to reasonably protect health information.
In order to solve this problem, the Harbinger app promises:
[P]atient information is encrypted with today’s most advanced methods. The data is transported to our server with the industry standard for banks and credit cards, and is stored in an encrypted format.
While this sounds like it may satisfy HIPAA standards, patients and hospitals will likely still have concerns about this new technology. The founders, both Coloradoans, are currently negotiating with hospitals and we may see the system operating by the end of the year.
For more information, check out Harbinger’s website.
See you next week!
(by Elizabeth J. Chance, Colorado Law 3L)
State of the Union: In his State of the Union address last Tuesday, President Obama shared his vision on hot-topic issues in technology law and policy. In response to debates over US surveillance programs, President Obama promised a report next month on how the country’s intelligence agencies are keeping our country safe and strengthening privacy. Additionally, President Obama assured the country that the government is integrating intelligence to address cyber attacks, and urged Congress to pass legislation to better meet the evolving need of cybersecurity. Without expressly referencing the issue of net neutrality or municipal broadband, President Obama discussed the need for 21st century infrastructure including fast, free, and open Internet:
Twenty-first century businesses need twenty-first century infrastructure—modern ports, stronger bridges, faster trains and the fastest Internet. . . . I intend to protect a free and open internet, extend its reach to every classroom, and every community, and help folks build the fastest networks, so that the next generation of digital innovators and entrepreneurs have the platform to keep reshaping our world.
Community Broadband Act: Two days after the President’s State of the Union Address, four Democrats introduced the Community Broadband Act in Congress. The Community Broadband Act aims to preserve the rights of cities and localities to build municipal broadband networks and ensure that their communities are connected and have access to reliable networks. Senator Edward Markey also continued to urge the FCC to act to use its authority to end any state restrictions that impede local communities from making these decisions for themselves.
(by Chelsea E. Brooks, Colorado Law 2L)
State of the Union: This week, I want to look ahead to President Obama’s State of the Union Address, which will be held Friday, January 20th. The President has revealed cybersecurity as being one of the key issues he will address. In particular, he is proposing a 30-day window in which companies must notify consumers that their data has been breached, is championing criminalization of selling credit card information outside of the U.S., and is expected to recommend to Congress a Consumer Privacy Bill of Rights. In addition to consumer-focused proposals, the President wants to broaden the legal definition of unauthorized computer access under the Computer Fraud and Abuse Act (CFAA) and increase penalties for computer access crimes.
Back to Sony: Connecting back to last week’s post, could the Sony hacking scandal have been influential in directing this agenda? As mentioned in Vol.1, the Sony hack has “broad implications for the future of law enforcement, crime and punishment, privacy, and war.” Those implications may already be coming to light as Shaun Donovan, the Director of the Office of Management and Budget, has cited to the Sony hack in writing the Administration’s cybersecurity proposals to Congress. Donovan states:
[T]he dramatic increase in cyber intrusions and the recent destructive and coercive attack on Sony Pictures Entertainment offer a stern reminder that we must act with urgency to do everything possible to better protect the Nation and economy against cyber threats.
With that statement in mind, consider two questions posed by the New York Times:
When should the federal government step in to fight hackers? And is America’s own use of cyberweapons a complicating factor?
Blackhat: Hollywood’s recent connections with cybersecurity don’t stop with the Sony hack. The just-released Blackhat glamorizes the world of hacking and raises the question: could the current climate of fear of cyber crime lead to over-inclusive policy making? Members of the Obama administration are already citing to the Sony hack as reasoning for increasing punishments and broadening the power of the CFAA. Is this reasoning justifiable? Can increasing penalties effectively deter undesirable hacking? (The legal ramifications didn’t seem to deter the Sony hackers.)
(by Blake E. Reid, TLPC Director)
Just about every week during the fall and spring semesters, the TLPC spends time discussing current events in tech law and policy. Our students do a great job researching and highlighting current events, so this semester we thought we’d share what we’re reading with the world.
I have the task of leading our inaugural discussion, so I’m going to focus on two events that have blown up over our winter break:
Net Neutrality. While it’s hard to narrow down the 10+ year-old net neutrality / Open Internet discussion down, the biggest news over break was the soft-launch of the Commission’s plan to reclassify ISPs under Title II of the Telecommunications Act— announced at the Consumer Electronics Show—in rules to be voted on at the Commission’s February open meeting. Other interesting issues waiting in the wings include the treatment of wireless providers, the Commission’s approach to forbearance, various other bells and whistles of the final item (I’m particularly interested in the treatment of reasonable network management and the premises operator exception), and how the courts and Congress will ultimately impact the state of play (or not).
The Sony Hack. There’s so much to say about this, but I’ve been most interested in the epistemological debate over whodunit (is it North Korea, or isn’t it?), and the difficulty of assessing adversaries online. This is the tip of the iceberg for this phenomenon, which has broad implications for the future of law enforcement, crime and punishment, privacy, and war.
See you next week!
We at TLPC are proud to introduce the pilot episode of our podcast, Tech Law and You. In the inaugural episode, we present an interview with Jeff Blattner, President of Legal Policy Solutions and Clinical Professor at American University in Washington, DC. Student attorneys Mel Jensen and Alex Koral talk with Jeff about his time working for Senator Ted Kennedy, and discuss lessons for law students on maintaining strong relationships, working on teams, and building a portfolio of skills.
Theme music is by The Carols. Tech Law and You is distributed under a Creative Commons Attribution-ShareAlike license.
(by Spencer Rubin and Trip Nistico, Colorado Law 2Ls, and Vickie Stubbs, ATLAS Institute)
Two weeks ago, the TLPC submitted reply comments on the Third Further Notice of Proposed Rulemaking (FNPRM) in the Federal Communications Commission’s Text-to-911 (TT911) docket. Among the many areas in which the FCC sought comment on rules for text messages to 911, we focused on the privacy and cybersecurity implications of sharing enhanced location information via text message to emergency responders.
Continue reading “Will the FCC Let You Retain Your Privacy and the Cybersecurity of Your Information When You Text 911?”