Sharing Shortcomings

I have a new essay coming out in Loyola University Chicago Law Journal titled Sharing Shortcomings. Comments and feedback are very much welcomed. Here’s the abstract: Current cybersecurity policy emphasizes increasing the sharing of threat and vulnerability information. Legal reform is seen as crucial to enabling this exchange, both within the public and private sectors […]

The Crane Kick and the Unlocked Door

Cybersecurity legislative and policy proposals have had to grapple with when (if ever) firms ought to be held liable for breaches, hacks, and other network intrusions. Current approaches tend to focus on the data that spills when bad things happen: if it’s sensitive, then firms are in trouble; if not personally identifiable, then it’s fine; […]

On Accuracy in Cybersecurity

I have a new article on how to address questions of accuracy in cybersecurity up on SSRN. It’s titled Schrödinger’s Cybersecurity; here’s the abstract: Both law and cybersecurity prize accuracy. Cyberattacks, such as Stuxnet, demonstrate the risks of inaccurate data. An attack can trick computer programs into making changes to information that are technically authorized but […]

Cybercrime’s International Challenges

Jane and I are in Cluj-Napoca, Romania, for a conference titled “Crimes, Criminals, and the New Criminal Codes: Assessing the Effectiveness of the Legal Response” at Babes-Bolyai University. Jane is speaking on “Surveillance in a Technological Age: The Case of the NSA,” and I’m giving a talk based on my forthcoming article Ghost in the Network. […]

Cyberwar and Cyberespionage

My paper “Ghost in the Network” is available from SSRN. It’s forthcoming in the University of Pennsylvania Law Review. I’m appending the abstract and (weirdly, but I hope it will become apparent why) the conclusion below. Comments welcomed. Abstract Cyberattacks are inevitable and widespread. Existing scholarship on cyberespionage and cyberwar is undermined by its futile […]

Petraeus and Privacy

The resignation of CIA Director David Petraeus, after a cyberharassment investigation brought his affair with biographer Paula Broadwell to light, has generated a fascinating upsurge in privacy worries. (Side note: I believe “working with my biographer” has now superseded “hiking the Appalachian Trail” as the top euphemism for infidelity). Orin Kerr has an excellent summary […]

Censorship v3.1

I have a new essay up on SSRN, titled Censorship v3.1. It’s under consideration by the peer-reviewed journal IEEE Internet Computing. Here’s the abstract: Internet censorship has evolved. In Version 1.0, censorship was impossible; in Version 2.0, it was a characteristic of repressive regimes; and in Version 3.0, it spread to democracies who desired to […]

The Obama Administration and Chutzpah

I’ve posted a new essay, titled Chutzpah, to SSRN. It’s forthcoming in the peer-reviewed Journal of National Security Law and Policy. Here’s the abstract: President Barack Obama campaigned on a platform of governmental transparency. This Essay examines how his administration has implemented this commitment in two policy areas: Internet communication, and intellectual property. It finds […]

Dogs, Drugs, Bombs, and Math

Jane Yakowitz has a great essay on privacy intuitions and the gravitational effect of the war on drugs up at the Stanford Law Review Online. The picture of the dog is pretty cute, too…

When Cybersecurity Makes Things Worse

Adam Dachis has an interesting and worrisome post up at Lifehacker. (Disclosure: he kindly asked me for input into the post.) It thinks about a post-CISPA world, where privacy exists only at the behest of companies who hold our information. CISPA would immunize these firms for sharing information with the federal government, so long as […]