Category: Blog Posts Page 71 of 76

By: Adam Lamparello & Charles MacLean[1]

August 6, 2014

 

In an era of metadata collection and warrantless searches of laptops at the border, the Supreme Court recognized that privacy—and the Fourth Amendment—still matter.

A. The Court’s Opinion

In Riley v. California,[2] the defendant was stopped for having expired registration tags and arrested when law enforcement officers discovered that the defendant’s license had expired.[3] After the arrest, a detective conducted a warrantless search of the defendant’s Smartphone and discovered incriminating evidence that led to charges of assault and attempted murder.[4]

Relying on the search incident to arrest doctrine, the lower courts rejected the defendant’s Fourth Amendment challenge, holding that officer safety and evidence preservation justified the search of defendant’s Smartphone.[5]

The Supreme Court granted certiorari—and unanimously reversed.

Writing for the Court, Chief Justice John Roberts held that the two objectives underlying the search incident to arrest doctrine were not implicated in the cell phone context.[6] Chief Justice Roberts also rejected the Government’s argument that Smartphones were analogous to physical objects such as containers and cigarette packs, stating to it was akin to “saying a ride on horseback is materially indistinguishable from a flight to the moon.”[7]

Justice Roberts also recognized that, unlike finite physical objects, Smartphones can store “millions of pages of text, thousands of pictures, or hundreds of videos,”[8] which makes them different “in both a quantitative and a qualitative sense from other objects that might be kept on an arrestee’s person.”[9] In fact, “even the most basic phones that sell for less than $20 might hold photographs, picture messages, text messages, Internet browsing history, a calendar, [and] a thousand-entry phone book.”[10]

As such, “the sum of an individual’s private life can be reconstructed through a thousand photographs labeled with dates, locations, and descriptions; the same cannot be said of a photograph or two of loved ones tucked into a wallet.”[11] Moreover, because of their immense storage capacity, “cell phone searches would typically expose to the government far more than the most exhaustive search of a house, and contains a broad array of private information never found in a home in any form—unless the phone is.”[12]

Based on these considerations, the Court held that the search violated the Fourth Amendment’s prohibition against unreasonable searches and seizures, which “was the founding generation’s response to the reviled ‘general warrants’ and ‘writs of assistance’ of the colonial era . . . [and] allowed British officers to rummage through homes in an unrestrained search for evidence of criminal activity.”[13]

Riley is a victory for privacy rights and shows that law enforcement’s investigatory powers are not without limits. Time will tell whether the Court’s reasoning will have implications for future cases involving, for example, the Government’s warrantless search of laptops at the border and indiscriminate collection of metadata. What we know now is that times have changed.

B. What Does Riley Mean for Privacy?

In their upcoming article, Professors MacLean and Lamparello will analyze the implications of Rileyin various contexts where expanding surveillance by the Government threatens to infringe individual privacy rights. They will analyze, among other things, the current circuit split regarding the warrantless—and suspicionless—collection of metadata, and discuss the extent to which the National Security Agency can continue to monitor and track metadata, email, internet browser histories, and other communications data both domestically and abroad.

Professors MacLean and Lamparello will argue that, although Rileyis a victory for privacy rights, there is reason to be cautious. Chief Justice John Roberts has taken a minimalist approach to constitutional adjudication and often strives to decide cases on the narrowest grounds possible.[14] In addition, the basis upon which Riley was decided—reasonableness—may be difficult to apply in contexts where the Government’s interest is heightened, the search is less intrusive than, for example, the search of a cell phone, and occurs in places where an individual’s expectations are privacy are diminished.

Ultimately, the authors will argue that the Court’s jurisprudence will proceed incrementally. Although the Court will increasingly safeguard privacy rights, it will not be able to keep pace with the speed of technology and the efforts by Government officials to increase the scope and breadth of their surveillance power. The authors will propose a detailed legislative solution that includes, among other things: (1) the privacy expectation that citizens should have in various contexts; (2) the levels of suspicion that the Government must satisfy before performing various searches; (3) and the circumstances, if any, when the interest in national security will outweigh a legitimate or diminished expectation of privacy. In so doing, the authors will provide a solution that they believe can guide lawmakers, citizens, and courts as the technology era increasingly implicates complex question about the balance between civil liberties and national security.

 

 

 

 

[1] Professors Charles E. MacLean and Adam Lamparello of Indiana Tech Law School filed an amicus brief in the case supporting Riley’s argument. The Professors argued that the search incident to arrest doctrine did not apply because: (1) cell phones, unlike other physical objects, could not be used as weapons; and (2) the risk that evidence would be destroyed, through either remote wiping or data encryption, was minimal and easily manageable. The authors have also written rather broadly in this area, including: Charles E. MacLean & Adam Lamparello, Abidor v. Napolitano: Suspicionless Cell Phone and Laptop “Strip” Searches at the Border Compromise the Fourth and First Amendments, 108 Nw. U. L. Rev. Colloquy 280 (Spring 2014); Adam Lamparello & Charles E. MacLean, Back to the Future: Returning to Reasonableness and Particularity under the Fourth Amendment, 99 Iowa L. Rev. Bull. 101 (Spring 2014); Katz on a Hot Tin Roof: The Reasonable Expectation of Privacy Doctrine is Rudderless in the Digital Age, unless Congress Continually Resets the Privacy Bar, 24 Albany L.J. Sci. & Tech. 47 (Spring 2014). The authors’ full article addressing the implications of the Riley decision will be published this fall in Volume 20 of the Richmond Journal of Law and Technology.

[2] Riley v. California, 134 S. Ct. 2473 (2014).

[3] See id. at 2480.

[4] See id. at 2480-81.

[5] See id. at 2481.

[6] See id. at 2485-87.

[7] Id. at 2488.

[8] Riley v. California, 134 S. Ct. 2473, 2489 (2014).

[9] Id.

[10] Id.

[11] Id.

[12] Id. at 2491.

[13] Id. at 2494.

[14] See University of Chicago Law School Faculty Blog, Chief Justice Roberts and Minimalism, (May 25, 2006), available at: http://uchicagolaw.typepad.com/faculty/2006/05/chief_justice_r.html.

by Walton Milam, Associate Staff

 

For years, Virginia anglers have lamented the arbitrary three mile line separating the legal area to chase Virginia’s striped bass from the “exclusive economic zone”[1] where commercial boats can legally reek havoc[2] on schools of striper for which the Virginia coast is famous.  The three-mile line is non-sensical for a number of reasons.  The idea that the environment is less affected by a fish caught 2.9 miles offshore than one caught 3.1 miles offshore seems unpersuasive at best.  If population decimation is the federal government’s concern, the two fish per angler rule seems to address these concerns adequately.   If the two fish per angler rule is inadequate, laws ought to further restrict the amount of fish legally caught rather than how far offshore the fish can be caught.  The rule instead seems more likely to be the result of successful lobbying on the part of commercial fisherman who have long foiled the attempts of environmentalists to invoke meaningful improvement, particularly in the Chesapeake Bay.[3]  While I admittedly am skeptical of any attempt by the government to manipulate behavior to affect environmental change, the case of the three-mile line seems particularly heinous.  Commercial fisherman claim that their livelihood depends on their ability to harvest fish outside the three mile zone.  However, many anglers make their living guiding “non-commercial” patrons.  Further, even more anglers work five days a week with the hopes that they can spend money and time and enjoy their free time on the weekend.  In doing so they spend thousands of dollars on licenses, boats, tackle, bait, gas, ice, food, lodging, and beer.  These endeavors seem just as economic as any commercial fisherman catching fish in the “exclusive economic zone.” 

Finally, the technological aspect of enforcement is tricky, given the nature of fishing near the line.  While most GPS and Fishfinder systems include the Three Mile Line in maps, when fishing near the line, it is not always easy to ascertain whether one is in an illicit or legal zone.  This issue is further complicated when fighting a fish that may start in the legal zone but move to the illegal zone.  While most citations of which I am aware occur far outside the line, the difficulty of determining when one is fishing legally adds to the confusion.  One could foreseeably hook up with a striper within the three-mile zone but have the friend run into the exclusive economic zone, making the fish illegal to catch. 

by Danielle Bringard, Associate Survey & Symposium Editor

 

I don’t know about you, but my heart skipped several beats after reading the first wave of news detailing the Heartbleed Security Hack.  I changed all of my passwords on various sites only to find if I had changed them before that particular web operation had updated its software I would have to change my passwords again.  Now, I find, by checking the security of a website I may be violating the law?

Heartbleed is not a virus, but a software defect.[1]  It affects OpenSSL software which is used for encryption.[2]  OpenSSL is an open source software, meaning anyone can access the code, review it, and make changes to it.[3]  So what happens when Heartbleed is exploited?  Essentially it allows a hacker to retrieve memory which may contain usernames, passwords, keys, credit card numbers, social security numbers or other useful information.[4]  Each time the hacker access the system it he or she can gain access to more information.[5]  This is a serious problem as many people now do much of their banking and shopping on the internet.

 So before you change your passwords it might be a good idea to check to see if the website is still vulnerable.  If the website hasn’t patched its software then changing your password will do you no good.  McAfee released a free tool to help consumers determine if the website they visit is safe or not.[6]  That tool can be accessed at http://tif.mcafee.com/heartbleedtest. 

 STOP!  Before you click that link and test a website you have in mind, you should know that some technology experts are worried that doing so could break the law.[7]  These naysayers cite the United States Computer Fraud and Abuse Act.[8]  Software that checks a website to see if it has patched the Heartbleed actually accesses that sites security certificate, which may or may not fall under the purview of 18 U.S.C. §1030.  Since everyone across the globe is experiencing the effects of Heartbleed, and it may take some time before all websites have patched their software[9], I doubt the U.S. government would prosecute a citizen simply seeking to ensure their person information remained protected or taking any proactive steps to do so.

As always, safety first. 

by: Kit Mathers,  Associate Copy Editor

 

In January, Congress, through overwhelming bipartisan cooperation, approved, and President Obama signed into law, a $1.1 trillion omnibus spending bill; a provision of which precludes the U.S. Department of Energy (“DOE”) from spending allocated funds to enforce twilight measures of a “light bulb phase-out” mandated by the 2007 Energy Independence and Security Act (“EISA”).[1]  The phase-out, which effectively began in January 2012, requires that light bulbs produce a certain level of brightness at specified energy levels.[2]  Of particular significance to the average consumer, traditional incandescent light bulbs are incapable of fulfilling the new energy efficiency standards and as of January 1, 2014 60- and 40-watt incandescent light bulbs (which represent half of the consumer light bulb market) are no longer allowed to be manufactured or imported into the U.S.[3]  Overall, the standards set forth by the EISA are predicted to result in annual electric bill savings of nearly $13-billion, power savings equivalent to the output of 30 large power plants,  and will reduce carbon dioxide emissions by about 100 million tons per year.[4]

The spending bill’s ban is not particularly formidable from the perspective of many environmentalists and “pro phase-out” light bulb manufacturers who have characterized it as a nuisance that can’t possibly derail the “market shift” toward more energy-efficient light bulbs.[5]   But should we be more supportive of the spending bill’s ban despite the EISA’s potential environmental benefits?  In support of the ban, House Republicans have stated that EISA phase-out requirements are characteristic of government overreach, and enforcement measures should not be tolerated.[6]   Is there any merit to the House Republicans’ argument?  Is federal product regulation really the proper avenue for catalyzing change in consumer power consumption?  The tension at the heart of the light bulb phase-out is representative of a fundamental issue that must be addressed in any discussion of “where” energy regulations should be focused.  I tend to agree with House Republicans who are wary of the government’s reach into consumer purchasing power, but perhaps end-user regulation (“downstream”) is the most parsimonious way of realizing change in energy use and accompanying (upstream) emissions.  Upstream regulation is inescapably difficult.  State and federal regulation of power plants and their emissions is tedious work, often drawn out interminably by litigation.  But then again, why not increasingly regulate power plants themselves if we are operating under the guise that the end goal is to limit carbon emissions and power plant out-put?  It’s not as though the light bulbs are the source of poor energy management decisions or egregious carbon emissions.   Understanding why the EISA, in large part, came to be makes the decision to regulate downstream consumer choice even less palatable.

While the EISA does not outrightly proscribe the manufacture or importation of all incandescent light bulbs, it has the net effect of increasing market  prevalence  and selection of more expensive, compact fluorescent light bulbs  (“CFLs”) and light emitting diodes (“LEDs”) which is extremely beneficial to major light bulb manufacturers.  As Timothy Carey of the Washington Examiner details, the 2007 Energy Independence and Security Act “wasn’t a case of an industry getting on board with an inevitable regulation in order to tweak it.  The lighting industry was the main reason the legislation was moving.”[7]  The light bulb industry is, by its nature, a competitive market with no significant impediments to entry.  Characteristic of such competitive markets, under the neoclassical economic model, is product pricing at marginal cost – the cost of producing one additional unit of output- which results in low profit margins.[8]  GE, Phillips and Sylvania, which dominate the U.S. incandescent light bulb market, want to “convert their dominance into price hikes,” but because market entry is not significantly encumbered by manufacturing or regulatory costs, consumers will gladly purchase new alternative brands that offer bulbs at, or close to, marginal cost.[9]   Market giants, with significant capital available for research and development programs, sought to extinguish the threat of competition (which keeps profit margins low) by expending significant money to improve the incandescent light bulb, primarily through advancing halogen, LED and fluorescent technologies.[10]  These “energy efficient bulbs” sell at a much higher price point compared to incandescent light bulbs, and because of this, consumer choice has remained somewhat stagnant and heavily biased toward incandescents.  Light bulb manufacturers, aware that consumers won’t willingly skirt cost benefit considerations in light bulb selection, have thus collaborated with groups like the NRDC in lobbying for the phase out of incandescents; their agenda being the “push” of profitable products rather than environmental conservancy.[11]  Undoubtedly, there are great advantages to newer bulb technologies, as well as associated costs.[12]  However, it’s extremely hard to justify the handcuffing of consumer freedom of choice when it is being instituted by government elites and unelected bureaucrats.[13]

 All in all, it is extremely important to ask, where (or at what phase) should regulatory efforts be focused (and why)?  The upstream power plants, downstream consumers, or both?  Perhaps the fact that light bulb manufacturers are sustaining windfall profits from federal regulation is an inevitable consequence; in any regulatory effort there will always be a party that benefits, perhaps grossly, from regulation.  It will be interesting to see what happens to the spending bill’s ban in the coming months, and whether or not downstream regulation will accomplish its goals.

by Brittani Lemonds, Associate Manuscripts Editor

 

Society’s dependency on smartphone technology has undoubtedly benefitted the fashion industry worldwide.  Gone are the days where cell phone users were limited to the cases and tech accessories available at the storefront of their service provider or local office supply store.  The iPhone opened the door for upscale accessories including designer phone cases, handbags created to fashionably (and conveniently) hold the iPhone’s slender structure, and even winter accessories that allow users to engage with touchscreen technology without removing their gloves.

Enter Echo Design Group – a prominent fashion designer and retailer specializing in home décor, stationary, women’s handbags, scarves, and other cold weather accessories including the aforementioned touchscreen compatible gloves.

Since November 2013, Echo Design Group has been aggressively filing lawsuits against major fashion brands, designers and high-end retailers alike for alleged infringement of its U.S. Patent 8528117 titled “Gloves for Touchscreen Use.”[1]  The most recent fashion heavyweight involved in this patent controversy is American fashion designer and former Project Runway judge, Michael Kors.[2]  On February 24, 2014 Echo Design Group filed a complaint against Michael Kors (USA), Inc. and Michael Kors Stores LLC., in the United States District Court, Southern District of New York for patent infringement of Kors’ Touch Screen Zip Glove.[3]

Just weeks earlier, in January 2014 Echo Design Group filed a similar complaint against Henri Bendel in the United States District Court, Southern District of New York for patent infringement of Bendel’s NB Polka Dot Glove.[4] 

But Michael Kors and Henri Bendel are not the only designers facing legal threats for their touchscreen compatible gloves.  Echo has targeted other fashion designers for alleged infringement of the same patent, filing at least four other lawsuits in November 2013 against the likes of Fownes Brothers & Co., Inc. for the Touchscreen Compatible Gloves sold under UGG, G-III Apparel Group, Ltd., for the Calvin Klein Text Enabled Gloves, Kate Spade for the iPhone Gloves sold under the Jack Spade brand, and Marc Jacobs International, LLC. for the various touchscreen gloves retailed under the brand.[5]

All of the filed complaints state that Echo invested significant time and resources into developing the touchscreen glove concept and that Echo secured intellectual property rights to the “Gloves for Touchscreen Use” on September 10, 2013 when USPTO (the Patent 117) issued U.S. Patent No. 8528117 to Echo.[6]

The complaints allege that all of the defendants “without permission or license from Echo, has made, is making, is having made, has sold, is selling, is causing to be sold, has offered for sale, is offering to sell, is causing to be offered for sale, and/or has imported, is importing, and/or is causing to be imported into the United States, within this State and elsewhere, of the products.  The products directly infringe, contributorily infringe, and/or induce others to infringe, at least one claim of the ‘117 Patent, including but not limited to claim 1, in violation of 35 U.S.C. § 271.”[7]  Echo is seeking damages, preliminary and permanent injunction and fees.[8]  It will be interesting to see whether Echo succeeds in its myriad of lawsuits against the fashion industry.

by Fiona Clancy, Associate Notes and Comments Editor

 

A Florida dad learned a costly lesson about sharing confidential information with his daughter and the ramifications of a subsequent social media post in a case that has gotten a lot of media attention lately. 

Patrick Snay sued his employer, Gulliver Prep School, when his 2010-2011 contract as the school’s headmaster was not renewed.[1]  Mr. Snay filed a two count complaint under the Florida Civil Rights Act alleging age discrimination and retaliation.[2]  On November 3, 2011, the parties executed a settlement agreement with various payments to be made by Gulliver Prep including $10,000 in back pay to Mr. Snay, (known as “Check #1), $80,000 to Mr. Snay as a “1099” (known as “Check #2), and $60,000 to Mr. Snay’s attorneys (known as “Check #3).[3]  Central to the agreement was a confidentiality clause that read in part:

 “13. Confidentiality…The plaintiff shall not either directly or indirectly, disclose, discuss or communicate to any entity or person, except his attorneys or other professional advisors or spouse any information whatsoever regarding the existence or terms of this Agreement…A breach…will result in disgorgement of the Plaintiffs portion of the settlement payments.”[4] 

On November 7, 2011, only four days after the agreement was signed, Gulliver Prep notified Mr. Snay that he had breached the Agreement based on his daughter Dana Snay’s Facebook post which stated[5]:

 “Mama and Papa Snay won the case against Gulliver.  Gulliver is now officially paying for my vacation to Europe this summer.  SUCK IT.”[6]

The Facebook post went out to approximately 1,200 of Dana Snay’s Facebook friends, which included many current or past Gulliver Prep students.[7]

Gulliver Prep also informed Mr. Snay that it would not be tendering Check #2, the $80,000 payment.[8]  Mr. Snay moved to enforce the settlement agreement and receive payment, and the trial court held that the Facebook posting did not constitute a breach of the agreement.[9]  However, Florida’s Third District Court of Appeals reversed the trial court’s ruling on February 26, 2014, stating that Mr. Snay’s $80,000 settlement with Gulliver Prep was null and void because his daughter breached the terms of the non-disclosure clause when she posted about it on Facebook.[10]  The Court of Appeals ruled in favor of Gulliver Prep in finding that Snay violated the agreement when he told his daughter about the settlement and acknowledged that Dana Snay did precisely what the confidentiality agreement was designed to prevent– advertising to the Gulliver Prep community that Snay had been successful in his age discrimination and retaliation case against the school.[11] 

The internet has been buzzing with legal commentary regarding this case with many lawyers weighing in and discussing the lessons learned.

A Chicago based, self-described “social media” attorney feels “this case illustrates why (1) it is important for parties to abide by the confidentiality provisions of settlement agreements and (2) people who learn confidential information should keep their social media mouths shut.”[12] 

One employment attorney commented that in most cases, the discussion revolves around the liability that social media can cause employers, while this case represents a turn of events with Facebook working in the employer’s favor.[13]  That attorney believes this case serves as a reminder that social media can open “Pandora’s box” with respect to liability for employers, but it can also provide a wealth of information during litigation for both sides.[14] 

Another employment attorney believes this case illustrates the need for well drafted confidentiality clauses.[15]  After all, employers include confidentiality clauses in their agreements precisely because they do not want a former employee openly disclosing the amount or existence of a settlement payment as that can encourage additional legal challenges and/or cause discord among current employees.[16]  While Gulliver did not end up paying Mr. Snay the $80,000, the information it wanted to protect is nevertheless now public.  The valuable lesson for employers, the attorney opines, is that a well written confidentiality clause is essential if an employer wants to prevent disclosure of the existence or amount of a settlement payment.[17]  The attorney suggests drafting the clauses to permit disclosure to immediate family members (which the agreement in the Snay case did not) because it is unlikely that families will not share the information with people who have been aware of and involved in the litigation process.  The key is to permit disclosure to those immediate family members but subject those family members to the same confidentiality requirements as the employee, preventing disclosure outside the immediate family.[18]  During the appeals process, Mr. Snay testified that he “knew the litigation was important to his daughter and that he and his wife would have to tell her something.”[19]  The appellate judge stated in her opinion that “[t]he fact that Snay testified that he knew he needed to tell his daughter something did not excuse this breach” and that there was “no evidence that [Snay] made this need known to the school or to his or its attorneys so that the parties might hammer out a mutually acceptable course of action in the agreement.”[20]  The court was not swayed by Mr. Snay’s testimony that he had not told his daughter he had “won” the case, and that she did not go to Europe, nor had she planned such a trip.[21]

A Michigan based employment attorney summed it up by stating “Facebook and confidentiality agreements do not mix.”[22]  The attorney also posits that it is “unrealistic to think that a family cannot be told since the fact of litigation is undoubtedly known” and suggests language in the agreement that allows for the disclosure of the settlement to immediate family members which specifically defines what family members may be told, while also specifically prohibiting any disclosures.[23]  Such a provision would not have authorized Dana Snay’s Facebook post, and would have better protected Gulliver Prep’s interests.[24]

While acknowledging that people may feel sympathy for the Snay family, the Michigan employment attorney feels this case provides important comfort to employers who settle cases with the express intention that the settlement remains confidential, and properly emphasizes to plaintiffs that nondisclosure means nondisclosure—even when third parties or family members are involved.[25]  Furthermore, this case serves as an important reminder that social media is now an established part of everyday life, that prohibitions against disclosure should specifically mention social media, and that our lawyering and agreements should adapt to the ever present technologies and platforms that permeate our lives.[26]  Appropriately planning for these situations is something both clients and attorneys can “Like.”

 

by Laura Bedson, Associate Symposium and Survey Editor

 

Say it isn’t so!  The days of unregulated model airplane flying may well be behind us, particularly if the Federal Aviation Administration (FAA) has anything to say about it.  As the use of Unmanned Aircraft Systems (UAS) or drones, as they are more commonly known, has literally skyrocketed in recent years, the FAA has gone to work crafting laws geared towards regulating the use of these devices.

The potential loopholes in these new regulations were pointed out in a recent case that came out of Charlottesville, Virginia.  Back in October of 2011, Raphael Pirker piloted a $130 foam glider above the University of Virginia’s Medical Center in the hopes of capturing aerial footage of the school for advertisements.[1]  Despite this seemingly innocent motive, the FAA came down hard on Mr.Pirker for operating a UAS or drone without obtaining prior authorization from the FAA.  As a result, the FAA imposed a $10,000 civil penalty on Mr.Pirker for operating this commercial drone.  The FAA’s complaint alleged that Mr.Pirker had carelessly operated the drone in a manner that potentially endangered life and property.

To someone such as myself, Mr.Pirker seems like an innocent, model airplane enthusiast who got mixed up in this emerging area of law.  That is not the case.  After doing some research, I learned that Mr.Pirker, aka “Trappy” is a 29-year-old “aerial anarchist”[2] who has been on the FAA’s list of least favorite people for a few years now.  He has taken videos of the Statue of Liberty, French Alps, and Costa Concordia using the small model aircrafts.[3]  It wasn’t until he arrived on UVA’s campus to take videos of the MedicalSchool however, that the FAA was able to get its hands on him. 

Leaping at the opportunity to make an example of “Tappy” and push through model aircraft regulation, the FAA pursued the case by arguing that model aircrafts were covered under its regulations, and even suggested that  model airplanes should be classified as drones.  Currently, the FAA defines a UAS as the device flown by a pilot “via a ground control system, or autonomously through use of an on-board computer”.[4]  Based on this basic definition, Mr.Priker could have been considered to have been operating a UAS and thus in violation of not obtaining prior authorization per FAA rules.

            Despite the FAA’s arguments that Mr.Priker was recklessly operating this commercial drone in a manner that endangered human life and property, a National Transportation and Safety Board (NTSB) administrative judge was not convinced.  In the first case of its kind, the judge dismissed the FAA’s case against Mr.Priker.[5]  The Judge held that Mr. Pirker was not operating a drone, or what the FAA traditionally considers to be a drone, but instead, merely a model airplane, which is a device that is not subject to FAA regulation and enforcement.[6] 

            This decision and the arguments from both parties will likely prove to be more monumental than we may think, particularly because the holding perfectly coincides with newly publicized FAA restrictions regarding the commercial use of drones.  The FAA, for some time (since 2007), has banned the commercial use of model aircrafts and this decision ultimately makes that policy unenforceable.[7]  Unsurprisingly the FAA has appealed the ruling, which means that the case will now be brought before the full NTSB board for a ruling.  While there is no guarantee as to how the full board will rule, there is no question that drones are here to stay and cases such as this are just the beginning of a long race to regulate these aircrafts.

by Taylor Linkous, Associate Technology and Public Relations Editor

            Gun control is one of the most controversial and divisive issues in America and with a slew of mass shootings in recent years, the debate seems to have only intensified.  To make things more interesting, over the past few years, personalized guns or “smart guns” have also entered the conversation.  While at one point, smart guns seemed to be out-of-reach concepts used in movies like Skyfall, the Oak Tree Gun Club in California recently became the first store in the nation to put a smart gun on sale.[1]

            Smart guns were created with the aim of reducing the misuse of guns and accidents caused by guns by using radio-frequency identification (“RFID”) chips, fingerprint recognition, or magnetic rings which would allow only authorized persons to use the weapon.[2]  The thought is that this technology could prevent accidental shootings by children or even prevent violent gun crimes by barring anyone but an authorized user to fire the gun.[3]   

            As noted above, just recently, Oak Tree Gun Club, one of the largest gun stores in California, became the first in the nation to sell a smart gun.[4]  Oak Tree Gun Club is selling the Armatix iP1, which requires the user to be wearing a black waterproof watch in order to fire.[5]  The gun and the watch both contain electronic chips and when the watch is within reach of the gun, a light on the grip of the gun turns green and the user is able to fire.[6]

             Proponents of smart guns insist this technology is revolutionary and a momentous step in the right direction when it comes to controlling the use of guns and reducing gun violence.[7]  However, opponents of the new technology are mostly gun rights advocates who worry about its reliability and that the government will trample on their Second Amendment rights by eventually requiring all guns to have this technology.[8] 

Other opponents include the Violence Policy Center, a strong advocate of reducing gun violence, who argues smart guns won’t reduce gun violence because most gun homicides happen between people who know each other and the new technology would not prevent such crimes.[9]  Moreover, the Violence Policy Center argues smart guns could increase the number of people purchasing guns because those who were once opposed to owning guns may change their minds if they think this technology makes guns safer.[10]

Some of the concerns about Oak Tree Gun Club’s sale of smart guns come from a New Jersey law passed in 2002 which requires all handguns in the state to be personalized within three years of a smart gun being sold anywhere in the U.S.[11]  With the store selling the first smart gun in the country, arguably the clock on the New Jersey law has started running, putting many opponents of the technology in a panic.  The backlash against Oak Tree Gun Store has been so strong that the store has actually denied ever selling the gun, despite photos of the gun for sale at the facility.[12]

Just recently, Senator Edward Markey, a Democrat from Massachusetts has revealed a gun control bill requiring all new guns to be personalized so they can only be fired by their owners.[13]  While the benefits of such a technology seem obvious, smart guns have already gained some strong enemies and it unlikely Congress will pass such a bold law with so much controversy and debate already surrounding it.

                                                 

by Barry Gabay, Associate Staff

If you are at work and you are reading this, you may be subject to federal criminal sanctions.

The Computer Fraud and Abuse Act, the federal government’s key anti-hacking law, was originally enacted in 1986 to deter hackers from wrongfully obtaining confidential governmental and financial information, or inflicting “federal interest” computers with harmful viruses.  In passing the act, Congress sought to regulate only those computer crimes that were interstate in nature, particularly those involving large financial institutions and governmental organizations.[1]  However, the statute was amended several times to ultimately broaden the CFAA’s reach.  In the mid-90s, for example, Congress placed criminal misdemeanor liability upon individuals who acted merely “recklessly” in their computer use,[2] and later placed liability upon individuals who obtained and read “any information of any kind so long as the conduct involved an interstate or foreign communication.”[3]  But Congress went even further in 2008 when it most recently amended the CFAA.  For starters, Congress eliminated the $5,000 misappropriation threshold for CFAA liability.  But further, while previously a defendant must have stolen information through interstate commerce or foreign communication to be prosecuted under the CFAA, the statute was amended to now encompass all information obtained “from any protected computer.”[4]  

Today, liability under the CFAA can be proven by showing that a defendant (1) intentionally accessed a computer (2) without authorization or exceeding authorized access, and thereby (3) obtained information from a protected computer.[5]  The pertinent definition of “protected computer” is any computer “which is used in or affecting interstate or foreign commerce or communication.”[6]  Courts have found that the Internet is “an instrumentality and channel of interstate commerce,” thus within the realm of Congressional regulation, and for purposes of CFAA violations, the defining characteristic of a “protected computer.”[7]  To put it in perspective, this criminal statute was broadened from pertaining only to computers with direct “federal interest” to now any computer connected to the Internet.

Nevertheless, the main litigable issue has proven to be determining when an individual is “authorized” to use a computer.  Under the CFAA the phrase “exceeds authorized access” is “to access a computer with authorization and to use such access to obtain or alter information in the computer that the accesser is not entitled to obtain or alter.”[8]  Whereas an employee who uses a computer “without authorization” has “no rights, limited or otherwise, to access the computer in question,” an employee who “exceeds authorized access” had initial authorization to use the computer “for certain purposes but goes beyond those limitations.”[9]  However, the phrase, “without authorization” is not defined in the CFAA, and a circuit split has thus developed over the interpretation of the phrase.  

The majority broad view, adopted by the First, Fifth, Seventh and Eleventh Circuits, holds that an employee’s computer authorization is terminated the moment that an employee acts contrary to his employer’s interest.[10]  These circuits hold that any time an employee uses a company computer in a way not in direct benefit to his employer the Department of Justice has jurisdiction to prosecute.  As Justice Floyd noted in the summer of 2012, “[s]uch a rule would mean that any employee who checked the latest Facebook posting or sporting event scores in contravention of his employer’s use policy would be subject to the instantaneous cessation of his agency and, as a result, would be left without any authorization to access his employer’s computer systems.”[11]

However, in the two most recent federal appellate cases on the issue, the Fourth and Ninth Circuits both adopted a narrow interpretation of the statute.  Those circuits held that an employee is “authorized” to use a company computer when the employer gives that employee permission to use it.  An employee’s subsequent misuse of an employer’s computer would not be subject to federal sanctions, as that employee was “authorized” to use that computer under the CFAA. [12]

While a broad interpretation of the CFAA may deter some individuals from using computers in ways not intended by their employers, that deterrence derives from ludicrous sentencing for comparatively innocuous criminal actions.  Aaron Swartz, the well-documented Internet activist who allegedly downloaded millions of articles from MIT’s online library, faced a maximum sentence of 35 years incarceration before the 26-year-old took his own life. [13]  In comparison, the maximum federal sentence for a first-time felon guilty of attempted murder who left the victim with life-threatening bodily injury is 24 years.  A first-time child pornographer who distributes images of a child under the age of 12 engaged in explicit sexual acts would receive a maximum federal sentence of 30 years imprisonment.  If an employee merely getting fired by her employer is not enough deterrence for misusing a company computer, then state criminal statutes and tort and contract law surely provide adequate deterrence.  Thus, in practice, the broad interpretation of the CFAA merely serves to make ordinary working individuals, who, while perhaps distracted during the workday possess no real criminal intent whatsoever, into federal criminals. 

In the wake of Aaron Swartz’s suicide, the Justice Department and members of Congress have recently expressed their willingness to narrow the scope of the Computer Fraud and Abuse Act.[14]  The bipartisan Aaron’s Law was introduced in the House of Representatives to limit the scope of the CFAA.  That limitation is long overdue.  It is a well-established canon of statutory construction that courts must construe criminal statutes narrowly, so as to avoid over-criminalization.  But courts, obviously unable to define a crime, are relegated merely to the text, and hinge liability on the terms “without authorization” and “exceeding authorized access.”  With the firmly entrenched circuit split now in place, the Supreme Court may in the not too distant future weigh in on the issue if Congress does not first amend this overbroad statute.