My Comment to the UK Government on Its Proposal to Ban “Bespoke,” “Sophisticated” Encrypted Phones
By Riana Pfefferkorn on February 23, 2023 at 5:01 pm
By Riana Pfefferkorn on February 23, 2023 at 5:01 pm
By Riana Pfefferkorn on December 14, 2022 at 6:41 pm
By Riana Pfefferkorn on November 30, 2022 at 3:33 pm
I'm pleased to announce that my latest law journal article has just been published in the new issue of the Richmond Journal of Law and Technology: Shooting the Messenger: Remediation of Disclosed Vulnerabilities as CFAA “Loss." The article reviews post-Van Buren Computer Fraud and Abuse Act cases to determine whether lower courts have followed the Van Buren Court's dicta that "loss" under the CFAA shou Read more about New law journal article on the Computer Fraud and Abuse Act
By Richard Forno on November 28, 2022 at 3:26 pm
As a cybersecurity professional, I see plenty of risks that worry me as Twitter becomes a private company – but one in particular stands out more than any other.
Specifically, I believe Twitter under Musk is facing serious and pervasive questions of trust across a wide range of issues.
By Barbara van Schewick on November 23, 2022 at 12:05 am
Europe’s top telecom regulator dealt a strong blow to Europe’s biggest telecoms in a report released in October, finding “no evidence” to justify the proposal from large broadband companies like Deutsche Telekom and Orange to force websites and apps to pay them. Read more about EU’s Top Telecom Regulator: Big Telecoms’ Proposal to Force Websites to Pay Them Puts the Internet at Risk
By Daphne Keller on September 19, 2022 at 3:49 pm
The examples also illustrate what I think is a very real risk: that state enforcers may abuse transparency laws, using them to reshape platforms’ actual policies. I think it should be possible to mitigate this risk. But we can only do so if we recognize it. Read more about State Abuse of Transparency Laws and How to Stop It
By Richard Forno on September 1, 2022 at 5:45 am
Richard Forno, University of Maryland, Baltimore County Read more about Did Twitter ignore basic security measures? Let's see.
By Barbara van Schewick on June 15, 2022 at 12:05 am
On Wednesday, European top telecom regulator BEREC, which consists of the national telecom regulators from across the EU, published its revised net neutrality guidelines. The guidelines now prohibit broadband providers’ zero-rating offers that benefit select apps or categories of apps, whether they do so for free or require apps to pay to be included. Read more about European Regulators Just Stopped Facebook, Google and Big Telecoms’ Net Neutrality Violations
By Chuck Cosson on June 4, 2022 at 5:25 pm
I discuss here two illustrative cases of paradoxical puzzles in cybersecurity:
1) To reduce failures, aim at having some failures;
2) To get better international cybersecurity, have fewer rules and limit prosecutorial-type enforcement.
First, to reduce failures, don't aim at a state where there are no failures. More sophisticated approaches to cybersecurity embrace paradox (or, if you will, irony). One salient example is the concept of “zero trust,” where, in effect, cybersecurity never sleeps. Additionally, a state of perfect security would breed complacency. Preferable to have imperfect security, where skirmishes lead to vigilance, and modest occurrences of failure cultivate determination.
Second, while rules and enforcement are important parts of any cybersecurity program, in dealing with nation-state actors who may not be subject to U.S. domestic law enforcement (akin to dealing with quantum particles that do not observe Newtonian laws of physics), it's often preferable to aim at somewhat ambiguous principles which enjoy broad consensus than to aim at rules and enforcement. Read more about Tool Without A Handle: Cybersecurity Paradoxes
By Barbara van Schewick on May 30, 2022 at 12:09 am
The E.U.’s top telecom regulator BEREC is set to issue new net neutrality rules, after the European Court of Justice found that discriminatory zero-rating plans such as T-Mobile’s StreamOn and Vodafone’s Pass violate Europe’s net neutrality law. Read more about Facebook, Google & Big Telecoms Want to Keep Violating Net Neutrality in Europe. Regulators Should Stop Them.