Blog

To Code, Nudge, Or Notice, That Is The Question

I wrote a new essay entitled “Code, Nudge, or Notice?” that might interest CIS readers.  The essay compares side-by-side three ways that the government tries to influence citizen behavior short of making it illegal.  It uses contemporary examples, like the graphic warnings the FDA wants to put on cigarettes, to make the point that it sometimes hard to sort regulations into neat categories like “architecture,” “libertarian paternalism,” or “mandatory disclosure” (code, nudge, or notice).  Instead, I argue that regulators should focus on the more fundamental difference between helping people and hindering them.   Along the way, I make the point that all of forensics may be a kind of “code” that turns an ordinary location into a crime scene—sort of like putting a traffic camera up at an intersection only after someone runs the red light.  Thoughts warmly welcome.  Here is the abstract:

Trolls and Tribulations

Patent trolls — companies that assert patents as a business model instead of creating products — have been in the news lately. This is hardly surprising, given that troll lawsuits now make up the majority of new patent cases. And the litigation is only the tip of the iceberg: patent trolls send out hundreds of demand letters for each suit filed in court. At the Electronic Frontier Foundation, we have been following this issue closely and are working hard to bring reform to fix the patent mess.

Have You Committed the Crime of Outsmarting?

The Hacker Manifesto lauds the world of the electron and the switch, where the talented are treated equally and the values of curiosity and exploration reign supreme. Yet studying computers, network security, and programming flaws can be a crime or civil offense. Just two examples: In Sony v. Hotz (2011), a case that eventually settled, Sony claimed that researchers who studied the way their own game consoles worked violated the CFAA.

Thoughts on Orin Kerr's CFAA Reform Proposals: A Great Second Step

Law professor and cybercrime expert Orin Kerr published a proposal to amend the Computer Fraud and Abuse Act (CFAA) to address the overcriminalization that he has been at the forefront of identifying and combatting. His current proposal, which very simply but comprehensively addresses a number of problems with the CFAA, is here.

By focusing purely on whether the service operator implements technological access barriers, the proposal risks a similar problem to the one that the current statute has, giving server owners plenary authority to criminalize the way members of the public interact with information made available online, but through “technological access barriers” rather than merely terms of service and employee agreements.

With the CFAA, Law and Justice Are Not The Same: A Response to Orin Kerr

Law Professor and Computer Fraud and Abuse Act expert Orin Kerr wrote today in his usual thorough and well-informed fashion about the legal claims in Aaron Swartz's case.  While his analysis of the law is, as usual, spot on, I nevertheless disagree with its treatment of Aaron's case as routine and, by implication, unremarkable.  I am in the process of explaining why , but want to address here a few of Orin's arguments. 

Towards Learning from Losing Aaron Swartz

Over the weekend, I learned that Aaron Swartz had taken his own life. I cried, and am still crying, for him, his family, for the close friends who loved him, and for our community. We lost a rare and special person, one who did so much in his short life to make the world a better place. Any do-gooder, including myself, could be proud were we to accomplish as much. We don't know what else he would have acheived were he to have lived. But I admit that I also cried for myself, because I felt guilty that I didn't do more to help Aaron in his criminal case. This post is about part of that challenge, the challenge to improve computer crime laws, and the criminal justice system more generally. Hopefully in the end, there'll be something that I, and you, can do about it.

Pages

Subscribe to Stanford CIS Blog