Month: February 2020

By: Olivia Akl

In a world that mass-produces conspiracy theories from the moon landing being fake to black helicopters coming to bring the US under UN control, it can occasionally be hard to tell fact from fiction. That’s only getting harder thanks to technological advancements like deepfake videos[1], hyper-realistic silicone masks[2], and soon-to-be smart contact lenses.[3] When we can’t trust what we see with our own eyes, what can we trust? What does this advancement of technological trickery mean for the reliability of eyewitness accounts and video evidence in courts?

 

A deepfake PSA produced by Buzzfeed in 2018 seemed to show President Obama warning people about the threat deepfakes presented.[4] It ended with the reveal that the person speaking was not President Obama, but rather Jordan Peele doing an impersonation of President Obama overlaid with President Obama’s image using FakeApp and After Effects CC.[5] This video opened many eyes to the power of deepfake technology and how convincing it could be.[6] However, deepfake videos are hardly the first videos to fool people into thinking one person is doing something, when it’s truly another individual.

 

Security videos analyzed by the FBI of a string of robberies in San Diego from 2009 to 2010 led the FBI to offer a $20,000 reward for information that led to the arrest of the so-called “Geezer Bandit.”[7] While at least one witness thought the robber was wearing a “Halloween-style old man” mask, the authorities felt confident in the many other eye-witness accounts that he was a 60-70 year old man[8] and the reward notice described him as such.[9] Surveillance footage from outside the site of the Geezer Bandit’s last robbery on December 2, 2011 showed the supposed 60-70 year old sprinting across a parking lot after a dye-pack exploded.[10] This led the FBI to update its reward notice to include the line: “Possibly wearing a synthetic mask and gloves to hide true physical characteristics.”[11] The “Geezer Bandit” was never caught.

 

These technologies may seem like something out of a Mission Impossible movie or science fiction, but they are real, and the technology is getting both cheaper[12] and better[13]. Another technology that seems straight out of science fiction is a smart contact lens that may be only a few years away.[14] Mojo Vision, a California-based company, has been working on a smart contact lens—the Mojo Lens—for five years.[15] While the idea for the Mojo Lens is a discreet product to replace a smart phone’s screen like a less obvious Google Glass, it’s not a big jump to see how this could alter the wearer’s perception of the world.

 

Deepfake technology has already proven capable of working in real time to overlay one person’s image over a live speech.[16] If a smart contact lens could be hacked or infected with malware that allowed access to the view that an individual sees, is it possible a deepfake could be created for the wearer’s eyes only, altering the wearer’s perception of the world in real time? Imagine a smart contact lens wearer witnesses a crime and describes the perpetrator to the police. In a world with these two technologies, smart contact lenses and live deepfakes, can that eyewitness account be trusted?

 

There is already a worry over the reliability of eyewitness testimony today, without any potentially hacked or malware-ridden smart contact lenses to muddy the waters.[17] Human memory is fallible and people are not often as perceptive as lawyers hope their witnesses are, yet “jurors place heavy weight on eyewitness testimony when deciding whether a suspect is guilty.”[18] In the future, these smart contact lenses will present new issues with eyewitness accounts, perhaps to the point where eyewitnesses will no longer be trusted on the stand.

 

Another new worry for the courts will be if video evidence can be relied upon due to hyper-realistic silicone masks and deepfake technology. If the technology gets beyond what analysis can reveal as false, could an innocent person be framed for a crime using this technology? Even if the technology can be recognized upon analysis of the video, could the analysis be prohibitively costly for a court or defendant to bear? If so, future courts will need to ask: can video evidence be relied upon when there is a lingering issue of its veracity, and how expensive can cases relying on video evidence be allowed to become?

[1] See Daniel Thomas, Deepfakes: A Threat to Democracy or Just a Bit of Fun?, BBC (Jan. 23, 2020), https://www.bbc.com/news/business-51204954.

[2] Matt Simon, Gaze Into These Hyperrealistic Masks and See a Troubling Future, Wired (Jan. 6, 2020, 2:15 PM), https://www.wired.com/story/hyper-realistic-masks/.

[3] Juilan Chokkattu, The Display of the Future Might Be in Your Contact Lens, Wired (Jan. 16, 2020, 8:00 AM), https://www.wired.com/story/mojo-vision-smart-contact-lens/?itm_campaign=BottomRelatedStories_Sections_1.

[4] BuzzFeedVideo, You Won’t Believe What Obama Says in This Video!, YouTube (Apr. 17, 2018), https://www.youtube.com/watch?v=cQ54GDm1eL0.

[5] See id.

[6] See id.

[7] Reward of $20,000 Offered in “Geezer Bandit” Investigation, FBI San Diego (Dec. 15, 2010), https://web.archive.org/web/20101219040727/http://sandiego.fbi.gov/pressrel/pressrel10/sd121510.htm.

[8] FBI still seeking help catching ‘Geezer Bandit’; $20,000 reward offered, Los Angeles Times: L.A. Now (Dec. 15, 2010, 11:28 AM), https://latimesblogs.latimes.com/lanow/2010/12/the-fbi-on-wednesday-renewed-its-plea-for-public-help-in-finding-one-of-the-regions-more-illusive-crooks-the-geezer-bandit.html.

[9] See FBI San Diego supra note 7.

[10] Tony Perry, Geezer Bandit May Not Be a Geezer, Los Angeles Times (Dec. 23, 2011, 12:00AM), https://www.latimes.com/local/la-xpm-2011-dec-23-la-me-geezer-20111223-story.html.

[11] Darrell Foxworth, Reward of $20,000 Offered in “Geezer Bandit” Investigation, FBI (Dec. 2, 2011), https://archives.fbi.gov/archives/sandiego/press-releases/2011/reward-of-20-000-offered-in-geezer-bandit-investigation-1.

[12] See Simon, supra note 2.

[13] Pakinam Amer, Deepfakes Are Getting Better. Should We Be Worried?, Boston Globe (Dec. 13, 2019, 4:07 PM), https://www.bostonglobe.com/2019/12/13/opinion/deepfakes-are-coming-what-do-we-do/.

[14] See Simon, supra note 2.

[15] See id.

[16] Samantha Cole, This Program Makes it Even Easier to Make Deepfakes, Vice: Motherboard (Aug. 19, 2019, 11:50 AM), https://www.vice.com/en_us/article/kz4amx/fsgan-program-makes-it-even-easier-to-make-deepfakes.

[17] Hal Arkowitz, Why Science Tells Us Not to Rely on Eyewitness Accounts, Scientific American: Mind (Jan. 1, 2020), https://www.scientificamerican.com/article/do-the-eyes-have-it/.

[18] See id.

 

image source: https://interestingengineering.com/generative-adversarial-networks-the-tech-behind-deepfake-and-faceapp

By: Kirk Kaczmarek

I clicked the YouTube link, and my phone screen showed the stock portfolio of reddit user u/ControlTheNarrative. His face was stoic in the upper right hand corner of the screen as he showed viewers his 358 contracts for Apple stock valued at $57,684. The clock struck 9:30 AM, and the market opened. u/ControlTheNarrative audibly gagged and closed his eyes in disbelief as his portfolio value immediately plummeted to -$2,600.[1] u/ControlTheNarrative was one of a handful of amateur investors who exploited a glitch to obtain “infinite” leverage when trading on Robinhood in late October 2019.[2]

 

Robinhood is a free stock trading app that allows unsophisticated investors easy access to the stock market.[3] Among the services Robinhood provides is the ability to buy stock on margin.[4] When you buy stock, you simply exchange money for a share of stock. When you buy stock on margin, you borrow money from a broker to purchase the stock, offering your own cash or other securities as collateral; this is called leverage.[5] Robinhood also allows users to sell covered calls, which is a contract for the sale of stock set at a certain price before a set time.[6]

 

Robinhood allowed users to buy stock on margin at a 2:1 debt to capital asset ratio.[7] u/ControlTheNarrative and others would then buy stock on margin, and then immediately sell a covered call on that stock at a price slightly below what they just paid.[8] Normally, a broker would see this transaction and either recall its debt or at least refuse to issue a new loan.[9] Because of a glitch in the app, Robinhood did not behave like a normal broker. Robinhood combined the stock value and covered call value to effectively double the user’s assets.[10] u/ControlTheNarrative and others took advantage of this glitch by using their falsely inflated asset values to buy more stock on margin at a 2:1 ratio without any limit, thus obtaining “infinitely” leveraged positions.[11] Unsurprisingly, this scheme failed spectacularly, leaving the amateur investors severely in debt.[12]

 

Although Robinhood has seemingly run afoul of consumer protection law, it has not suffered legal consequences resulting from the infinite leverage incident.[13] And strangely, while Robinhood has not paid out any ill-gotten gains to users who may have benefited from the glitch, it may still hold liable investors like u/ControlTheNarrative who lost money.[14]

 

Robinhood’s commission-free investing business model is risky, because amateur investors may not behave in ways that do not conform to industry norms. At least two people in addition to u/ControlTheNarrative were able to leverage up to $1 million based on initial capital of only $4,000 and $15,000 respectively.[15] Sophisticated investors may not have taken such outlandish bets. But the risk has not stopped established firms from adapting Robinhood’s model. Charles Schwab and Fidelity removed trading commissions in October 2019.[16]

 

When software glitches can cause such gross investing mismanagement, brokerage firms ought to be held accountable. However, the SEC ought to also exercise caution in issuing new regulations for fear of stifling access to the stock market for amateur investors. Rather, the SEC should enforce consumer protection laws already on the books, while firms should beef up their insurance to protect from future technical failures.

[1] GG Boys, Guy loses $50k swinging during earnings on Robinhood, YouTube (Oct. 2019), https://www.youtube.com/watch?time_continue=0&v=d80ahvRSV8E&feature=emb_title.

 

[2] See Edward Ongweso Jr., A Robinhood Exploit Let Redditors Bet Infinite Money on the Stock Market, Vice (Nov. 6, 2016, 12:48 PM) https://www.vice.com/en_ca/article/gyz9kj/a-robinhood-exploit-let-redditors-bet-infinite-money-on-the-stock-market.

 

[3] See Robinhood, https://robinhood.com/ (last visited Jan. 24, 2020).

 

[4] See Supercharge your Investing, Robinhood, https://robinhood.com/about/gold/.

 

[5] See What is Margin?, Robinhood, https://learn.robinhood.com/articles/3ya72NeLXpiAvpV5QPQVl6/what-is-margin/; and Adam Hayes, Leverage, Investopedia (Apr. 24, 2019), https://www.investopedia.com/terms/l/leverage.asp.

 

[6] See Placing an Options Trade, Robinhood, https://robinhood.com/support/articles/360001227566/placing-an-options-trade/; and Akhilesh Ganti, Covered Call, Investopedia (Oct. 14, 2019), https://www.investopedia.com/terms/c/coveredcall.asp.

 

[7] See Modern Wall Street, Turchman: “Someone hacked Robinhood, bet against Apple & now owes $150,000”, YouTube (Nov. 6, 2019), https://www.youtube.com/watch?v=1SqeS8nSZA0&feature=emb_title.

 

[8] See Ongweso Jr., supra.

 

[9] See Modern Wall Street, supra.

 

[10] See Ongweso Jr., supra.

 

[11] See id.

 

[12] See id.

 

[13] See Regulators could punish Robinhood for glitch (CNBC television broadcast Nov. 6, 2019), https://www.msn.com/en-us/news/videos/regulators-could-punish-robinhood-for-glitch/vp-AAJXirx.

 

[14] See id.

 

[15] See Ongweso Jr., supra.

 

[16] See Kate Rooney, ‘Infinite Leverage’ – some Robinhood users have been trading with unlimited borrowing money, CNBC (Nov. 5, 2019, 1:43 PM),  https://www.cnbc.com/2019/11/05/some-robinhood-users-were-able-to-trade-with-unlimited-borrowed-money.html.

 

image source: https://pixabay.com/photos/stock-exchange-boom-economy-pay-3972311/

 

 

By: Will Garnett

News of multiple governmental organizations using facial recognition technology has sparked a conversation about the protection of children online. The Children’s Online Privacy and Protection Act (COPPA) was enacted in 1998 to protect children using the internet.[1] The act was meant for force websites to take certain precautions when knowingly interacting with individuals under the age of 13, the specifics of those precaution were left to the FTC for regulation.[2] The FTC’s COPPA rules has been revised since its inception, but they have maintained organized standards for websites to follow.[3] These rules require parental consent before personal information about the child can be collected and disseminated.[4] The rules also ensure that once a child’s information is collected properly, it is only transmitted to other entities with the capability of protecting that information.[5] Children currently have access to a lot of different technology which could collect their information, such as mobile games, apps, and social networking sites. Further, as technology creeps into previously unknown domains, COPPA regulations to protect children has become more important.

In January, multiple news outlets contained reports of governmental organizations using facial recognition software as part of their operations.[6] One entity that seems to be favorite of the government is a company called Clearview AI. This company has been selling facial recognition data to over 600 law enforcement agencies in the country.[7] The idea behind using facial recognition data is that images or criminals and other people of interest could be captured innocuously and could later be used to find and apprehend those individuals after an incident. But, Clearview AI has a database of over three billion photos, collected from the las year alone.[8] This company has been able to amass this hefty war chest of photos by craping various parts of the internet for photos, particularly social media platforms.[9] With the current popularity of social media platforms among teens and children, there has been a rise in skepticism about the data collection being done by companies like Clearview AI. With a simple swipe of the finger, people can access Tik Tok videos of children (certainly some under the age of 13) performing fun dances and lip syncing to hit songs. How much of that easy to access information is also being scraped by facial recognition technology and being stored for later use? Further, suppose one believes that the simple capturing of facial images of children is innocuous, consider what other personal information is being captured through videos on apps like Tik Tok. Scraping social media platforms can produce very personal information about someone, such as their full name, home location, current location, and even the contents of their bedroom.

Concern over the private collection and government’s use of facial recognition data has risen to the highest levels of power. Senator Ed Markey of Massachusetts recently sent a letter with a series of questions to Clearview AI to address this very problem.[10] The Senator’s letter raised even more serious questions about personal information collection, such as questions about biometric data that can be collected with facial recognition technology. His letter also addressed how the use of this technology could potentially violate COPPA regulations.[11] Although the alarm-bell has been rung in one branch of the government, there are forces within the FTC which already see COPPA regulations as too cumbersome and far reaching.[12] One FTC board member dissented to the 2012 update of the regulations, stating that they would implicate too many websites.[13] While the government remains split on decisions about regulation and the implementation of new technology, children (those least able to protect themselves) remain in harm’s way. But, what’s new?

[1] See 15 U.S.C §§ 6501-6506 (2019).

[2] See id.

[3] See 16 C.F.R § 312 (2019).

[4] See id.

[5] See id.

[6] See Chris Mills Rodrigo, Democratic senator presses facial recognition company after reports of law enforcement collaboration, The Hill (Jan. 23, 2019), https://thehill.com/policy/technology/479564-democratic-senator-presses-facial-recognition-company-after-reports-of-law.

[7] See id.

[8] See id.

[9] See id.

[10] See id.

[11] See id.

[12] See id.

[13] See 5 Computer Law §28.05 (2019).

image source: https://www.verywellfamily.com/parental-controls-2634209

By: Garrett Kelly

Leading up to the 2018 midterm elections, Secretary of State Mark Warner announced that voters in designated counties in West Virginia would be able to access their voting ballots on their mobile devices.[1] Since 2018, the Mobile Voting Project, a philanthropy focused on increasing voting accessibility, has expanded its pilot locations to Utah, Oregon, Colorado, and Washington.[2] As of January, 2020 in King County, Washington, all 1.2 million of the County’s voters were able to vote on their mobile devices using a platform called Democracy Live.[3] Ironically, Oregon Senator Ron Wyden has stated that internet voting is “the worst thing you could do in terms of electronic security in America, short of putting ballot boxes on a Moscow street.”[4] In response to the controversial 2016 presidential election, select areas of the United States have begun testing with mobile voting methods.[5] The threats of mobile voting to cyber security are rather tacit, however, the real threat of mobile voting is posed against our legal right to vote. According to the established doctrines such as the 15th Amendment of U.S. Constitution, and Section 21 of The Universal Declaration of Human Rights, the right to vote is granted to us by law.[6] Although the right to vote in “genuine elections” are secured rights, there are currently no federal voting regulations specially tailored to the insurgence of voting technology in the age of the internet.[7]

Advocates claim the current voting system is not working and the lack of voter turnout is leading our democracy to a state of crises.[8] Advocates also acknowledge the need of securing the integrity of every vote but claim that the current voting system does not accommodate voter accessibility which is evidenced by the fact that the voter turnout rate in the U.S. is lower than most other developed countries.[9] Advocates attribute the low voter turnout rate in the U.S. to several factors. One factor advocates point to is that elections are held during the workday, which excludes some working citizens from being able to vote.[10] Additionally, voting is too “old-school.”[11] Voters are less likely to vote if they are forced to congregate at a local church, high school gym, or retirement home and wait in line to cast their vote.[12] Furthermore, a popular concern is that the younger generation will naturally trend toward internet voting because they will have less understanding of paper ballot voting.[13] Advocates point to all of these factors as an explanation for the average voter turnout rate of 55%.[14] Advocates claim that outdated and ineffective voting system has caused too much “friction” between the registration and voting process and is the catalyst for diminished legitimacy for our elected officials.[15]

The question becomes, does the hope of increased voter turnout outweigh the cyber security risks? Perhaps an obvious counter argument to the claim that voter accessibility will increase election legitimacy, is precisely the opposite. If votes are being conducted at the touch of a finger, election legitimacy would decrease because the mere fact that people are not making the effort to wait in line at the polls is evidence that voters are not serious about their votes. An alarming analogy used by cyber security experts when comparing the cyber security risks of internet voting is to the cyber security statistics in the American financial system. Allegedly 5-7% of annual expenses are included in the operating costs of most big banks. It is bad enough that the American financial system is complacently allowing fraud and financial misconduct to continue at such a rate. How would this work in the political setting? Would 5-7% of all votes be the result of fraud? This does not sound like a successful sales pitch to the growing rational apathetic population in the United States. However, the question remains, whether the threat of fraud is greater than the threat of the increasing population of apathetic voters and people are unable to vote due to lack of accessibility.[16] The bottom line, if people are unwilling or unable to vote in person, there vote is guaranteed not to count.[17]

 

 

[1] Tusk Philanthropies, Mobile Voting Project, https://mobilevoting.org/where-is-it-happening/.

[2] See id.

[3] Id.

[4] Miles Parks, In 2020, Some Americans Will Vote On Their Phones. Is That The Future?, NPR (Nov. 7, 2019, 5:01 AM), https://www.npr.org/2019/11/07/776403310/in-2020-some-americans-will-vote-on-their-phones-is-that-the-future.

[5] Mobile Voting Project, supra note 1.

[6] See generally, U.S. Const. amend 15; see also G.A. Res. 217 (III) A, Universal Declaration of Human Rights (Dec. 10, 1948).

[7] Emily Goldberg, America faces a voting security crisis in 2020. Here’s why-and what officials can do about it, Politico, (Sept. 16, 2019, 4:03 pm), https://www.politico.com/story/2019/08/16/voting-security-crisis-q-a-1466704.

[8] Tusk Philanthropies, Mobile Voting Project, https://mobilevoting.org/why-mobile-voting/.

[9] Parks, supra note 4.

[10] See id.

[11] Id.

[12] Id.

[13] Id.

[14] Id.

[15] Id.

[16] Goldberg, supra note 7.

[17] See id.

image source: https://static.politico.com/dims4/default/a985f3b/2147483647/resize/1160x/quality/90/?url=https%3A%2F%2Fstatic.politico.com%2F5d%2F4f%2F08ad183c44b1b72837846f0a0d3e%2F190816-votingmachine-getty-773.jpg