Celebrities, Copyright, and Cybersecurity

The fall began with a wave of hacked nude celebrity photos (as Tim notes in his great post). The release generated attention to the larger problem of revenge porn – or, more broadly, the non-consensual sharing of intimate media. Legislators and scholars have moved to tackle the problem. Danielle Citron proposes a model statute for criminalizing revenge […]

On Accuracy in Cybersecurity

I have a new article on how to address questions of accuracy in cybersecurity up on SSRN. It’s titled Schrödinger’s Cybersecurity; here’s the abstract: Both law and cybersecurity prize accuracy. Cyberattacks, such as Stuxnet, demonstrate the risks of inaccurate data. An attack can trick computer programs into making changes to information that are technically authorized but […]

Cybercrime’s International Challenges

Jane and I are in Cluj-Napoca, Romania, for a conference titled “Crimes, Criminals, and the New Criminal Codes: Assessing the Effectiveness of the Legal Response” at Babes-Bolyai University. Jane is speaking on “Surveillance in a Technological Age: The Case of the NSA,” and I’m giving a talk based on my forthcoming article Ghost in the Network. […]

Shark Tanks and Cybersecurity

It’s the most wonderful time of the year… for data breaches. Target may have compromised as many as 40 million credit and debit cards used by shoppers in their stores. What liability will they face? At George Mason’s excellent workshop on cybersecurity, there was a spirited debate over the mechanisms of enforcing security standards. (This […]

Cyberwar and Cyberespionage

My paper “Ghost in the Network” is available from SSRN. It’s forthcoming in the University of Pennsylvania Law Review. I’m appending the abstract and (weirdly, but I hope it will become apparent why) the conclusion below. Comments welcomed. Abstract Cyberattacks are inevitable and widespread. Existing scholarship on cyberespionage and cyberwar is undermined by its futile […]

Hollywood Comes to Brooklyn

Catchy title, no? Today, Al Perry, Vice President of Worldwide Content Protection and Outreach at Paramount Pictures, came to BLS to talk about movies, piracy, and the Internet. He spoke for about 40 minutes, and then Jason Mazzone offered comments. Next, we had about 30 minutes of spirited discussion with BLS students. I’m writing up […]

Goldilocks and Cybersecurity

It may seem strange in a week where Megaupload’s owners were arrested and SOPA / PROTECT IP went under, but cybersecurity is the most important Internet issue out there. Examples? Chinese corporate espionage. Cyberweapons like Stuxnet. Anonymous DDOSing everyone from the Department of Justice to the RIAA. The Net is full of holes, and there […]

How Not To Secure the Net

In the wake of credible allegations of hacking of a water utility, including physical damage, attention has turned to software security weaknesses. One might think that we’d want independent experts – call them whistleblowers, busticati, or hackers – out there testing, and reporting, important software bugs. But it turns out that overblown cease-and-desist letters still […]

Cyber-Terror: Still Nothing to See Here

Cybersecurity is a hot policy / legal topic at the moment: the SEC recently issued guidance on cybersecurity reporting, defense contractors suffered a spear-phishing attack, the Office of the National Counterintelligence Executive issued a report on cyber-espionage, and Brazilian ISPs fell victim to DNS poisoning. (The last highlights a problem with E-PARASITE and PROTECT IP: […]

The Myth of Cyberterror

UPI’s article on cyberterrorism helpfully states the obvious: there’s no such thing. This is in sharp contrast to the rhetoric in cybersecurity discussions, which highlights purported threats from terrorists to the power grid, the transportation system, and even the ability to play Space Invaders using the lights of skyscrapers. It’s all quite entertaining, except for […]