Richmond Journal of Law and Technology

By Cam Kollar

In 2018, there were 6,515 reported breaches exposing approximately 5 billion records.[1] It seems like every other day the news is informing us that there has been another data breach. Because the same words are used over and over again, it makes it hard for any records breach to stand out in the average person’s mind. Is it bad? Yes. Do we think of ourselves actually harmed by each of those breaches? Probably not. Should that be our stance? Definitely not.

I suspect that most people when not facing a direct harm from a specified data breach has become desensitized to the impact on individual persons. Apparently, I’m not the only one with this thought in mind. This past February, Daniel J. Lohrmann wrote a blog post analyzing reports about reported data breaches in 2018.[2] He believes, in his expert opinion, that we have become numb to data breaches, and that the reports and headlines are getting less and less meaningful attention from the public.[3] So, who is Daniel J. Lohrmann, and why should it matter what he thinks? Daniel J. Lohrmann is an internationally recognized cybersecurity leader, technologist, keynote speaker, and author.[4] More telling of why he is an internationally recognized expert is the breadth of his experience. He has over 30 years of experience in the computer industry, working at federal, state, and local government agencies, defense contractors, public and private sectors, Fortune 500 companies, small businesses, and nonprofit institutions.[5] This expert has the experience to analyze the data breach reports from a wide variety of perspectives, and because of all this, I do not take his perspective lightly.

These breaches have the ability to affect most of us, in significant ways- such as identity theft and/or identity fraud. In 2016, 31.7% of breach victims later experienced identity fraud.[6] According to TrueIdentity[7], identity theft is the criminal act of stealing personal, private, or financial information with the intent to use that information to assume another person’s identity.[8] On the other hand, identity fraud is the use of the stolen information listed in identity theft, above.[9] In 2018, it is estimated that 65% of data breach incidents involved identity theft.[10]

Because data breaches are a significant problem, all 50 states along with Washington D.C., Puerto Rico, Guam, and the Virgin Islands, all have legislation that requires disclosure of security breaches.[11] The statutes define what constitutes a breach, what meets the definition of personal information, as well as who, how, and by when persons need to be notified of the breach. There are a number of different pieces of information that would qualify as personal information beyond what people consider the most sensitive (ie the most sensitive-social security number, bank account numbers, passport numbers). For instance, in Delaware, personal information is defined as a resident’s first name or first initial and last name when combined with another data elements that relates to that individual such as…a username or email address, in combination with a password or security question and answer that would permit access to an online account.[12] Substitute notice is allowed, when there is insufficient contact information to provide notice, consists of all of the following: electronic notice if email addresses are known, conspicuous posting of the notice on a website page if the breached entity maintains one or more website pages, and notice to major statewide media, including newspapers, radio, and television and the publication on the major social media platforms of the entity providing notice.[13]

On Thursday, April 19, 2019 Americans waited impatiently for the heavily redacted Mueller report to be released. The Mueller report was the primary focus of everyone’s attention in the highly anticipated release of the report that was two years in the making.[14] Where everyone’s attention was not, was on a notification by Facebook that millions of Instagram users’ passwords were compromised in a data security lapse.[15] More specifically, on a one lined update in the middle of blog post reporting a data breach back in March.[16] On March 21, 2019, Facebook had made the announcement that during a routine security review in January, it was discovered that user passwords were being stored in a readable format within internal data storage systems.[17] On Mueller day, Facebook provided notice that in this same breach (that had already affected “hundreds of millions” Facebook lite users and “tens of millions of other Facebook users”) that “millions” of Instagram users were now also affected by the security lapse.[18]

Was this sufficient notice? The update was neither conspicuous, nor was it widely reported to statewide media. After reading about this update I can’t help but go back and think about information contained in Daniel J. Lohrmann’s blog. 65% of data breaches involved identity theft[19] and social media incidents account for over 76% of records breached.[20] How much risk are we undertaking by using social media?

 

[1]Dan Lohrmann, Data Breaches: What do the Numbers Mean?, Lohrmann on Cybersecurity & Infrastructure(Feb. 17, 2019), https://www.govtech.com/blogs/lohrmann-on-cybersecurity/data-breaches-what-do-the-numbers-mean.html.

[2]Id.

[3]Id.

[4]Dan Lohrmann, Chief Security Officer & Chief Strategist at Security Mentor Inc., Government Technology, https://www.govtech.com/authors/MT-Author-GT-Dan-Lohrmann.html (last visited Apr. 22, 2019).

[5]Id.

[6]See Matt Tatham, Research: Identity Theft Statistics, Experian(Mar. 7, 2019), https://www.experian.com/blogs/ask-experian/identity-theft-statistics/.

[7]A subsidiary of TransUnion.

[8]See Identity Theft vs. Identity Fraud: What’s the Difference?, TrueIdentity, https://www.trueidentity.com/identity-theft-resource/identity-theft-vs-identity-fraud (last visited Apr. 22, 2019).

[9]See id.

[10]See Lohrmann, supra note 1.

[11]SeeSecurity Breach Notification Laws, NCSL (Sept. 29, 2018), http://www.ncsl.org/research/telecommunications-and-information-technology/security-breach-notification-laws.aspx.

[12]See Del. Code Ann. tit. 6, § 12B-101 (7) (2018).

[13]See Del. Code Ann. tit. 6, § 12B-101 (5)(d) (2018).

[14]E.g. Mike Levine, The Russia probe: a Timeline from Moscow to Mueller, ABC, (Apr. 17, 2019, 5:02 PM ET), https://abcnews.go.com/Politics/russia-probe-timeline-moscow-mueller/story?id=57427441.

[15]See Ethan Baron, Facebook, on Mueller Day, Drops Bad Instagram News in a Month-Old Blog Post, The Denver Post(Apr. 19, 2019, 8:11 am), https://www.denverpost.com/2019/04/19/instagram-passwords-compromised-facebook/.

[16]E.g. Pedro Canahuati, Keeping Passwords Secure, Facebook Newsroom(Mar. 21, 2019), https://newsroom.fb.com/news/2019/03/keeping-passwords-secure/; Dunja Djudjic, Facebook Confirms That a Recent Password Leak Affected Millions of Instagram Users, DIY Photography(Apr. 21, 2019), https://www.diyphotography.net/facebook-confirms-that-a-recent-password-leak-affected-millions-of-instagram-users/.

[17]See Pedro Canahuati, Keeping Passwords Secure, Facebook Newsroom(Mar. 21, 2019), https://newsroom.fb.com/news/2019/03/keeping-passwords-secure/.

[18]See e.g.Dunja Djudjic, Facebook Confirms That a Recent Password Leak Affected Millions of Instagram Users, DIY Photography(Apr. 21, 2019), https://www.diyphotography.net/facebook-confirms-that-a-recent-password-leak-affected-millions-of-instagram-users/.

[19]See Lohrmann, supra note 10.

[20]See id.

Image Source: https://www.theinquirer.net/inquirer/feature/2320371/2013-was-a-very-hacked-year

By: Jonathan Walter

Political speech and social media go hand in hand. Your uncle might post his opinions on Facebook or a friend from college might tweet about the latest Supreme Court ruling. The President is constantly tweeting, and many government agencies now have Facebook pages.

Despite the prevalence of political discussions taking place on social media, the number of cases the Supreme Court has heard related to social media are few and far between, and the subject matter of these cases has been even more limited. However, this is beginning to change. Although very little has been litigated in regard to political speech on social media, a number of important cases have started to make their way through the lower courts.

One major ruling came out of the U.S. District Court for the Southern District of New York, which ruled that President Trump could not “block” a person from his Twitter account in part because certain portions of the President’s account could be considered a designated public forum.[1] In reaching this conclusion, the court found that the President’s tweets could not be considered a traditional public forum because of a lack of “historical practice of the interactive space of a tweet being used for public speech and debate since time immemorial, for there is simply no extended historical practice as to the medium of Twitter.”[2]

On March 26th, the case was argued on appeal in the U.S. Court of Appeals for the 2nd Circuit, and it seems like once again, the argument that President Trump’s actions violated the First Amendment will win the day.[3] During the trial, one judge took note of the 4th Circuit holding that politicians cannot ban critics from social media pages used for official purposes, while another judge stated that she believed the President’s once private Twitter account had become a “‘robust’ forum for national debate.”[4]

In the case out of the 4th Circuit, Davison v. Randall, the Court neglected to make a determination about whether or not the Facebook page in question constituted a traditional public forum or designated public forum.[5] However, Davison does answer another important question. The court in this case addresses the paradox of having a public forum exist within a privately-owned website by drawing an analogy between the Chair of the Loudon County Board of Supervisors’ Facebook page and a privately-operated public access television channel.[6]

These rulings are significant not only because of the implications they could have for how elected officials can interact with the general public on social media, but also the impact they may have on other First Amendment cases going forward. The idea that President Trump’s once personal, private Twitter account has become a “robust” forum for national debate is an interesting one because many other social media pages take on similar characteristics. What about the Facebook pages of government agencies like the Environmental Protection Agency or National Parks Services? These pages have never been private, so they would probably be considered designated public fora as well. How about an ad placed by a political campaign? These posts are not government run but are under some degree of government control. It has taken a while for the law to catch up to the technology, but now that it is, some major changes are to be expected.

 

[1]See Knight First Amendment Inst. at Columbia Univ. v. Trump, 302 F. Supp.3d 541 (S.D.N.Y. 2018).

[2]Id. at 574.

[3]See Pete Brush, Trump Bid to Block Twitter Critics Looks DOA in 2nd Cir, Law360(Mar. 26, 2019), https://www.law360.com/cybersecurity-privacy/articles/1142939/trump-bid-to-block-twitter-critics-looks-doa-in-2nd-circ-.

[4]Id.

[5]SeeDavison v. Randall, 912 F.3d 666, 687 (4th Cir. 2019).

[6]See id. at 684.

Image Source: https://media2.fdncms.com/stranger/imager/u/original/26096926/1524686855-kanye_trump.png

By: Tevin Bowens

Boeing is the world’s largest aerospace company that leads in the manufacture of commercial airplanes.[1] With its corporate offices in Chicago,[2] Boeing is America’s biggest manufacturing exporter.[3] Originally called Pacific Aero Products Company, the Boeing Company was founded by William Edward Boeing on July 15th, 1916.[4] Back then, the company’s focus was developing an aircraft for both military and mail delivery purposes.

Today, Boeing’s fleet contains defense, commercial, and space security aircraft.[5] When it comes to commercial airplanes, Boeing has been one of the premier manufacturers of commercial jetliners.[6] Boeing currently manufactures nine different families of jetliners making up more than ten-thousand Boeing-built commercial jetliners.[7] Of these nine families of jetliners, one in particular has recently landed Boeing in a bit of hot water.

Boeing’s 737 Max series was created in response to Airbus’ new A320neo series.[8] The 737 is Boeing’s only narrow body airline in production.[9] While there are many variations to the 737 (-700, -800, -900er, and the Max), they are all essentially the same plane from a pilot’s standpoint—a pilot taught how to fly one can fly them all.[10] With a hefty average price tag of $92.2-124.7 million and 3,900 orders since 2016, the 737 Max is Boeing’s fastest-selling aircraft.[11] The very first 737 Max 8 aircraft was delivered May 6, 2017 to Malindo Air.[12]

In the last year, less than five months apart, Boeing’s 737 Max was involved in two fatal plane crashes killing all crew and passengers onboard. The first of the two accidents involved Lion Air Flight 610, which took off from Indonesia on October 29, 2018 and crashed in the Java Sea only twelve minutes later. The second accident involved Ethiopian Airlines Flight 302, which took off from Ethiopia and crashed near the town of Bishoftu around six minutes after takeoff. After reviewing crash data it has been determined that the cause of both incidents might have been the same issue.

So what exactly caused both of these planes to crash so shortly after taking off? The answer is the 737 Max’s Maneuvering Characteristics Augmentation System or M.C.A.S. for short.[13] This system is an anti-stall measure. An aircraft stalls when its angle of attack (front of the plane) is too high causing the plane to lose lift.[14] When a plane loses too much lift it will fall out of the sky. Even though this system was the cause of both crashes, it was not malfunctioning. The issue in both crashes was that one of the angle of attack sensors located on the front of the plane gave an incorrect reading.[15] The sensor was detecting that the plane’s nose was too high even though it was not.[16] This reading triggered the rear M.C.A.S. forcing the plane’s nose down.[17] The pilots in both instances unknowingly fought against this system and tried to manually pull the nose of the plane up, but the M.C.A.S. is programmed to override manual inputs at ten second intervals. This led to the commercial airliners going up and down until they eventually crashed.

Looking to the future, these crashes will result in lawsuits. Each of these lawsuits will likely come from three different groups of individuals: employees of Boeing, commercial airline companies, and the families of those who lost their lives. The first of the three types of lawsuits Boeing will face will be in the form of loss of 401k benefits—these suits will come from employees of Boeing. Claimants claim that insiders knew of problems with the 737 Max series, but failed to take action which resulted in major losses to retirement savings in the form of $65 drop in stock price following the crash.[18] The second type of lawsuit will come in the form lost revenue lawsuits from commercial airliners. This is because after the second crash many countries including the U.S. decided to ground the aircraft nationwide. With fifty to seventy-five aircraft delivered in 2017 and more than five hundred delivered in 2018, many airline companies will be forced to switch aircrafts, change routes, or cancel fares altogether. These companies likely will pass this cost onto Boeing in the form of lawsuits.[19] The final type of lawsuit likely will come in the form of negligence suits from the families. The families of the victim likely will argue that Boeing was on notice after the initial crash, but did nothing to fix the harm.[20]

As of March 12, 2019, Boeing remained adamant the Max series was safe,[21] but after parts of the reports from the second crash were published Boeing announced it would take any and all needed safety measures regarding the 737 Max.[22]

[1] Boeing, https://www.boeing.com/company/ (last visited April 1, 2019).

[2] Boeing, http://www.boeing.com/company/general-info/ (last visited April 1, 2019).

[3] Boeing, https://www.boeing.com/company/ (last visited April 1, 2019).

[4] Aerotime Team, History of Boeing: Pioneering Aviation for 100 Years, Aerotime News Hub (July 11, 2016), https://www.aerotime.aero/aerotime.team/12736-boeing-100-years-history.

[5] Boeing, http://www.boeing.com/company/general-info/ (last visited April 1, 2019).

[6] Id.

[7] Id.

[8] Matthew Yglesias, The Emerging 737 Max Scandal, Explained, Vox March 29, 2019, https://www.vox.com/business-and-finance/2019/3/29/18281270/737-max-faa-scandal-explained.

[9] Viasat, http://blog.arconics.com/blog2/boeing-737-max-top-10-facts (last visited April 1, 2019).

[10] Matthew Yglesias, The Emerging 737 Max Scandal, Explained, Vox March 29, 2019, https://www.vox.com/business-and-finance/2019/3/29/18281270/737-max-faa-scandal-explained.

[11] Viasat, http://blog.arconics.com/blog2/boeing-737-max-top-10-facts (last visited April 1, 2019).

[12] Stephen Trimble, Boeing Delivers First 737 Max, Flight Global (May 16, 2017), https://www.flightglobal.com/news/articles/boeing-delivers-first-737-max-437289/.

[13] Jon Ostrower, What is the Boeing 737 Max Maneuvering Characteristics Augmentation System?, The Air Current (November 13, 2018), https://theaircurrent.com/aviation-safety/what-is-the-boeing-737-max-maneuvering-characteristics-augmentation-system-mcas-jt610/.

[14] Sarina Houstin, Aircraft Stall and How to Prevent It, The Balance Careers (February 5, 2019), https://www.thebalancecareers.com/what-is-an-aircraft-stall-282603.

[15] Grondahl, Mccann, Glanz, Migliozzi, and Syam, In 12 Minutes Everything Went Wrong: How the Pilots of Lion Air Flight 610 Lost Control, The New York Times (December 26, 2018), https://www.nytimes.com/interactive/2018/12/26/world/asia/lion-air-crash-12-minutes.html.

[16] Id.

[17] Id.

[18] Jacklyn Wille, Boeing Hit With 401(k) Suit Over 737 Max Crashes, Stock Drop, Bloomberg Law (April 1, 2019), https://www.bloomberglaw.com/document/X2UCH9C8000000?bna_news_filter=class-action&jcsearch=BNA%252000000169d8bfd330ab7fdabf7d100000#jcite.

[19] Chris Isidore, Norwegian Air demands Boeing compensate it for grounded 737 Max planes, CNN Business (March 13, 2019), https://www.cnn.com/2019/03/13/investing/boeing-airline-compensation/index.html.

[20] Amanda Robert, Boeing’s legal troubles over airplane grounding could just be taking off, ABA Journal (March 14, 2019), http://www.abajournal.com/news/article/boeing-may-face-more-legal-woes-after-737-max-grounding.

[21] Alyssa Cerchiai, As a Senator Calls on FAA to Ground 737 MAX, Boeing Stands by the Product, The Points Guy (March 12, 2019), https://thepointsguy.com/news/boeing-stands-by-737-max/.

[22] Agence France Presse, Boeing says will take ‘any and all’ needed safety steps after Ethiopia crash, Yahoo (April 4, 2019), https://www.yahoo.com/news/boeing-says-needed-safety-steps-ethiopia-crash-171848913.html.

By: Darden Copeland

Are you thinking about purchasing a new Apple MacBook Pro with the newest Touch Bar technology? Are you in law school?  If you answered yes to both of these questions, you might want to think again about which of Apple’s machines you want to purchase, depending on your jurisdiction.

Many state bar associations have decided to ban or restrict the use of Apple’s latest and greatest MacBook Pro equipped with the “revolutionary” Touch Bar for fear of bar examinees using the Touch Bar to cheat.[1] Some states are banning the use of laptops with the Touch Bar altogether, while some other states are merely requiring that the feature be turned off during testing.[2]

In October of 2017, Apple unveiled its newest generation of the MacBook Pro notebook computer with multiple options available, including several options with the new Touch Bar.[3]  Located just above the number keys where the traditional function buttons (F1,F2,F3…) would normally be located, the Touch Bar is a 2170 by 60 pixel OLED display touch screen with Retina resolution, optimized for users’ viewing at a 45 degree angle.[4]  The Touch Bar replaces the standard function keys with an with various shortcuts and functions depending on which app is being used on the MacBook Pro.[5]  For example, when using a word processor such as Microsoft Word is being used, the bold, italic, and underline functions to name a few, show up on the Touch Bar, but when browsing the web on Safari, the Touch Bar allows the user to simply touch or swipe to navigate between open tabs.  When typing in most apps, the Touch Bar uses the same wordsmithing technology that the iPhone Messages app uses to guess the words the user is trying to say based upon keyboard input for faster typing.

So why are states banning this ironically named technology for bar examinees?  Examsoft, one of the testing software programs used to administer the bar exam in some states provided that, “by default, the Touch Bar will show predictive text depending on what the student is typing, compromising exam integrity.”[6]  This concern is rooted within the fact that predictive text relevant to the words being typed on the test could be added ahead of examinees’ test date simply by way of the Touch Bar’s software picking up on frequently typed words during studying, or by savvy examinees finding other ways to tamper with the software to input helpful terms.[7]  Some states have offered less explanation when banning MacBook computers with Touch Bars. For example, Colorado banned them citing that the feature is not compatible with the security features of the exam software.[8]

It’s not all bad news for those of you who opted for the high-end Touch Bar option on your new MacBook Pro.  According to Computer Services Coordinator Kim Edwards from the University of Richmond School of Law: in Virginia, the Exam4 software that is used to administer the bar exam initially banned all laptops with the Touch Bar technology for the February 2018 test because the Touch Bar was released after the exam software was written, so Exam4 didn’t have a chance to vet the new hardware and adjust its software effectively.  Now that Exam4 has been able to write software that comports with the Touch Bar, allowing it to be disabled, test takers are able to use their MacBooks with Touch Bars on the Virginia bar exam, after it is temporarily disabled by the Exam4 software.[9]  North Carolina will also allow Mac users with the Touch Bar to use their computers during the bar exam, provided that the feature is disabled.[10]  It is likely that those states that have banned the Touch Bar computers will follow suit and use software that is compatible with it in the coming years.

 

[1]See Don Reisinger, Apple’s Touch Bar-Enabled Macbook Pro Is Barred from Bar Exams, Fortune(Jan. 31, 2017), http://fortune.com/2017/01/31/apple-macbook-pro-bar-exam/; see also Andrew Dalton, Macbook pro Touch Bar Banned from Multiple State Bar Exams, Engadget(Jan. 30, 2017) https://www.engadget.com/2017/01/30/macbook-pro-touch-bar-banned-from-multiple-state-bar-exams/.

[2]See Kelly 846, Feb Bar Exam: No Macbook Pro with Touch Bar Function, Bar Exam Wizard  (Jan. 28, 2017)  https://barexamwizard.wordpress.com/2017/01/28/feb-bar-exam-no-macbook-pro-with-touch-bar-function/.

[3]See Don Reisinger, Apple’s Touch Bar-Enabled Macbook Pro Is Barred from Bar Exams, Fortune(Jan. 31, 2017), http://fortune.com/2017/01/31/apple-macbook-pro-bar-exam/.

[4]See Daniel Eran Dilger, Everything You Need to Know About Apple’s Touch Bar and Touch ID for Macbook Pro, Appleinsider (Nov. 15, 2016) https://appleinsider.com/articles/16/11/15/everything-you-need-to-know-about-apples-touch-bar-and-touch-id-for-macbook-pro;see also Carl Straumsheim, Touch Bar Barred From N.C. Bar Exam, Inside Higher Ed (Jan. 31, 2017) https://www.insidehighered.com/quicktakes/2017/01/31/touch-bar-barred-nc-bar-exam.

[5]See Don Reisinger, Apple’s Touch Bar-Enabled Macbook Pro Is Barred from Bar Exams, Fortune(Jan. 31, 2017), http://fortune.com/2017/01/31/apple-macbook-pro-bar-exam/.

[6]See Brian Heater, Touch Bar Macbook Pros Are Being Banned from Bar Exams Over Predictive Text, Tech Crunch (March, 2017) https://techcrunch.com/2017/01/31/no-bar-touch-bar/.

[7]See Natt Garun, Macbook Touch Bar Barred from Bar Test Takers This February, The Verge (Jan. 30, 2017) https://www.theverge.com/2017/1/30/14445638/macbook-touch-bar-disabled-law-exam.

[8]See Id.

[9]Interview with Kim Edwards, Computer Services Coordinator, University of Richmond School of Law, (Mar. 25, 2019).

[10]See Joe Patrice, Multiple Bar Exams Taking Away Computers, Above The Law (Jan. 31, 2017) https://abovethelaw.com/2017/01/multiple-bar-exams-taking-away-computers/.

Image Source: https://furrygoat.com/be-a-geek-again-80f00f89bd57

By: Mariah Bayless-Davis

In 2015, O’Bannon v. NCAA challenged whether or not NCAA’s rule that prohibits student-athletes from being compensated for the use of their names, images, and likenesses was an unlawful restraint of trade.[1] The idea of paying student-athletes has always been entertained, that is until O’Bannon became a landmark case and set the precedent in the fight to pay student-athletes. After seeing his likeness being used without consent in a popular college basketball game, Ed O’Bannon sued NCAA and the Collegiate Licensing Company, which is the company that licenses the trademarks owned by NCAA.[2] He was joined by other college athletes in his argument that upon graduation, a former student athlete should come entitled to financial compensation for future commercial use of his/her image by the NCAA.[3] This would directly affect both O’Bannon and his co-plaintiff, Sam Keller, as their likenesses were used by Electronic Arts (EA) in popular video games.[4] The Circuit Court did rule that NCAA regulations were an unlawful restraint of trade as they prohibited “every contract, combination…or conspiracy, in restraint of trade of commerce.”[5] However, the only alternative the court recommended for this unlawful restraint of trade was to allow NCAA members to give scholarships up to the full cost of attendance.[6] Although talks of paying student athletes were going on well before O’Bannon and have continued after, March Madness and events surrounding the tournament have magnified the issue.

For the first year in tournament history, Turner Sports and CBS have partnered to produce and broadcast all of the March Madness basketball games.[7] In past years, the tournament only partnered with Turner Sports for broadcasting rights, which brought in upwards of $817 million in 2017 alone.[8] Sadly, but unexpected, the college athletes playing in those games saw none of that money. The conversation concerning O’Bannon and college athletes getting paid for their likeness came up again when CBS unveiled the “Zion Cam.”[9] The camera is exactly what it sounds like: a camera dedicated exclusively to the face of college basketball, Zion Williamson. CBS hired an additional “cameraman, camera, and digital tape machine to record everything [Zion does]” in an attempt to cash in on the viewership Zion brings.[10] The “Zion Cam” would not only track Zion’s every move during the game, but also during warm ups to track his every move using the digital tape technology.[11] The type of footage and data CBS is collecting on Zion Williamson, a college athlete, calls into another issue. If this footage and data is being monetized, who is getting paid if not the athlete? Zion Cam not only gives viewers a play by play of Zion’s every move during March Madness but a closer look at the exploitative nature of the NCAA.

At this point in his short college career, Zion Williamson is a household name. Events earlier in the season served as inspiration for the Student-Athlete Equity Act, introduced by U.S. Representative Mark Walker.[12] The act calls for the amendment of Internal Revenue Code of 1986 to “prohibit qualified amateur sports organizations from prohibiting or substantially restricting the use of an athlete’s name, image, of likeness, and for other purposes.”[13] With Zion Williamson not only being the face of college basketball, but also the face of the NCAA, this act has a lot of support behind it.

 

[1]See O’Bannon v. NCAA, 802 F.3d 1049, 1052 (2015).

[2]Id. at 1055.

[3]Id. at 1059.

[4]See O’Bannon, supra note 1.

[5]O’Bannon, 802 F.3d at 1083.

[6]See id.

[7]See Tyler Lauletta, CBS Hired a Special Cameraman to Work the “Zion Cam” and Record Every Move the Duke Star Makes in His NCAA Tournament Run, Business Insider (Mar. 22, 2019), https://www.businessinsider.com/zion-williamson-cbs-cam-march-madness-2019-3.

[8]See Alex Kirshner, Here’s How the NCAA Generated a Billion Dollars in 2017, SB Nation (Mar. 8, 2018), https://www.sbnation.com/2018/3/8/17092300/ncaa-revenues-financial-statement-2017.

[9]See Lauletta, supra note 7.

[10]Id.

[11]See Sean Keeley, What, Exactly, is CBS Hoping to Capture with the Zion Cam Footage Anyway?(Mar. 22, 2019), https://awfulannouncing.com/ncaa/what-exactly-is-cbs-hoping-to-capture-with-the-zion-cam-footage-anyway.html.

[12]Student Athlete Equity Act of 2019, H.R., 116^thCong. (2019).

[13]Id.

Image source: https://www.outsiderclub.com/a-quick-guide-to-march-madness-money-flows/81612

By: Brandon Larrabee

With all due respect to a congressman’s efforts to get a Twitter cow to stop making fun of him[1], the most important social media legal action of the last few weeks had little to do with the actual contents of posts on the sites and more to do with housing law.

On March 29, the U.S. Department of Housing and Urban Development filed an administrative action saying that Facebook violated fair-housing laws through the targeting of ads on the social media giant’s site.[2] That followed Facebook’s settling a group of complaints accusing the company of parceling out ads on a variety of discriminatory grounds.[3] In addition to housing, for example, the company faced allegations that it facilitated showing some job advertisements to men instead of women.[4] That led to the company announcing new policies on ad targeting, including restrictions on targeting for particular types of advertisements:

Advertisers offering housing, employment and credit opportunities will have a much smaller set of targeting categories to use in their campaigns overall. Multicultural affinity targeting will continue to be unavailable for these ads. Additionally, any detailed targeting option describing or appearing to relate to protected classes will also be unavailable.[5]

Those actions are just the latest in what seems like an onslaught of legal maneuvers probing what, exactly, Facebook and sites like it can and cannot do under the nation’s existing laws. It is also highlighting the heightened legal exposure that Facebook, Twitter, and their industry-mates could face as they become ever more integral to American life.

For example, the D.C. attorney general hit Facebook with a lawsuit over the Cambridge Analytica controversy.[6] That is not the only election-related issue facing Facebook; along with Google, the company recently paid fines over violations of Washington rules concerning campaign advertising.[7]

Twitter’s legal teams have been working to swat away lawsuits alleging it was materially supporting terrorism because groups like ISIS use the site, though those attempts have been unsuccessful so far.[8] Snapchat has battled claims that one of its filters might prompt drivers to speed.[9]

That is in addition to more widely reported issues like whether social media sites are dumping certain users for their viewpoints[10] and gobbling up users’ data despite Europe’s new privacy law.[11]

Some of this is to be expected. Back when Facebook and Twitter were simply ways to keep friends updated on life events or wry observations, social media was little more than a diversion. But now we use these sites in a variety of ways, like making recommendations[12] and buying and selling goods.[13] That brings the social media sites face(book) to face(book) with some of the same legal issues that more traditional businesses have been navigating for years.

It has also prompted some to push for a new way of regulating the companies. K. Sabeel Rahman has called for treating some tech companies like utilities, given “how the information economy has enabled private control over new online platforms increasingly vital to economic and social functioning.”[14] Whatever the label, with an ever-growing list of legal challenges, some form of regulation might become more palatable to social media companies if they keep racking up the billable hours.

 

[1]SeeDaniel Victor, Devin Nunes Sues Twitter for Allowing Accounts to Insult Him, N.Y. Times(Mar. 19, 2019), https://www.nytimes.com/2019/03/19/us/politics/devin-nunes-twitter-lawsuit.html.

[2]SeeSara Salinas, Trump Administration Charges Facebook with ‘Discriminatory’ Housing Advertising Practices, CNBC (Mar. 29, 2019), https://www.cnbc.com/2019/03/28/trump-administration-sues-facebook-over-discriminatory-advertising-practices.html.

[3]SeeLarry McShane, Red-Facebooked! Social Networking Company Settles Five Lawsuits, Pays $5M over Alleged Discrimination,N.Y. Daily News(Mar. 19, 2019 5:35 PM), https://www.nydailynews.com/news/national/ny-facebook-lawsuit-settlements-20190319-47hocolaazbqnots6n66hi5ppi-story.html.

[4]SeeAlexandria Fernández Campbell, Facebook Allowed Companies to Post Job Ads Only Men Could See. Now That’s Changing, Vox(Mar. 21, 2019 4:20 PM), https://www.vox.com/2019/3/21/18275746/facebook-settles-ad-discrimination-lawsuits.

[5]Sheryl Sanderg, Doing More to Protect Against Discrimination in Housing, Employment and Credit Advertising, Facebook: Newsroom(Mar. 19, 2019), https://newsroom.fb.com/news/2019/03/protecting-against-discrimination-in-ads/.

[6]SeeTony Romm, Brian Fung, Aaron C. Davis & Craig Timberg, ‘It’s About Time’: Facebook Faces First Lawsuit from U.S. Regulators After Cambridge Analytica Scandal, Wash. Post(Dec. 19, 2018), https://www.washingtonpost.com/technology/2018/12/19/dc-attorney-general-sues-facebook-over-alleged-privacy-violations-cambridge-analytica-scandal/?utm_term=.8f41a5a028f3.

[7]SeeEli Sanders, Facebook and Google Pay $455K to Settle Political Ad Lawsuits in Washington State, The Stranger: Slog(Dec. 18, 2018 12:04 PM), https://www.thestranger.com/slog/2018/12/18/37206156/facebook-and-google-pay-nearly-450000-to-settle-political-ad-lawsuits-in-washington-state.

[8]See, e.g., Fields v. Twitter, Inc., 881 F.3d 739 (9th Cir. 2018); Crosby v. Twitter, Inc., 303 F. Supp. 3d 564 (E.D. Mich. 2018).

[9]SeeEugene Volokh, Lawsuit Against Snapchat Encouraging Speeding Can Proceed, Reason: Volokh Conspiracy(June 6, 2018 8:17 PM), https://reason.com/volokh/2018/06/06/lawsuit-against-snapchat-encouraging-spe.

[10]SeeRobert Burnson, Twitter Beats Censorship Lawsuit by Banned White Nationalist, Bloomberg(Aug. 23, 2018 10:07 PM), https://www.bloomberg.com/news/articles/2018-08-24/twitter-beats-censorship-lawsuit-by-banned-white-advocate.

[11]SeeRussell Brandom, Facebook and Google Hit with $8.8 Billion in Lawsuits on Day One of GDPR, The Verge(May 25, 2018 10:21 AM), https://www.theverge.com/2018/5/25/17393766/facebook-google-gdpr-lawsuit-max-schrems-europe.

[12]See Establish Your Reputation with Recommendations, Facebook: Business, https://www.facebook.com/business/recommendations.

[13]SeeFacebook Marketplace, https://www.facebook.com/marketplace/.

[14]K. Sabeel Rahman, The New Utilities: Private Power, Social Infrastructure, and the Revival of the Public Utility Concept, 39 Cardozo L. Rev.1621, 1668–69 (2018).

By: Catherine Schroeder

In the wake of the terrorist attack at two New Zealand mosques last Friday, the world again had to grapple with the role social media and the internet plays in these horrific events. The event that cost 50 lives on Friday, March 15th was broadcasted live through Facebook and then posted repeatedly over the internet.[1] After New Zealand police flagged the video, Facebook hastily deleted the video; however, Facebook, as well as YouTube and Twitter, struggled to combat the repeated loading and sharing of the video and were still working on removing the video and images over the weekend.[2] Facebook stated that within the first 24 hours after the attack, it removed or blocked 1.5 million copies of the video from its site.[3] Facebook was able to block 80% of these videos while they were being uploaded.[4] YouTube took down tens of thousands of versions of the video.[5]

Facebook, YouTube, and Twitter have come under scrutiny numerous times in recent years for not removing hate speech or terrorist propaganda fast enough.[6] Outside of responding to backlash from these events, Facebook has had community standards for its users for years and is constantly monitoring activity on its website.[7] Facebook has made changes directly in response to this public pressure, such as releasing details of its content review policy this past year in an effort to “do better.”[8] When witnessing how these global corporations have responded to public outcry, the question comes to mind – what force is actually making the companies remove this kind of content? While there are many factors that push these social media corporations to do the “right thing,” in the United States, there are actually no regulations or laws that make Facebook or other social media providers remove speech like violent videos or hate speech.[9]

Facebook, YouTube, and Twitter are self-regulating in the area of governing speech.[10] They are given this freedom in the United States through § 230 of the Communications Decency Act which grants interactive community services immunity from liability for user-generated content.[11] Courts have interpreted § 230 as having two main purposes: 1) to foster Good Samaritan policies for self-policing within these services and 2) to protect free speech for users.[12] The Good Samaritan provision in § 230 sought for these companies to reflect normative expectations of users.[13] Furthermore, for the government to regulate what speech is published, there is a fear of collateral censorship.[14] Too much regulation could also potentially severely restrict speech which would stifle the exchange of ideas on these platforms and have a “chilling effect.”[15]

With a lack of regulations, Facebook, YouTube and Twitter are the “architects” for publishing new speech online.[16] So the question still stands – what force drives them to censure? These social media corporations are, in fact, corporations. They are driven by a sense of corporate responsibility and meeting the users’ expectations in order to increase shareholder value and economic viability.[17] However, whether because of corporate responsibility or economic success, the leading social media services’ values and speech policies have reflected First Amendment norms and United States democratic culture.[18] The community standards and internal policies of Facebook, Twitter, and YouTube were all drafted, analyzed, and created by American lawyers.[19] These platforms have even pushed back against government requests to remove content.[20] In 2012, a video was uploaded to YouTube that negatively depicted the Muslim faith.[21] Violence erupted in countries such as Libya and Egypt, and President Obama asked YouTube and Facebook to take down the video.[22] This video fell outside both companies community standards; and they ultimately decided not to take the video down, a decision that was rooted in American free speech norms being implemented by these corporations.

While these social media providers are generally self-regulated, individual countries can control what is posted within their boundaries and flex some muscle. In 2007, Turkey blocked access to YouTube throughout Turkey when YouTube did not remove videos that Turkey had demanded to be removed.[23] Recently in 2016, in response to terrorist attacks in both Paris and Brussels, Facebook, YouTube, Twitter, and Microsoft entered an agreement with the European Union to remove hate speech within twenty-four hours of it posting.[24] This is a reflection of these companies not censuring because of corporate responsibility or user pressure, but to avoid regulations and fines by countries.[25] This is a shift in the First Amendment norms that were a foundation for these companies’ policies, since unlike the United States, many of these European countries do not have a heavy presumption against speech restrictions.[26]

The issue of terrorist attacks and other hateful propaganda being broadcasted through these platforms is not over. The good news is that while these companies are self-regulated, they are motivated to foster community and a flow of ideas, which means these companies will continue to strike a balance between removing violent, hateful videos and fostering free speech.

 

[1] See Jon Emont, et. al, Facebook, YouTube, Twitter Scramble to Remove Video of New Zealand Mosque Shooting, Wall Street Journal (March 15, 2019, 7:03 p.m. ET), https://www.wsj.com/articles/live-video-of-new-zealand-mosque-shooting-dodges-social-media-safeguards-11552657931.

[2] See id.

[3] See Yoree Koh, Why Video of New Zealand Massacre Can’t be Stamped Out, Wall Street Journal, (March 17, 2019, 7:00 p.m. ET), https://www.wsj.com/articles/why-video-of-new-zealand-massacre-cant-be-stamped-out-11552863615?mod=article_inline.

[4] See id.

[5] See id.

[6] See Danielle K. Citron, Extremist Speech, Compelled Conformity and Censorship Creep, 93 Notre Dame L. Rev. 1035, 1038 (2018).

[7] See Kate Klonick, The New Governors: The People, Rules, and Processes Governing Online Speech, 131 Harv. L. Rev. 1598, 1608 (2018).

[8] See Ian Wren, Facebook Updates Community Standards, Expands Appeals Process, NPR (April 24, 2018, 5:01 AM ET), https://www.npr.org/2018/04/24/605107093/facebook-updates-community-standards-expands-appeals-process.

[9] See Klonick, supra note 6, at 1602.

[10] See id.

[11] See id.

[12] See id. at 1608.

[13] See id. at 1630.

[14] See id.

[15] See id. at 1608.

[16] See id. at 1617.

[17] See id.

[18] See id. at 1621.

[19] See id.

[20] See id. at 1623.

[21] See id. at 1624.

[22] See id. at 1625.

[23] See id. at 1624.

[24] See Citron, supra note 5 at 1038.

[25] See id.

[26] See id. at 1039.

 

By: Scottie Fralin

In today’s technology-dependent world, so much is accomplished on the Internet: consumer transactions, networking, job and school applications, event registration, and the list goes on. It’s hard to think of something we can’t accomplish online. However, filing or responding to a legal complaint typically must be done at the courthouse during regular business hours. This facet of our legal system poses a significant impediment to many pro se litigants who may have limited access to transportation or inflexible work schedules. Enter Online Dispute Resolution, an emerging tool that may be able to bring more people onto the same legal playing field. Online Dispute Resolution (ODR) “refers to a wide class of alternate dispute resolution processes that take advantage of the availability and increasing development of internet technology.”[1] ODR’s advantages include lower cost, high efficiency, and greater flexibility—both geographically and with regard to the formalities of the traditional legal processes.[2]

 

ODR’s most significant benefits are the reduction of costs and time.[3] Traditionally, resolving a dispute requires parties to pay potentially high attorney’s fees, court administration charges, and travel costs.[4] The proceeding itself might last for months or years before resolution.[5] Alternatively, ODR allows parties to save time and money while achieving social harmony through consensual solutions, where both parties end up satisfied with their stance in a mutually beneficial agreement.[6]

 

ODR is a process by which parties to a dispute engage in negotiation and mediation online.[7] ODR is primarily taking hold within municipal and county court systems to resolve small claims cases.[8] It’s being used to settle arguments between neighbors over fences, to settle debt collection issues, and to finalize divorce proceedings.[9] Though ODR technology best fits low-amount, high-volume disputes, it has recently matured to the point where more traditional ADR and litigation areas are within reach.[10]

 

As early as March 2019, a panel was held about ODR at South by Southwest (SXSW), the technology, film, and music conference in Austin, Texas.[11] Significantly, the panel noted that in the 1990s, only 4 percent of individuals in courts were not represented by lawyers.[12] Now, in 75 percent of civil cases, one side does not have a lawyer.[13] Utah was the first state in the U.S. to launch ODR as a tool, and as a result, the state has seen a fast and sizeable drop in defaults among eligible small claims cases.[14] Prior to launching ODR, 71 percent of those cases resulted in a default, and now, that number is down to 53 percent.[15] As the platform grows, it can move beyond small claims cases to traffic, misdemeanors, family law, and more.[16]

 

One source cites over 50 courts across the United States already using ODR, with Michigan district courts comprising the majority.[17] Another source claims that ODR is now being used by more than 50 jurisdictions throughout the 50 states.[18] The very new nature of ODR probably accounts for the differing available statistics on ODR’s true prevalence in the U.S. Either way, ODR’s potential influence on the U.S.’s established judicial practices is surely something to look out for.

 

One issue to look out for as ODR continues to take hold in our legal system includes the limited range of cases where ODR can be applied—i.e., typically, this alternative is used to negotiate a small dollar figure, which leaves out the possibility of innovative negotiating.[19] Critics of ODR also point out its impersonal nature, noting that some key dynamics of mediation may be lost when parties engage with each other at a distance and in front of computer screens.[20] Lack of regulation and enforceability are also concerns, as is accessibility because a continuous internet access is necessary to carry out ODR.[21] Thus, while the time saving and cost cutting aspects of ODR provide better access to justice, the technology still has its issues and convenience still comes at a price for some.

[1] AndraLeigh Nenstiel, Online Dispute Resolution: A Canada-United States Initiative, 32 Can. U.S. L.J. 313 (2006).

[2] See Joseph W. Goodman, The Pros and Cons of Online Dispute Resolution: An Assessment of Cyber-Mediation Websites, 2 Duke l. & T. Rev. 1-16 (2003).

[3] See John Chopyk, Serving Justice Online: Online Dispute Resolution as an Alternative to Traditional Litigation, lawless.tech (Sept. 11, 2018), https://lawless.tech/serving-justice-online-online-dispute-resolution-as-an-alternative-to-traditional-litigation/.

[4] See id.

[5] See id.

[6] See id.

[7] See id.

[8] See Zack Quaintance, Judges, Private Sector Spread Online Dispute Resolution in Courts, GovernmentTechnology (Mar. 20, 2019), https://www.govtech.com/public-safety/Judges-Private-Sector-Spread-Online-Dispute-Resolution-in-Courts.html.

[9] See id.

[10] See Loic E. Coutelier, The New Frontier of Online Dispute Resolution: Online Divorce Mediation, American Bar Association (Aug. 9, 2017), https://www.americanbar.org/groups/young_lawyers/publications/tyl/topics/dispute-resolution/new-frontier-online-dispute-resolution-online-divorce-mediation/.

[11] See supra note 4.

[12] See Zack Quaintance, SXSW 2019: Utah, ‘Pajama Court’ and Resolving Cases Online, GovernmentTechnology (Mar. 11, 2019), https://www.govtech.com/civic/SXSW-2019-Utah-Pajama-Court-and-Resolving-Cases-Online.html.

[13] See id.

[14] See id.

[15] See id.

[16] See id.

[17] See The National Center for Technology & Dispute Resolution, Courts Using ODR, http://odr.info/courts-using-odr/ (last visited Mar. 21, 2019).

[18] See supra note 4.

[19] See supra note 3.

[20] See id.

[21] See id.

 

By: Jordan Carrier

On January 19, 2019 an Arizona teenager discovered that Apple’s FaceTime app was experiencing a serious bug.[1] Grant Thompson called his friend through the video chatting software and was able to listen through his friend’s microphone before the call had been answered.[2] Thompson and his mother notified Apple of the glitch the following day, but the tech giant failed to respond to the issue until an article on the issue went viral days later.[3]

The software flaw could be taken advantage of by calling someone through FaceTime, then adding a second person to the call using the Group FaceTime feature apple rolled out with iOS 12.1 in October of 2018.[4] Before the first person answered the phone, or even if that individual never picked up, the caller could capture audio.[5] It was later discovered by users that while only audio was initially picked up, if the person being called pressed a volume button the front-facing camera would be activated, allowing the caller to both see and hear the recipient of the call, without that person ever actually answering the call.[6]

On January 28, nine days after Apple was initially notified of the bug, news about the FaceTime bug was picked up by major news outlets and articles sprang up giving iPhone users instructions on how to avoid being negatively impacted by the eavesdropping feature.[7] The same day, Apple took Group FaceTime offline to mitigate the impact of the bug and promised to release a software update to correct the problem within the week.[8]

The nine day lag in Apple’s response was too slow, and allowed the glitch to be taken advantage of. On January 28, 2019 Houston attorney Larry D. Williams II filed a lawsuit against Apple for product liability, negligence, warranty, and fraudulent misrepresentation.[9] Williams alleges that while he did not misuse his iPhone in any way, the FaceTime bug allowed an unknown person to eavesdrop on the sworn testimony of a client during a private deposition.[10]

Not only are the potential consequences for the bug troubling, the security concern, labeled “FacePalm” by security researchers, has raised concerns about what other bugs are slipping through Apple’s quality control.[11] Bugs like these are commonly sold to governments, defense contractors, and cyber criminals who weaponize them to obtain information from people’s devices.[12] The New York Times reports that brokers can potentially sell these bugs for millions of dollars, with the caveat that the seller not reveal the software flaw to the vendor so it will not be fixed in a timely manner.[13]

In 2016 Apple announced it would provide rewards to individuals who notified the company of potentially lucrative bugs through its “bug bounty” program.[14] In some cases this program can pay up to hundreds of thousands of dollars to researchers who report bugs to Apple.[15] At the beginning of February Apple announced it would pay Grant Thompson for reporting the problem through this payment program.[16] It is lucky for Apple that an honest teenager discovered the problem rather than a hacker looking to make more than Apple is willing to pay.

 

[1]See Nicole Perlroth, Apple was Slow to Act on FaceTime Bug that Allows Spying on iPhones, NYT (Jan. 29, 2019), https://www.nytimes.com/2019/01/29/technology/facetime-glitch-apple.html.

[2]See id.

[3]See id.

[4]See id; see also Shara Tibken, iOS 12.1 with Group FaceTime, New Emoji, Dual-SIM out now on iPhones and iPads, CNET, (Oct. 30, 2018), https://www.cnet.com/news/ios-12-1-group-facetime-new-emoji-dual-sim-out-now-on-iphones-and-ipads/.

[5]See Nicole Perlroth, Apple was Slow to Act on FaceTime Bug that Allows Spying on iPhones, NYT (Jan. 29, 2019), https://www.nytimes.com/2019/01/29/technology/facetime-glitch-apple.html.

[6]See Nicole Nguyen, A FaceTime Bug Allows You to Access Someone’s iPhone Camera and Microphone Before the Pick Up, Buzzfeed News, (Feb. 1, 2019), https://www.buzzfeednews.com/article/nicolenguyen/facetime-bug-iphone.

[7]See Todd Haselton, Apple FaceTime Bug Lets You Listen in on People you Call, Even if they Haven’t Picked Up Their iPhone, (Jan. 28, 2019), https://www.cnbc.com/2019/01/28/apple-facetime-bug-lets-you-listen-even-if-someone-doesnt-answer.html.

[8]See Nicole Perlroth, Apple was Slow to Act on FaceTime Bug that Allows Spying on iPhones, NYT (Jan. 29, 2019), https://www.nytimes.com/2019/01/29/technology/facetime-glitch-apple.html.

[9]See Laurel Brubaker Calkins, Apple Gets Sued Over FaceTime Bug that lets  People Eavesdrop, Bloomberg, (Jan. 29, 2019), https://www.bloomberg.com/news/articles/2019-01-30/apple-sued-by-lawyer-over-facetime-bug-eavesdropping-on-client; see also Mike Snider, Apple FaceTime Lawsuit, SCRIBD, (Jan. 28, 2019), https://www.scribd.com/document/398585118/Apple-FaceTime-Lawsuit#from_embed.

[10]See id.

[11]See Nicole Perlroth, Apple was Slow to Act on FaceTime Bug that Allows Spying on iPhones, NYT (Jan. 29, 2019), https://www.nytimes.com/2019/01/29/technology/facetime-glitch-apple.html.l

[12]Id.

[13]Id.

[14]See Robert McMillan, Apple to Reward Teen as it Patches FaceTime Bug, WSJ, (Feb. 7, 2019), https://www.wsj.com/articles/apple-to-reward-teen-as-it-patches-facetime-bug-11549572939.

[15]See id.

[16]See id.