Blog Post

MIT’s Nightmare Machine: A Real Life Halloween Thriller

Caitlin Holland

The laws in the United States are still adapting to rapidly evolving technological advancements. The intense growth in the field of Artificial Intelligence begs the question: will the law be able to regulate the advancements of these computers? Can we control them? These sound like the questions posed by a science fiction movie, but they are becoming more real and intense. Familiar tech companies like Amazon, Google, and Facebook are all working to advance Artificial Intelligence.

In a little over ten years, experiments in Artificial Intelligence has yielded self-driving cars, speech recognition technology, and advanced, albeit flawed, facial recognition software. The more advanced the Technology gets, it raises more legal issues left to be addressed. Last year, a report was published on Cornell University’s arXiv which introduced new algorithms made in order to teach computers a characteristically human process, creating art.

This Halloween, researchers at the Massachusetts Institute of Technology have shared a scary new experiment, a so-called ‘Nightmare Machine.’ The Nightmare Machine transforms familiar faces, landmarks, and scenes into different dark and distorted versions of themselves. The project builds on last year’s “deep learning” algorithm introduced on arXiv, with “Deep Neural Networks” that “create artistic images of high perceptual quality.” The Deep Neural Networks “offer a path forward to an algorithmic understanding of how humans create and perceive artistic imagery.”

The Nightmare Machine website asks viewers to vote on which image they find the scariest. The purpose of the experiment is simple and chilling, the researchers are teaching an algorithm to “learn scariness.” The researchers write that “creating a visceral emotion such [as] fear remains one of the cornerstones of creativity.” The question posed by the researchers conducting this experiment at MIT ask, what are the limits of Artificial intelligence? And ultimately: Can artificial intelligence learn to scare us?
Fear is an element of a number of legal claims. assault, intentional or negligent infliction of emotional distress, wrongful death suits for heart attacks induced by fear. Will a person be able to sue for fear brought about by Artificial Intelligence? Will there be more issues of privacy brought about by this technology? Like any good thriller, some things remain a mystery.

FCC Passes New Online Privacy Rules

Samantha Cirillo

On Thursday October 27th, federal officials delivered a ruling that was a major win for online consumer privacy. The Federal Communications Commission (FCC) issued new rules that require internet providers to receive explicit consent from consumers before using their browsing data. Before the new rules, internet providers were able to access consumers’ data including: internet history, app usage, mobile location data, financial information, content from emails, and health data. They would they sell the data to advertisers without the consumer’s permission. The new rules require internet providers to inform customers on what data they are collecting and also alert them of any data breaches.

Although these rules are a huge win for online privacy, there has been serious push back from Republican FCC officials and major businesses like AT&T, Verizon, and Comcast. The main reason internet providers want to collect consumers’ information is for targeted advertising. Because the rules only apply to internet providers, arguments have been made that the ruling provides an unfair advantage to companies such as Google and Facebook that still able to make large profits off selling consumer information. Republican FCC officials argue that the regulation should be uniform and should apply to all companies on the web.

FCC Chairman, Tom Wheeler has responded to these arguments by stating that ultimately “It is the consumer’s’ information. How it is used should be the consumer’s choice”. He has also repeatedly stated that he declines to extend the new rules to individual websites such as, Google and Facebook.

Brian Fung and Craig Timberg, The FCC just passed sweeping new rules to protect your online privacy, T?? W????????? P??? (Oct. 27, 2016), https://www.washingtonpost.com/news/the-switch/wp/2016/10/27/the-fcc-just-passed-sweeping-new-rules-to-protect-your-online-privacy/

Helpful Hints for Lawyers Regarding Social Media

Lishayne King

With the advent of technological advances, many are beginning to wonder if “privacy” still remains. The most intimate details of a person’s life may now become public at the click of a button or with the snap of a picture. One platform that illuminates the questionable privacy of our daily lives is social media. It is not only tempting, but highly rewarding and gratifying for many to watch their “likes” increase and the number of “comments” on their posts multiply. These instant gratifications fail to warn us of their legal danger and consequences, however, and likelihood for decreasing the chances of success in the courtroom. Against this backdrop of increasing concern, it is important for legal practitioners to be aware of and prepared to resolve the ill effects of social media for their clients.

One lawyer recounted the tale of a client, who at first, appeared to have a strong case for wrongful termination against a previous employer. It was not until the courtroom that this lawyer became aware of the mistakes made by his client on social media. His client had claimed and provided sufficient evidence demonstrating that her former employer’s abusive practices significantly impacted her mental health. Upon further questioning by the opposing counsel, it was revealed that a Facebook post from this client detailed a weekend trip to a Caribbean resort all while this client “was suffering from generalized anxiety disorder, post-traumatic stress syndrome and depression.” This post, along with additional information this client failed to relay to her lawyer, served to transform a relatively strong case to a weak one.

In another case, a concrete company was sued for the wrongful death of the plaintiff’s wife after the truck rolled onto her car. The company’s discovery request included the production of the information on the plaintiff’s Facebook account. Before delivering the information on the plaintiff’s account, his attorney instructed him to remove 16 photos. After examination of the plaintiff’s IP address, it was determined that 16 photos were removed, contrary to the statements made by the plaintiff and his lawyer. In the end, the plaintiff’s lawyer was required to pay over $500,000 in reasonable expenses and attorneys fees to the defendants, for violations which included “fraudulent[ly] signed discovery responses” and dishonesty by the plaintiff’s attorney “regarding the cause of the omission.” If that was not enough, the plaintiff was instructed to pay $180,000 for following the instructions of his attorney, and the $8.6 million verdict was reduced by over $4 million due to “inappropriate conduct.”

So what are the main takeaways? It is imperative that legal practitioners do the following:

  1. Although the conversation may seem intrusive and/or uncomfortable, ask your client whether or not he/she has posted information to his/her social media account that could be relevant to your claim. Emphasize the importance of disclosing this information earlier, rather than later.
  2. Do not, by any means, instruct your client to remove information from his/her social media account after the information has been obtained through discovery. However unpleasant and problematic the information may be, it will be better for both yourself and your client if you remain honest and work to deal with problems that may arise from the distasteful information, rather than pretending that the information never existed.
  3. Remember your Model Rules of Professional Conduct. Be honest with your client – if the information on his/her social media account presents problems, discuss them with your client. Work through strategies and solutions for dealing with the problematic content. Both you and your client will be better for it.

Sources:

Kurt Olson, The Verdict Is In: Social Media Can Cause Legal Catastrophes, Law Practice Today (Feb. 2013), http://www.americanbar.org/content/newsletter/publications/law_practice_today_home/lpt-archives/february13/the-verdict-is-in.html

Antigone Peyton and Ernest Svenson, Social Media for Litigators, Law Practice Today (June 2012), http://www.americanbar.org/publications/law_practice_today_home/law_practice_today_archive/june12/social-media-for-litigators.html

Laches Defense in Patent Cases

Justin Farooq

More than 30 companies, including Google, Intel Corp. and Visa, have filed amicus briefs urging the Supreme Court to end laches as a defense in patent cases.[1]  The case in question is SCA Hygiene Products AB et al. v. First Quality Baby Products LLC et al.  SCA argues that “because Section 286 of the Patent Act of 1952 sets a six-year statute of limitations for patent infringement claims, First Quality Baby Products LLC is wrong to claim that laches, which bars legal remedies when a plaintiff is found to have unreasonably delayed bringing a suit, can be utilized in the instant case.”[2]  This matter was settled regarding copyright in 2014 by Petrella v. Metro-Goldwyn-Mayer Inc. et al.[3]  The Supreme Court held there that laches cannot be used as a defense in copyright cases.[4]  The justices reasoned in Petrella that since Congress established that window, laches may not be used to bar claims filed within that period.  SCA argues that, since Section 286 of the Patent Act of 1952 contains a similar time limits provision, laches should also not be used in patent matters.[5]

First Quality Baby Products argues that Congress’ intent was different in enacting the Copyright Act and Patent Act, and further they argue that while copyright plaintiffs must establish that the alleged infringer copied the plaintiff’s work, patents can be infringed without the infringer’s realization.[6]  Most courts have upheld laches as a defense in patent cases but not copyright cases.[7]  It is now time for the Supreme Court to decide this issue once and for all.    

 

[1] Kevin Penton, Supreme Court Urged To End Laches Defense In Patent Cases, Law 360, https://www.law360.com/ip/articles/852823/supreme-court-urged-to-end-laches-defense-in-patent-cases (October 19, 2016, 4:13 PM).

[2] Id.  See also, 35 U.S.C.A. § 286.

[3] See Petrella v. Metro-Goldwyn-Mayer, Inc., 134 S. Ct. 1962, 1970 (2014).

[4] Id.

[5] Penton, supra note 1.

[6] Id.

[7] Bill Donahue, High Court Gives ‘Raging Bull’ Copyright Suit 1 More Round, Law 360, http://www.law360.com/articles/538794/ (May 19, 2014, 10:17 AM).

Tiny Robots to Combat Climate Change

Cecilia Santostefano

With climate change a dividing issue in the recent presidential election, biomimicry has received a large amount of media attention. Biomimicry studies and then translates nature into human strategy.[1] There are many designs that exist today to monitor how an ecosystem is operating, so that man-made technology may mirror and improve that given environment.

Eighteen years ago, Dr. Helmuth developed robotic mussels to place among the living mussels nearby. When asked about his tiny robots Dr. Helmuth replied, “you won’t know where to look if you only look from the point of view of a human.”[2] The mussels contain thermometers and data loggers that collect temperatures as the mussels experience them – whether it be from the sun shining or the wind blowing above.[3] The thermometers are then able to detect and document how the animals nearby are reacting to the changing climate.[4]

By placing these mussels in various “hot spots” and not just the locations predicted to be affected by global warming, Dr. Helmuth’s tiny robots have directly rebutted the widely adopted theory that only animals and plants living at the edges of a habitat will be most affected by rising temperatures.[5] As of today, it appears to be another example of how biomimicry is being used to combat climate change.

 

[1] The Biomimicry Institute, Message to COP21 leaders: Need solutions? Ask nature., Biomimicry Institute, (Dec. 1, 2015), https://biomimicry.org/message-to-cop21-leaders/#.WAZkqDKZNao.

[2] Tatiana Schlossberg, Robotic Mussels Track Rising Temperatures for Climate Research, NY Times, (Oct. 17, 2016), http://www.nytimes.com/2016/10/18/science/robotic-mussels-climate-change.html?rref=collection%2Fsectioncollection%2Fscience&action=click&contentCollection=science&region=rank&module=package&version=highlights&contentPlacement=2&pgtype=sectionfront&_r=0.

[3] Schlossberg, supra note 2.

[4] Id.

[5] Id.

Smarthome Devices Used in Cyber Attack

Caitlin Holland

On Friday, October 22nd, Twitter, Spotify, Reddit, and other companies that use the company called Dyn to direct users to its website were offline. Security analysts concluded that hackers used internet-connected home devices to attack the Dyn company. Dyn is an DNS service, “a crucial part of web infrastructure” that acts as an “internet phonebook” which directs internet users to certain websites.

Millions of internet addresses were subject to the attack. Security analysts say that the internet connected home devices, such as CCTV, web-cams, and printers, that come with easy-to-guess and unchangeable usernames and passwords created a massive vulnerability for the “Internet of Things” devices. Websites hosting a variety of different services that do not use Dyn were also affected by the attack including BBC News and Amazon Web Services.

The notable part of this attack, aside from it’s scale, is that it denotes a change in tactic and strategy of online attackers and hacker, not a single website but a huge internet service provider. Further, the hackers were not targeting personal computers or servers, they were targeting household products that one would not normally think would be subjected to hacking.
This attack has shocked the cyber world and showcased just how fragile and vulnerable the internet infrastructure is. To put it short, as the head of security for Salesforce tweeted, “[i]n a relatively short time we’ve taken a system built to resist destruction by nuclear weapons and made it vulnerable to toasters.”

Brexit Impact on EU Safe Harbor Agreements

Christopher W. Folk

In the referendum on June 23 with voter turnout exceeding 70%, voters in the UK decided 52% to 48% to leave the European Union.  The exit of the UK from the EU has been coined Brexit (Britain and exit).  Under the EU, a member may exit subject to Article 50 of the Lisbon Treaty which gives the UK and the EU two years to negotiate the terms of the UK’s exit.[i]

Data Protection and Brexit

Throughout the near-term and until the UK effectuates its exit from the EU, the UK will continue to operate under existing EU laws and the new General Data Protection Regulation (“GPDR”) with mandatory compliance by June 2018 will shape the way that UK firms handle personal data.[ii]  Consequently, it is anticipated that UK firms will be required to implement the GPDR policies concerning the protection of data for EU citizens.  This is echoed by the new Information Commissioner for the UK, Elizabeth Denham.  Denham openly advocates for the UK to move forward with the new GPDR regulations irrespective of the impending Brexit.[iii]  Consequently, in many respects technology firms in the UK have some assurance that the UK will move forward with GPDR, however, there is still some risk.  As Brexit follows closely on the heels of the European Court of Justice’s ruling that the EU/US safe-harbor agreement was invalid due to in large part to the lack of data privacy protections for EU citizens.[iv]  Which is interesting to note since Britain and Ireland were both largely supportive of the Safe Harbor agreement; whereas France and Germany had been pushing for more stringent privacy controls to safeguard their citizens’ data.[v]  Consequently, it would seem that while the replacement for Safe Harbor is being negotiated the UK will likely have a very keen interest in both the direction as well as the outcome since it often finds itself closely aligned with its ally across the Atlantic.

General Data Protection Regulation

The GPDR changes a number of things, the highlights are as follows: Personal data is expanded to include IP addresses and online identifiers and companies must have explicit consent to use this data.  Furthermore, citizens will be more readily able to ascertain which companies are storing their data, and how their data is being used.  GPDR also introduces the concept of data portability which allows a person to migrate their data between and amongst companies.  This also includes a duty for companies to advise when personal data is exposed (hacked) and upon request, personal data must be deleted.  Along with duties comes liability and companies that suffer data breaches can face fines of up to €20 million.[vi]

EU-US Privacy Shield

Following the ruling against the existing safe harbor agreement, the US and EU put together what is being termed as the Privacy Shield.  Under the Privacy Shield proposed framework, any US company that receives personal data from the EU must choose from one of the following cross-border transfer mechanisms: (1) typical contractual clauses, (2) binding corporate rules (e.g. intercompany/affiliate data transfers), or (3) the Privacy Shield framework.[vii]  Similarly, any EU company that transfers data to a US company must ensure that one of the three aforementioned schemes are utilized prior to a data transfer.  Any transfers conducted outside these mechanisms would be deemed illegal.  The Privacy Shield itself has several critical elements:

  • Contractual requirements for onward transfers of personal data to third parties: companies that transfer personal data to any third party must have specific contract provisions mandating that safeguards continue to persist for personal data even after the transfer and that the transferor retains control over the third parties use of the personal data;
  • Right to Modify Personal Data: the data owner has a persistent right to correct, amend, or delete inaccurate personal data or personal data that has been accessed in an unauthorized manner; further companies may not charge excessive fees when a user exercises their rights within this;
  • Persistent Contractual Obligations: under this, any downstream party (e.g. recipient) of data must adhere to all of the principles and rights afforded a person with respect to their personal data;
  • Opt-Out Rights: where personal data is either disclosed to a third party or when the data’s use is for a materially different purpose than the original agreement, the subject has an option to opt-out (to include modifying use for direct marketing purposes);
  • Dispute Resolution: there are a very specific set of steps and avenues for redress that may be pursued when a citizen asserts that a violation of the Privacy Shield has occurred;
  • Ongoing Compliance Monitoring: the US Dept. of Commerce is tasked with continuous monitoring to ensure that there is full compliance amongst US companies with the Privacy Shield provisions;
  • Restrictions on Bulk Collection: this was one of the leading criticisms of the EU-US Safe Harbor agreement following the revelations by Edward Snowden. Within this, bulk collection is expressly forbidden except in cases where selective collection is impractical and even in those outliers, minimization procedures must be effected to ensure that access to data is for specific purposes only;
  • Establishment of a Privacy Shield Ombudsman: this role will be filled by a person designated by the Secretary of State and will utilize additional State Department personnel as needed to ensure that this role is carried out in the absence of any influence or involvement by the Intelligence Community;
  • Annual Periodic Reporting and Assessment: data protection authorities from both the EU and US Dept. of Commerce will conduct periodic, annual reviews of the Privacy Shield framework to ensure compliance and to assess and advise of changes that should be implemented.[viii]

What path will the UK take?

Based on the fact that Brexit is going to take a minimum of two years, it seems as though the UK will have no choice but to comply with the GPDR regulations that take effect in 2018.  Having done so, it seems that moving away from those and trying to adopt an agreement such as the Privacy Shield would result in a cost benefit analysis for which the most efficient solution may likely be to merely continue under the GPDR.  However, as the UK continues to assert independence from the concept of the EU, it may need to find and validate a competitive advantage which could potentially be achieved by moving away from the GPDR and into the Privacy Shield framework.  While the negotiations are just entering their nascent stage, it will be important for EU and UK privacy interests that the terms of the GPDR or a Privacy Shield like agreement be fully ironed out.  Once outside the UK for example, the Data Protection Act would no longer denote the UK as a “safe” destination for data since the UK would be external to the European Economic Area.  Thus, either the negotiations under which the UK leaves the EU will have to include some of these provisions or the UK could be folded into or create its own Privacy Shield framework within which it could continue to operate.[ix]

Conclusion

Irrespective of the approach that the UK takes; it seems clear that data protection is going to be a topic of interest during the negotiations and citizens and companies will have a vested interest in the outcome.  Depending on how this moves and on what is implemented, companies in the UK may be merely on a level playing field with EU companies or they may be able to bargain for a comparatively better position which affords UK companies the ability to differentiate themselves either from a cost or a services perspective.  Meanwhile, the UK’s slow shift towards some of the US philosophies and their support for the previous Safe Harbor agreement may indicate that the UK is interested in adopting or becoming a partner in the new Privacy Shield agreement.  The last thing the UK wants is a competitive disadvantage and depending upon how they position themselves and on what other options are “on the table” will ultimately decide which way the UK chooses to move forward.

 

[i] Brian Wheeler and Alex Hunt, Brexit: All you need to know about the UK leaving the EU, BBCNews, available at http://www.bbc.com/news/uk-politics-32810887 (Oct. 3, 2016) (The two-year time period begins once Article 50 is invoked and negotiations start).

[ii] Nick Heath, Brexit: 5 Ways the UK leaving the EU will affect tech firms, TechRepublic, available at http://www.techrepublic.com/article/brexit-5-ways-the-uk-leaving-the-eu-will-affect-tech-firmsect-tech-firms/ (Jun 24, 2016).

[iii] Adrian O’Connell, Information Commissioner calls for post-Brexit Britain to implement EU data rules, Irish Legal News, available at http://www.irishlegal.com/5462/information-commissioner-calls-for-post-brexit-britain-to-implement-eu-data-rules/ (Oct. 3, 2016).

[iv] Mark Scott, Data Transfer Pact Between U.S. and Europe Is Ruled Invalid, The New York Times, available at http://www.nytimes.com/2015/10/07/technology/european-union-us-data-collection.html?_r=0 (Oct. 6, 2015).

[v] Id.

[vi] Joe Curtis, EU Passes GPDR laws that require companies to drastically improve their data privacy policies, ITPro, available at http://www.itpro.co.uk/data-protection/26365/your-business-must-prepare-today-for-2018-eu-data-protection-laws (Apr., 15, 2016).

[vii] Chanley T. Howell, et al., Safe Harbor Replacement EU-US Privacy Shield Approved, The National Law Review, available at http://www.natlawreview.com/article/safe-harbor-replacement-eu-us-privacy-shield-approved (Jul., 12, 2016).

[viii] Id.

[ix] Toni Vitale, Brexit and Data Protection – Q&A, Lexology, available at http://www.lexology.com/library/detail.aspx?g=45fa1c0a-54c4-465e-a752-c27a80a6736a (Jun., 30, 2016).

October FDA Update – Approval of Cancer Drug, Lartruvo

William Salage

On October 19, 2016, the US Food and Drug Administration (FDA) approved a new drug, Lartruvo (olaratumab), to treat adults with certain soft tissue sarcomas (STS). Specifically, cancers that develop in muscles, fat, tendons or other soft tissues. Lartruvo is approved alongside the already approved drug doxorubicin for the treatment of patients with STS who cannot be cured with radiation or surgery and who have a type of STS for which an anthracycline (chemotherapy) is an appropriate treatment.

Lartruvo’s approval marks the first time the FDA has approved an initial treatment of STS in over 40 years. The National Cancer Institute estimates that 12,310 new cases of STS and nearly 5,000 deaths are likely to occur from the disease in 2016. The most common treatment for STS that cannot be removed by surgery is treatment with doxorubicin alone or with other drugs. STS includes a wide variety of tumors arising in the muscle, fat, blood vessels, nerves, tendons or the lining of the joints.

The FDA is approving Lartruvo under the agency’s accelerated approval program, which allows approval of a drug to treat a serious or life-threatening disease or condition based on clinical data showing the drug influences a surrogate endpoint that is reasonably likely to predict clinical benefit. Lartruvo also received orphan drug designation, which provides incentives such as tax credits, user fee waivers and eligibility for exclusivity to assist and encourage the development of drugs intended to treat rare diseases

Under Pressure: Samsung Now Officially Terminates the Flagship “Boom 7”

Xiang Qi

On Tuesday, Samsung finally killed it flagship cellphone “Galaxy Note 7” after numerous reports of phone explosion in the United States and worldwide. Starting from August, Galaxy Note 7 has spontaneously exploded during normal usage by customers. Initially, Samsung concluded that the defect was caused by faulty batteries from one of its suppliers. After Samsung issued recall of the problematic devices in September, it continued to ship new Galaxy Note 7s with batteries from a different supplier. However, some of the replacement phones continued to explode as Samsung’s technicians were unable to identify the problem.

Samsung finally pulled Note 7 out of its product line after the company suffered a disastrous stock slump, potentially causing more financial losses to the company as well as it shareholders. Note 7, now commonly referred by consumers as Boom 7, came to the market bearing hope that it will surpass iphone by winning more consumers from its archrival. Market analysts pointed out that the top-down, militaristic approach most Korean “Chaebols” operate also contributed to this time’s Boom 7 fiasco as people at the top has no idea how product technology worked.

It was an unusual and bold move for Samsung to end production of its flagship cellphone. However, this move is helpful in the long run as it tends to help rebuild consumer trust in Samsung’s products. It remains to be seen whether the growing consumer distrust in Samsung will spread to the rest of its product line as it seems that Samsung’s technicians still do not know where the problem is with Boom 7.

Potential Ninth Planet in Our Solar System

Lindsey Marie Round

Ten years ago, the world received shocking news that Pluto is not a full planet, but rather a dwarf planet.[1] In fact, scientists determined that there is not just one dwarf planet, Pluto, but there are multiple of these smaller planets in our solar system.[2] For all of those who grew up being taught in school that there were nine major planets, this scientific discovery was major news. However, the idea that there are eight major planets may be change once again. Professor Michael Brown at California Institute of Technology has proposed reasoning for why the plane of planet orbitals is slightly tilted. [3] Professor Brown has discovered evidence that there may be a huge planet, about the size of Neptune, located beyond Neptune orbiting the sun.[4] Since this planet is located beyond Neptune it would have the power to tilt the rest of the planets.[5] Professor Brown believes that scientists will be able to learn more about this possible ninth planet within the upcoming year.[6] So for now, there are eight major planets, but that could change in the near future, except this time the ninth planet will not be Pluto.

 

[1] Jorge Salazar, This Date in Science: Pluto Gets a Demotion, EarthSky (Aug. 24, 2006), http://earthsky.org/space/this-date-in-science-pluto-demoted-to-dwarf-planet-status.

[2] Id.

[3] Nicholas St. Fleur, If Planet Nine is Out There, It Tilts Our Solar System, N.Y. Times (Oct. 20, 2016), http://www.nytimes.com/2016/10/21/science/planet-nine.html.

[4] Id.

[5] Id.

[6] Id.