Celebrities, Copyright, and Cybersecurity

The fall began with a wave of hacked nude celebrity photos (as Tim notes in his great post). The release generated attention to the larger problem of revenge porn – or, more broadly, the non-consensual sharing of intimate media. Legislators and scholars have moved to tackle the problem. Danielle Citron proposes a model statute for criminalizing revenge […]

On Accuracy in Cybersecurity

I have a new article on how to address questions of accuracy in cybersecurity up on SSRN. It’s titled Schrödinger’s Cybersecurity; here’s the abstract: Both law and cybersecurity prize accuracy. Cyberattacks, such as Stuxnet, demonstrate the risks of inaccurate data. An attack can trick computer programs into making changes to information that are technically authorized but […]

Why Aren’t “Hacked” Celebrities Filing Takedown Notices?

Writing today in Slate, Emily Bazelon complains that the law does not do enough to protect the privacy rights of celebrities whose accounts were illicitly “hacked” last weekend, resulting in the release of unauthorized nude photos the celebrities apparently took of themselves. Bazelon contrasts what she characterizes as the celebrities’ inability to remove their objectionable content […]

Cybercrime’s International Challenges

Jane and I are in Cluj-Napoca, Romania, for a conference titled “Crimes, Criminals, and the New Criminal Codes: Assessing the Effectiveness of the Legal Response” at Babes-Bolyai University. Jane is speaking on “Surveillance in a Technological Age: The Case of the NSA,” and I’m giving a talk based on my forthcoming article Ghost in the Network. […]

Shark Tanks and Cybersecurity

It’s the most wonderful time of the year… for data breaches. Target may have compromised as many as 40 million credit and debit cards used by shoppers in their stores. What liability will they face? At George Mason’s excellent workshop on cybersecurity, there was a spirited debate over the mechanisms of enforcing security standards. (This […]

Cyberwar and Cyberespionage

My paper “Ghost in the Network” is available from SSRN. It’s forthcoming in the University of Pennsylvania Law Review. I’m appending the abstract and (weirdly, but I hope it will become apparent why) the conclusion below. Comments welcomed. Abstract Cyberattacks are inevitable and widespread. Existing scholarship on cyberespionage and cyberwar is undermined by its futile […]

Privacy, Security, and Cybercrime

In a forthcoming paper, I argue that security and privacy issues differ in important ways that are typically neglected by both scholars and courts. If you’re in Chicago at the end of the week, you can hear me drone on about the piece on a panel on cybercrime at a symposium at Northwestern University School […]

Whereupon I Depress Lifehacker Readers

Because DVD ripping is illegal if you bypass DRM. Which, most of the time, you have to.

Petraeus and Privacy

The resignation of CIA Director David Petraeus, after a cyberharassment investigation brought his affair with biographer Paula Broadwell to light, has generated a fascinating upsurge in privacy worries. (Side note: I believe “working with my biographer” has now superseded “hiking the Appalachian Trail” as the top euphemism for infidelity). Orin Kerr has an excellent summary […]

Research Project on State Information Laws

My friend Sasha Romanosky, a research fellow at the Information Law Institute at NYU and the co-author of a great paper on data breach notification laws, is looking for your help with a research project: Greetings, I am involved in a research project that examines state laws affecting the flow of personal information. This information could […]