Richmond Journal of Law and Technology

by Morgan Ackerman, Managing Editor

Admittedly aging adults is not the first thing that comes to mind when thinking about the intersection of law and technology. However, there have been many recent technological advancements to aid aging adults and their caregivers. These advancements are aimed to both enable seniors to live at-home longer, and to help their caregivers.[1]

            Some of these advancements include Smartphone applications that help track medications[2], GPS trackers to monitor aging adults with Alzheimer’s and dementia[3], sensors, skin detectors, and social interaction tools.[4] All of these new technologies are making it possibly for many seniors to live independently, and for those caring for seniors, to better care for them. Along with these life enhancing, and life saving technologies comes potential legal ramifications. 

            The Supreme Court recently ruled that placing a GPS tracker on a car is considered a search under the 4^th Amendment.[5]  Police will now need to obtain a warrant to lawfully place a GPS tracker on cars of criminal suspects. The court’s ruling leaves open the question of whether individuals can place GPS trackers on others. Private investigators have used the term “electronic stalking” when referring to the misuse of GPS trackers, and this is a serious concern surrounding GPS trackers.[6]

             In the context of aging adults, the use of GPS trackers to monitor seniors with Alzheimer’s and dementia seems to be a gray area. Likely, individuals tracking these adults are family or medical professionals that have gained consent to track individuals. However, this technology has an extraordinary potential for abuse and has yet to be regulated.

            Smartphone applications that help track medications may be the targets of medical malpractice lawsuits.[7]  Currently, Apple’s iPhone Developer Program License Agreement indemnifies Apple from liability for all iPhone applications, and places liability on the individual developers.[8] The potential that these medicine-tracking apps could have a glitch, or malfunction is high. A glitch or a malfunction could seriously harm a person relying on the app. The potential harm on the elderly population, that might solely rely on the app to remind them to take their medication, could have an even greater harm. With Apple’s indemnity clause, this leaves the Smartphone application developers liable. There has yet to be a medical malpractice case for medical Smartphone apps, but medical malpractice experts and the FDA foresee this scenario arising.

            Given the reality of such problems the FDA recently issued final rules on the development of medical Smartphone applications.[9] However, the FDA did not issue regulations of medicine reminders, caloric in-take, heart monitors, etc. leaving these types of medical apps unregulated.

            Overall, the implications of modern technology that aids the aging populations are positive, but the legal consequences should be kept in mind.

by Silvia Lee, Associate Staff

People waited in lines all over the world on Friday, September 20th to purchase Apple’s latest release, the iPhone 5s. Among the mobile device’s new features is a fingerprint scanner built into the home button. After an initial set-up, Apple’s proprietary “Touch ID” technology can scan sub-epidermal layers to allow users to unlock their phones and make iTunes purchases by scanning their fingerprint. Addressing privacy and security issues, Apple has stated that the biometric data is encrypted and stored only on the device and the information will not be sent to Apple’s servers or Cloud service. In addition, third party apps will not have access to the Touch ID system.

The much talked-about feature has at least one lawmaker voicing his concerns. Senator Al Franken, the Chairman of the Senate Judiciary Subcommittee on Privacy, Technology and the Law, has written a letter to Apple CEO Tim Cook in which he poses several questions regarding the new technology. One of his concerns is whether Apple considers the biometric data to be “contents” of communication or a “subscriber number or identity.”[1] Under the Stored Communication Act, “content” cannot be freely disclosed to law enforcement agencies without a warrant, while “subscriber number or identity” requires only a subpoena.[2]  

            Senator Franken is also concerned with how secure the fingerprint scanner actually is. He notes that “[p]asswords are secret and dynamic; fingerprints are public and permanent.”[3] If a passcode is compromised, users can change it for a new one, but fingerprints are unique and unchangeable. He fears that someone could lift a user’s fingerprint and use it to hack into the phone and all the information stored within.

The idea of lifting a fingerprint and hacking into an iPhone 5s has been turned into a competition on a website launched by Nick DePetrillo and Robert Graham. The site is crowdfunding a bounty for the first Touch ID hack. The duo claims their motives are to show that it is more difficult than people think. The crowdfunding campaign has raised over $5,000.00 so far and garnered much attention on Twitter with the hashtag #istouchidhackedyet.[4] In order to win the bounty, the hackers must post a video detailing the process of lifting a fingerprint from an everyday object (like a beer mug) and using it to unlock an iPhone 5s.[5] As of 10:00 no official winner of the bounty has been declared, but the Chaos Computer club from Germany is rumored to have accomplished the feat and have published a step-by-step guide.[6]

So far Apple has stayed silent on the matter. However, with a successful Touch ID hack a mere two days after the phone’s release and Senator Franken’s request for answers to his queries within a month, Apple may be pushed to speak sooner than anticipated.

by Dylan Denslow, Associate Staff

If you ask someone a question and they don’t know the answer, it’s a fair guess that their answer will be “Google it.”  These days, it seems like Google is used for everything – it’s expanded much further than a simple Internet search engine.  While this expansion has its fair share of benefits, it also means that Google continues to collect even more piles of data from its users.  However, just recently the Ninth Circuit issued an opinion in Joffe v. Google that will rein in some of Google’s activity and have implications for other Internet users.

Google’s Street View program is a feature connected to the company’s popular Google Maps and Google Earth applications, which allows users to see 360-degree panoramic images of cities from a street-level perspective.  Google provides this service by sending computer-filled vehicles with cameras down city streets. While capturing street images between 2008 and 2010, Google’s Street View cars simultaneously collected around 600 gigabytes of data transmitted over Wi-Fi networks in more than 30 countries.  Among the types of data captured were personal emails, usernames, passwords, videos and documents[1].

The US Wiretap Act generally prohibits the intentional interception, use, or disclosure of wire, oral and electronic communications unless a statutory exception allows for such activity.[2] One such exception involves communications that are readily accessible to the public, such as radio communications[3]. 

In Joffe v. Google, Google argued that the case should be dismissed based on the theory that its collection of data from unencrypted Wi-Fi networks fit within the Wiretap Act’s exception covering communications readily available to the public.  However, the Ninth Circuit felt otherwise and held that “Google’s collection of data from unencrypted Wi-Fi networks under its Street View program is not exempt from federal wiretap laws.”[4]  Specifically, the court noted that unencrypted Wi-Fi networks do not qualify as radio communications and that they are not electronic communications readily accessible to the general public.[5] This case represented the first time an appellate court addressed the issue and made a determination on the Wiretap Act’s applicability to unencrypted Wi-Fi networks.[6]

The practical implication of this ruling is that anyone who intercepts your information on an unencrypted Wi-Fi network may be punished. Anyone can join an unencrypted network, and once joined all of the data on the network is available to all connected devices. Without hacking, it is easy to collect data from these networks both intentionally or unintentionally. Some privacy experts are concerned that going forward, this court’s holding has the potential to “create accidental outlaws of researchers, and the generally technical and curious.”[7] Because of the relative ease in accessing data on unencrypted Wi-Fi networks, Internet users and researchers in particular should be aware that even their unintended use of an open Wi-Fi network may expose them to potential legal risks.

by Miles Jolley, Associate Staff

A few college kids have recently found themselves in federal hot water for taking advantage of campus computers.  For two different but sinister ends, Matthew Weaver and Marcus Barrington used keyloggers to steal others’ online usernames and passwords.  If you’re like me, you have hopefully never encountered this technology.  Keyloggers are covert devices that can easily assist ne’er-do-wells in stealing your identity and accessing personal information.  Also, if you’re like me, you’ll be surprised at how obtainable these are and the relatively weak legal response preventing their use.  First, let’s marvel at the idiocy of these students.

Matthew Weaver was running for student council president at California State University, San Marcos in March of 2012.  Instead of kissing babies and shaking hands, he decided to steal the election.  Weaver installed keyloggers on campus computers to steal other students’ university network usernames and passwords in order to cast hundreds of votes for himself.  Once university officials got wise, they involved federal investigators.  The election ended up winning Weaver a year in jail for committing identity theft, wire fraud, and unauthorized access to a computer.[1]

Barrington was a student at Florida A&M University and similarly used keyloggers to access the school’s Registrar’s system.  Once Barrington infiltrated the system, he altered grades and other vital information.  All total, there were over 650 changes made which involved over 90 students.  Barrington wound up with 84 months in prison for various identity theft and fraud convictions.[2]

Keyloggers are computer applications that record your keystrokes.  The common criminal usage of a keylogger is for stealing online usernames and passwords that protect email accounts, online banking, you name it.  They come in both hardware and software formats and all it takes is a little internet surfing to get your hands on one.  Legitimate companies market keyloggers to IT admins and parents that want to track activity on their computers.  However, it is easy for criminals to wield this otherwise legal technology for wrongdoing.[3]

The reality is that this is a hard situation to remedy.  Nowhere in the federal code is the illegal use of a keylogger specifically mentioned.  Lawmakers attempted to pass relevant provisions in 2007 with the Securely Protect Yourself Against Cyber Trespass Act, but it died in the Senate after twice passing the House.  The law would make illegal “[c]ollecting personally identifiable information through the use of a keystroke logging function.”[4]  A clear law such as this might make technology companies think twice about to whom they sell keyloggers.  Additionally, this definitive language would let potential criminals know there will be consequences for illicit use.  However, until more is done, these devices will be used to take advantage of innocent, hard-working Americans.

by Walton Milam, Associate Staff

Though the Superbowl typically provides the best television advertisement of the year, the 2014 political races and particularly the Virginia gubernatorial election are giving the NFL championship a run for its money.   From Voldemort like voice overs to overly done images of the candidates sharing their vast knowledge of Virginia agriculture and manufacturing techniques, these candidates make it clear that they are the key to a more prosperous Virginia and that their opponent is downright evil.  Terry McAuliffe and Ken Cuccinelli have managed to spend what are likely millions in television marketing without making a single argument, instead relying on a litany of inductive fallacies that leave me laughing every time.[1] [2] 

Sadly, these commercials must be indicative of what political entities believe will sway voters.  Given the immense money spent by political groups across the nation to determine what campaigning tactics yields results, I think politicians vying for 2014 positions are likely catering to the demands of voters who are affected more by emotionally charged ad hominems than a candidate who ventures to make an argument.   The televised town halls meetings associated with Obamacare left me with impression that American political discourse is devolving to the “rabble- rabble” type meetings that occur on Southpark rather than a market of competing ideas that supposedly lead to a more fruitful society. 

Unfortunately both voters and politicians face incentives that give little reason to think the nature of political campaigns will change.  Voters face the prospect of choosing a “superior” candidate or facing the stigma of foregoing their civic duty to participate in elections.   This dilemma will likely force voters to give into the lesser of two evils and vote in November.  Hopeful politicians must get elected to have any impact and are willing to do what is necessary to achieve their end goal, including waging political warfare that does not actually get to any meaningful issue.

The perplexing issue facing voters is how to change demands so that politicians vying for office will be forced to switch campaigning tactics so that there is meaningful argument that involves improved government rather than alleged personal issues facing their political opponents.  Perhaps the best approach is the one put forth by PJ O’Rourke, to abstain from voting as it only encourages the political machine that their campaigning tactics and efforts are worthwhile.[3]

As mentioned supra, the prospect of abstaining from elections altogether is viewed with disdain as many consider election participation a fundamental element of American democracy.  O’Rourke’s idea then, though well-taken, will not sit well with a majority of voters and thus will not likely be a mechanism through which the nature of political campaigning shifts.

Long terms solutions might come through an improved education system through which both voters and potential elected officials come to understand the importance of using argument rather than fallacy.  This solution will have little impact in the short run and seems even more bleak as education policy stems from the same elected officials waging campaigns today. 

Though a solution seems distant, I think it is important to understand that the lack of inductive argument is a major issue in political races and all facets of society.  While I am entirely confident that this blog post will have a statistically insignificant impact on the 2014 Virginia Governor’s election and the commercials associated with it, I think informal discussion of argument and fallacy can only be helpful.[4]

At least the Virginia race is sure to provide us with more entertainment.  I can’t wait for the debates.   

By Dimitri Karles, Associate Staff

The universal appeal of video games is impossible to deny. According to data collected by the Electronics Software Rating Board, the regulatory body that oversees the video game industry, 67% of US households play video games.[1] This ubiquity has led to record sales and industry-wide revenue eclipsed $10.5 billion in 2009.[2] Many entities, from independent developers to giant publishing houses, comprise the video game industry, and each one has the potential to influence the industry. However, there is one company whose influence pervades the industry to a greater degree than any other. Nintendo not only has some of the most recognizable gaming mascots in the world, but has also released a number of best-selling consoles. As such, the gaming community, in a rare show of solidarity, is generally positive in its views towards the Japanese gaming giant.

In May of 2013, however, Nintendo took actions that drew the ire of a large part of the gaming community[3]. One of the recent phenomena of the gaming community sees YouTubers posting videos of footage of new games, with or without commentary, which they share among their followers[4]. The community frequently refers to these clips as “Let’s Play videos” and calls those who upload them “Let’s Players.”[5] A number of these “Let’s Players” run ads on these videos, in turn generating revenue dependent on the number of views the video garners.[6] On May 14, however, a Let’s Player posting to the ZackScottGames channel discovered that the ad earnings from videos he posted of Nintendo games had ceased.[7]

After the news broke, and after the denizens of the Internet reacted as they are wont to do, Nintendo released a statement explaining the situation. Rather than completely blocking Let’s Players from posting copyright content on YouTube, Nintendo chose to insert its own advertisements “at the beginning, next to or at the end of clips.”[8] This meant that Let’s Players would no longer be able to gain revenue from videos containing content containing Nintendo copyright material, and, in turn, many Let’s Players stopped posting such content.[9]

Did Nintendo make the right choice? Should it have left well enough alone and continued to allow Let’s Players to post copyright content? Or, was its decision to exercise its intellectual property rights sound corporate policy? Though there is solid precedent that abandonment of a copyright can only be accomplished by some overt act, Nintendo was justifiably concerned about the future of its copyrights had it continued to allow Let’s Players to post copyright content without comment.[10] So, did, as the Internet predicted, these policies spell doom and gloom for the corporation at the center of this “controversy”? As it turns out, only nine days after he reported the cessation of his ad earnings, the same Let’s Player was back to earning ad revenue on those videos.[11] Was this just Nintendo’s way of sending a message to the gaming community that they would do everything in their power to retain their intellectual property rights, regardless of any potential backlash? We might never find out the answer to that question, but, as the world becomes increasingly reliant on digital media, we have to figure out how this situation fits into the larger context of digital rights management and the gaming community.  

by Spencer Mead, Associate Staff

Should Search Engines be Responsible for Personal Information on the Internet?

            Advances in technology and the Internet have revolutionized how human beings interact. 20 years ago, embarrassing moments were rarely caught on camera. However, those recorded gems started one of the most popular television shows in recent history, America’s Funniest Home Videos. People knew that their embarrassing moments had a possibility of making it on TV to be viewed by hundreds of thousands of Americans. Thankfully, video recorders were fairly large and recognizable so people generally knew when they were being recorded.

Fast forward to today. The widespread availability of the Internet, vast improvements in video recording capabilities, the advent of YouTube, and the explosion of smart phone usage allows videos to be recorded at any time, without someone being aware they are being recorded, and accessible to the entire world in a matter of minutes. Now, an embarrassing moment can be seen by millions in a few weeks’ time. There are even TV shows that get all of their material strictly from YouTube. Information spreads so quickly across the internet that it can be almost impossible to fully remove something from the public realm. But what if you want one of your embarrassing or personal moments, that should not have been placed in the public realm to begin with, wiped from the Internet for good? Is it even possible to do?

Internet Search Engines, such as Google, are extremely complex and modifying the search algorithm is not easily done. Therefore, making it difficult to permanently remove items from the search engine’s databases. However, most Internet search engines have mechanisms in place to remove unwanted items from their search results.[1] But this does not mean the information is actually removed from the search engine. People can still find this information. Sometimes just changing the search terms is all it takes to find the information through a different search on the same search engine.

One man thinks the solution is permanently altering the search engines to remove the information from their databases.[2] However, this raises several public policy concerns. This would be a very expensive process, and it might not be economically feasible for search engines to accomplish this without the services offered to the public suffering. Also, it raises concerns about free speech under the First Amendment. Where should the line be drawn between the public having full access to as much information as possible and protecting an individual’s private rights? A French Court will decide where this balance lies on October 12.[3]

This ruling might not be on U.S. soil, but it raises many concerns that could have worldwide implications. If Syria does not like all the negative press it is receiving, should it be able to force Google to remove the articles from its database? Should only individuals have the ability to make such a request? Should the First Amendment right to freedom of speech trump all requests for personal information to be removed? The answer is not known, but we as Americans need to be aware of these concerns to make sure the right balance is struck.