Blog Post

Brittany Charles

On September 8, 2016, Alphabet, a Google parent, announced a partnership with Chipotle to launch a burrito delivery system at Virginia Tech utilizing—autonomous drones[1]. The FAA has approved the program, but before students begin lining up by the dozens to get their Tex-Mex fix, there are some limitations[2]. First, drones are not allowed to fly over students, therefore, the university has designated a select kiosk where individuals order and wait for their burritos[3]. Secondly, because the drones aren’t allowed to fly over students, only select individuals will be initially capable of ordering burritos via drone[4]. The reality of burrito-bearing drones at the hands of our fingertips is one that is only available to a select few and will come with a variety of issues that may make the technology more infuriating than enticing.

So what’s the issue that no one seems to be talking about? Well, we know that drones aren’t allowed to fly over students—but the privacy of students will inevitably be affected by this technology. The FAA currently prohibits individuals flying for hobby or recreation from flying below 400 ft., near groups of people, or over stadiums or sports events[5]. However, the rules in regards to drones for commercial usage are becoming more lenient to increase innovation[6]. The result? An increasingly complex environment where the government, corporations and universities will have to address the benefits of burritos over student’s privacy. So while we can take a moment to bask in the glory of drone armies bringing Chipotle to hungry boys and girls across our college campuses, we must do so with reservation. With power comes responsibility and who is responsible for student’s privacy?

[1] Matt McFarland, Google drones will deliver Chipotle burritos at Virginia Tech, CNN (Sept. 8, 2016), http://money.cnn.com/2016/09/08/technology/google-drone-chipotle-burrito/.

[2] Kate Cox, Google Will Actually Deliver Burritos By Drone To Some Lucky College Kids, CONSUMERIST (Sept. 8 2016), https://consumerist.com/2016/09/08/google-will-actually-deliver-burritos-by-drone-to-some-lucky-college-kids/.

[3] Matt McFarland, Google drones will deliver Chipotle burritos at Virginia Tech, CNN (Sept. 8, 2016), http://money.cnn.com/2016/09/08/technology/google-drone-chipotle-burrito/.

[4] Kate Cox, Google Will Actually Deliver Burritos By Drone To Some Lucky College Kids, CONSUMERIST (Sept. 8 2016), https://consumerist.com/2016/09/08/google-will-actually-deliver-burritos-by-drone-to-some-lucky-college-kids/.

[5] Where to Fly, FAA (June 14, 2016 1:23:02 PM EDT), https://www.faa.gov/uas/where_to_fly/.

[6] Nyshka Chandran, FAA’s new drone laws go into effect Monday, allowing US companies to innovate, CNBC (Aug. 29, 2016), http://www.cnbc.com/2016/08/29/faas-new-drone-laws-go-into-effect-monday-allowing-us-companies-to-innovate.html.

By: Audrey Ogurchak

On January 15^th, the United States Supreme Court granted certiorari for the case Cuozzo Speed Technologies v. Lee.[1] This case will require the Supreme Court to address two important questions regarding the inter partes review (IPR) proceedings; (1) is it appropriate for the United States Patent and Trademark Office (USPTO) to use a different claim construction standard than used by the federal district court; and (2) are institution decisions insulated from judicial review.[2]

Inter partes review is a trial proceeding conducted by the Patent Trial and Appeals Board (PTAB) to review the patentability of one or more claims in a patent on the basis of prior art consisting of patents or printed publications.[3] The challenge may only be raised about issues regarding 35 USC §102, the novelty requirement, and 35 USC §103, the non-obviousness requirement.[4] The IPR proceeding was introduced by the America Invents Act, along with post-grant review proceedings, to replace inter partes reexamination .[5] Many patent holders aren’t too fond of the new proceedings, as, since its institution, the PTAB has allowed 80% of the claims challenged in petitions to go to trial, cancelling 95.2% of all claims for which trial was instituted.[6] Federal Circuit Chief Judge Randall Radar coined the term PTAB “death squads,” claiming that the “death squads [kill] property rights.”[7] Commentators believe that part of the reason for the high rates of claim cancellation has to do with the “broadest reasonable interpretation” (BRI) standard applied by the PTAB for claim construction, or claim interpretation.[8] A finding of invalidity is generally more likely when a patent claim is interpreted under the BRI standard from the PTAB than under the narrower Phillips standard applied by the federal district court, giving claims their “ordinary and customary meaning” from the perspective of one of ordinary skill in the art at the time of the invention.[9]

In the case before the Supreme Court this year, Cuozzo Speed Technologies (“Cuozzo”) owns US Patent No. 6,778,074 (‘074 patent) relating to a speed limit indicator and method for displaying the relative speed limit.[10] In 2012, Garmin International, Inc. and Garmin USA, Inc. (“Garmin”) petitioned the USPTO, requesting an IPR with respect to three claims of the ‘074 patent, contending that the claims were obvious under 35 USC §103(a).[11] The PTAB issued a final decision finding the claims to be obvious and denying Cuozzo’s motion to amend the ‘074 patent by substituting granted claims for the now cancelled claims.[12] On appeal, Cuozzo raised the issues that the IPR was improperly instituted by the USPTO because certain prior art was not raised by the petitioner and that the PTAB applied the incorrect standard, the BRI Standard, when evaluating the scope of the claim.[13] The majority explained that regardless of whether the USPTO should have instituted an IPR, the decision couldn’t be reviewed or challenged, even after a completed IPR proceeding.[14] The majority also explained that the BRI standard is appropriate and that Congress intended the BRI standard to be the rule when the America Invents Act was implemented.[15]

This decision is important as it may decide the fate of challenged patents before the PTAB and the possibly future of the PTAB itself. As the institution of the IPR proceedings is intended to circumvent the costly and time consuming patent litigation process of the federal circuit, it seems as though commentators and patent holders are firm in their belief that the Phillips standard should be the prevailing claim construction standard of the PTAB. Further, as the Supreme Court is in the habit of overruling the Federal Circuit in regards to patent cases, it is likely that the Supreme Court will find that the BRI standard is not appropriate.

[1] Gene Quinn, Supreme Court accepts Cuozzo Speed Technologies IPR appeal, IPWatchdog (Jan. 15, 2016), http://www.ipwatchdog.com/2016/01/15/supreme-court-accepts-cuozzo-speed-technologies-ipr-appeal/id=65076/.

 

[2] Quinn, supra note 1.

 

[3] Inter Partes Review, United States Patent and Trademark Office, http://www.uspto.gov/patents-application-process/appealing-patent-decisions/trials/inter-partes-review (last visited Feb. 2, 2015).

 

[4] United States Patent and Trademark Office, supra note 3.

 

[5] Inter Partes Review, Fish Richardson Post Grant, http://fishpostgrant.com/inter-partes-review (last visited Feb. 2, 2015).

 

[6] Rob Sterne & Gene Quinn, PTAB Death Squads: Are All Commercially Viable Patents Invalid?, IPWatchdog (Mar. 24, 2014), http://www.ipwatchdog.com/2014/03/24/ptab-death-squads-are-all-commercially-viable-patents-invalid/id=48642/.

[7] Sterne & Quinn, supra note 6.

 

[8] Clint Conner et al., Federal Circuit Confirms The Use of Broadest Reasonable Interpretation in Inter Partes Review, Dorsey (Jul. 15, 2015) https://www.dorsey.com/newsresources/publications/client-alerts/2015/07/federal-circuit-confirms-the-use-of-broadest-rea__.

 

[9] Conner, supra note 8.

 

[10] In re Cuozzo Speed Technologies, LLC, 792 F.3d 1268, 1271 (Fed. Cir. 2015).

 

[11] Cuozzo, 792 F.3d at 1272.

 

[12] Id.

[13] Cuozzo, 792 F.3d at 1272 – 73.

 

[14] Id. at 1273.

 

[15] Id. at 1279-80.

 

By: Christopher W. Folk

In the eleventh hour of the twelfth month in the year 2015, the Cybersecurity Information Sharing Act (“CISA”) (Pub. Law No. 114-113)[1], was pushed through Congress as part of an omnibus spending bill that was subsequently signed by President Obama.[2] This bill has been hailed by its sponsors as long overdue and an important step in enhancing our nation’s cybersecurity; while privacy advocates have decried this as the government’s further encroachment on privacy rights.[3] CISA 2015 is an expansive and wide-reaching law and consequently, our focus will be limited to the information sharing portion of this law.

In order to understand CISA 2015 it is important to contemplate what the act covers. The sponsors of this legislation, as well as the White House, have indicated that this act is focused on information sharing between private and federal entities, purportedly to enhance the United States’ cybersecurity posture; whereas privacy advocates claim this is merely an expansion of the cyber-surveillance state.[4] CISA 2015 defines cybersecurity threat as “…an action, not protected by the First Amendment …, on or through an information system that may result in an unauthorized effort to adversely impact the security, availability, confidentiality, or integrity of an information system or information that is stored on, processed by, or transiting an information system.”[5] This seems to pretty much cover everything and anything and of particular interest is the fact that the key language “…that may result in an unauthorized effort…” seems to imply that merely taking an action that has the potential to impact an information system is a cybersecurity threat and that no actual harm must occur. The crux of this is about information sharing, thus, if a private entity shares information with a federal entity the bar is set exceedingly low with respect to establishing that there is a possibility that something could be a threat. This shifts the burden of due diligence and consequently information sharing can occur without the entity really examining the issue and the context to see if harm is “likely” to occur. There is a vast expanse between something that is possible and something that is likely. Under these auspices, an entity could share almost anything that had even an infinitesimal chance of causing harm.

The CISA act addresses areas such as authorization for monitoring and identifying cybersecurity threats, the sharing of cybersecurity threats between federal and non-federal entities, as well as protections from liability related to sharing cybersecurity threats. CISA 2015 provides entities with the authorization to monitor information systems, implement defensive cybersecurity measures, and share cyber threat indicators or defensive measures so long as these actions are done under the guise of cybersecurity purposes.[6] With respect to liability limitations and information sharing protections, none of the information shared for cybersecurity purposes will be made generally available to the public and is exempt from among other things, FOIL laws, preventing the disclosure of any of the shared information.[7] While this may have the effect of helping to encourage information sharing it could also have a chilling effect on oversight as an entity can simply claim that information being sought under disclosure mandates is excluded since it relates to “cybersecurity threat information sharing”. Furthermore, section 106 of CISA 2015 directly addresses liability and states that no cause of action can be initiated or continued in any court against any private entity related to (1) monitoring of an information system or, (2) the sharing or receipt of any cyber threat indicator or defensive measure, so long as these actions are done in accordance with CISA 2015 (which of course relates back to the definition applied to cybersecurity threat).[8] As a result of this language, both the Federal Trade Commission (“FTC”) and the Federal Communications Commission (“FCC”) have effectively been de-fanged by this legislation. Now, neither the FTC nor the FCC can pursue private entities who monitor their information systems so long as the entity establishes that they are acting pursuant to cybersecurity purposes.

In some respects CISA 2015 serves to leverage President Obama’s Executive Order 13691 which was designed to promote the creation of information sharing and analysis organizations (ISAOs) in order to encourage the sharing of cybersecurity threat information between the private sector and the government.[9] While this could be viewed as a positive step one can also counter that this encourages the widespread and continued intrusion into our everyday cyber lives. For CISA 2015 does not just encourage information sharing it also severely limits the liability of any entity that shares information. Whether or not that information ultimately ends up containing personally identifiable information (“PII”) or is ultimately not connected to any viable cybersecurity threat. CISA 2015 does require that non-federal entities review information for PII prior to sharing but the threshold is once again exceedingly low. The act allows the entity to either review the information and remove PII that they “know” identifies a specific individual; or in the alternative an entity may develop a technological solution to remove information unrelated to a cybersecurity threat that the entity “knows” at the time of sharing to be personal information.[10] Here knowingly as defined in the model penal code means essentially that the entity must be “practically certain” that their conduct (e.g. the sharing of information) would both (1) not be connected to a cybersecurity threat, and (2) contain information that would identity a specific individual.[11] In addition to the encouragement of sharing, under section 105, cybersecurity threat information is shared with all of the federal entities subject only to such controls as must be unanimously agreed to by the federal entities.[12] Consequently, any information processing is weighed in favor of expediency and against the unintended release of PII, in spite of the potential collateral damage associated with the sharing of PII. Within this same section, CISA lists a range of authorized activities which allow Federal, State, and Local law enforcement to use cyber threat information for investigations covering a wide range of offenses. Essentially allowing the government access to and use of information that would otherwise be protected under the fourth amendment provisions against unreasonable search and seizures as well as the probable cause requirements.[13]

Effectively, the public outcry following the Snowden revelations about widespread cyber-surveillance were overcome as this expansive bill pushed through the House and the Senate and was dutifully signed by President Obama. As though the encouragement and promotion of information sharing did not have enough potential for misuse, this Act goes a step further by declaring that all of this information is exempt from the standard disclosure laws and that entities involved in cybersecurity threat analysis, monitoring, defense, and sharing are exempt from lawsuits. To further ensure that no hurdles exist, the definition of cybersecurity threat adopted in this legislation is overly broad and covers everything unless a first amendment exception can be successfully asserted – which is no small task. In short, the Cybersecurity Information Sharing Act of 2015 seems to stack the deck in favor of entities and against individuals’ privacy rights.

[1] Cybersecurity Information Sharing Act of 2015, Pub. L. 114-113, 129 Stat. 694, 694-744 (2015).

[2] Christopher Harvie & Cynthia J. Larose, Happy New Year – Cybersecurity Information Sharing Act, National Law Review (Jan. 6, 2016), http://www.natlawreview.com/article/happy-new-year-cybersecurity-information-sharing-act.

[3] Jack Detsch, Is the Cybersecurity Act really government spying in disguise?, The Christian Science Monitor (Dec. 23, 2015), http://www.csmonitor.com/World/Passcode/2015/1223/Is-the-Cybersecurity-Act-really-government-spying-in-disguise.

[4] Robyn Greene, Cybersecurity Information Sharing Act of 2015 is Cyber-Surveillance, Not Cybersecurity, Open Technology Institute (Apr. 9, 2015), https://www.newamerica.org/oti/cybersecurity-information-sharing-act-of-2015-is-cyber-surveillance-not-cybersecurity/.

[5] Cybersecurity Information Sharing Act of 2015, supra note 1, at 696.

[6] Id., at 699-700.

[7] Id., at 702.

[8] Cybersecurity Information Sharing Act of 2015, supra note 1, at 709-10.

[9] The White House, Office of the Press Secretary, FACT SHEET: Executive Order Promoting Private Sector Cybersecurity Information Sharing, (Feb 12, 2015), https://m.whitehouse.gov/the-press-office/2015/02/12/fact-sheet-executive-order-promoting-private-sector-cybersecurity-inform.

[10] Cybersecurity Information Sharing Act of 2015, supra note 1, at 701.

[11] Model Penal Code §2.02(2)(b) (Am. Law Inst., 2016).

[12] Cybersecurity Information Sharing Act of 2015, supra note 1, at 695, 703 (Federal Entity includes: Dept. of Commerce, Dept. of Defense, Dept. of Energy, Dept. of Homeland Security, Dept. of Justice, Dept. of the Treasury, and the Office of the Director of National Intelligence).

[13] Greene, supra note 4.

By: William Salage

Public Citizen, a pharmaceutical watchdog group, issued a report warning that Section 2151, also known as the Orphan Procut Extension Now Act [OPEN], a provisions in the 21^st Century Cures Act [CCA] could significantly increase the price of drugs, decrease innovation, and water down the Food and Drug Administration’s [FDA] approval standards.[1] The CCA passed through the House of Representatives in July 2015 with a stated purpose of encouraging biomedical innovation, particularly for those with rare diseases.[2]

However, legislation passed in 1983 called the Orphan Drug Act [ODA], provided powerful incentives to drug developers, such as market exclusivity, tax credits, research grants, waivers of FDA fees, and Priority Review Vouchers, create treatments for “orphan”, rare, diseases.[3] Orphan drugs are therefore drugs which are designated by the FDA to treat a disease which affects less than 200,000 individuals in the United States.[4] The ODA and its current incentives have turned a niche field of pharmaceutical development into a powerhouse, with orphan drugs being estimated to control 19% of the total share of drug prescriptions by 2020.[5]

Section 2151 encourages drug manufacturers to repurpose existing drugs to treat an orphan disease by “providing each manufacturer that wins approval for a new orphan indication on an existing FDA-approved drug with an additional six months of monopoly protections for all indications on that drug.”[6] In other words, Section 2151 encourages drug developers to find orphan indications for successful drugs by allowing a six month extension in patent protection which could equate to billions in profit.

Public Citizen argues that “the current orphan drug approval system is hardly in need of a stimulus”.[7] Rather, the current incentive programs have caused the most activity in orphan drug development in history. The average return on investment for orphan drugs is “nearly double that for non-orphan drugs: $14.90 versus $7.90 for every dollar invested in Phase III trials (human trials) respectively”.[8] Moreover, the high prices are one of the major contributing factors making orphan drugs so lucrative. In 2014 the cost to a patient for a typical drug was $5,153, while the average cost for an orphan drug per patient was $98,534.[9]

Public Citizen argues Section 2151 encourages pharmaceutical companies with patented lucrative drugs to obtain a new indication for that drug to treat a new orphan disease and in return receive 6 months’ additional patent protection.[10] However, the effect of this system is

To increase the costs of both orphan and non-orphan drugs.[11] The six-month extension applies to all indications of the drug, therefore preventing significantly cheaper generic drugs from entering the market. Moreover, such indications can be stacked, which could increase the patent protection for years to come, costing patients close to $4 billion.[12]

Furthermore, to meaningfully advance rare disease research, the pharmaceutical company must focus directly on the disease itself.[13] However, even under the current form of the ODA incentive programs, only 33% of the new orphan indications were newly developed molecules.[14] As such, even under the current incentive regime, pharmaceutical companies are not adequately encouraged to engage in new and innovative research. Section 2151 exasperates this problem. Section 2151 further encourages pharmaceutical companies to reinvest money into discovering a new use for old drugs, rather than investing that same money in new research.[15]

Finally, Section 2151, further deteriorates the FDA’s approval standard for orphan drugs.[16] As part of the ODA, the FDA has a low approval standard for orphan drugs, recognizing there is only a small population to conduct clinical trials on and the need to get some form of treatment out to those suffering from a rare disease. However, many drugs with orphan status, because of federal regulation, do not strictly treat just orphan patients or are used off label. As such, orphan drugs are often used in populations larger than 200,000 patients. Therefore, encouraging further mass development of orphan drugs, for the sake of obtaining orphan status, may lead to a decrease in regulatory scrutiny on the part of the FDA to many of the drugs being sold to the general public.[17]

 

 

[1] Sammy Almashat, Sarah Sorscher & Steven Knievel, House Orphan Drug Proposal: A Windfall for Pharma, False Cure for Patients, Public Citizen, at 1 (Dec. 8, 2015), http://www.citizen.org/ documents/2289.pdf.

 

[2] Sammy Almashat, Sarah Sorscher & Steven Knievel, House Orphan Drug Proposal: A Windfall for Pharma, False Cure for Patients, Public Citizen, at 1 (Dec. 8, 2015), http://www.citizen.org/ documents/2289.pdf.

 

[3] Developing Products for Rare Disease & Conditions, US Food and Drug Administration, (Oct. 19, 2015) http://www. fda.gov/ForIndustry/DevelopingProductsforRareDiseasesConditions/ucm2005525.htm.

 

[4] Id.

 

[5] EvaluatePharma, Orphan Drug Report 2014, (Oct. 2014), http://info.evaluategroup.com /rs/evaluate pharmaltd/images/2014OD.pdf.

 

[6] Sammy Almashat, Sarah Sorscher & Steven Knievel, House Orphan Drug Proposal: A Windfall for Pharma, False Cure for Patients, Public Citizen, at 4 (Dec. 8, 2015), http://www.citizen.org/ documents/2289.pdf.

 

[7] Id. at 8.

 

[8] Id.

 

[9] Almashat, supra note 1.

 

[10] Id. at 4.

 

[11] Id. at 13.

 

[12] Id. at 13.

 

[13] Id. at 6.

 

[14] Id. at 6.

 

[15] Almashat, supra note 1, at 7.

 

[16] Id. at 8.

 

[17] Id. at 10-11.

By: Samantha Dente

The next great frontier in medical advancements is the use of 3D printing. Although the use of 3D printing in medicine is still in its beginning stages, there are already huge implications from its use.

Most recently in September, a cancer patient received a 3D printed titanium sternum and partial rib cage to replace the bones he had lost during cancer treatment.[1] Compared to traditional flat plate implants, which tend to loosen over time and thus require follow up invasive procedures for maintenance or replacement, the success of the surgery marks a breakthrough in the medical community.[2] In addition to the more durable material, another benefit of 3D printed implants is that the implant can be made to resemble the patient’s actual anatomy with the aid of CT scans.[3]

In August, another breakthrough occurred when the FDA approved a 3D printed prescription pill for consumer use to treat epilepsy.[4] The 3D technology allows pills to be made more porous which allows them to dissolve faster and thus act quicker.[5] Before that, in 2013, a two-year-old girl born without a trachea received a 3D printed windpipe built with her own stem cells. [6]

One of the biggest areas of concern is how the use of 3D printing will change research and development (R&D) for medical device manufacturers and pharmaceutical companies.[7] One of the foreseeable functions 3D printing is the ability to print tissues and organs for drug testing, which would in turn eliminate the need for animal testing or synthetic models which are less accurate.[8] Currently, the average R&D cost for a new drug is approximately $4 billion and the failure rate of drugs in clinical trials is 90% due to differing animal and human responses to testing.[9] By lowering the risk of trial failure, this would lead to a reduction of cost and clinical trial failures.

In 2013, the U.S. funded the “Body on a Chip” project, and just this year the first organ chips are coming to market.[10] In an effort to curb the issues with R&D described above, the project encouraged universities to essentially 3D print organs through the following process: prints of sample tissue meant to mimic human organs are placed on a microchip and connected with a blood substitute to keep cells alive. [11] This allows doctors to more accurately test specific treatments and monitor their effectiveness.[12] The military has shown interest in this project in the hopes of one day developing treatments for nuclear and biological incidents and has funded about $39 million into projects at Harvard and MIT.[13]

Although there was concern over FDA roadblocks, it has surprisingly expressed openness to the use 3D printing in R&D.[14]

It has been about thirty years since 3D printing technology was first introduced, and the biotechnology community is finally harnessing its true power and potential.[15] It has been predicted that patients eventually may be able to print their own medicines at home, which would in turn lead to a transition in how medications are prescribed.[16] It may seem like science fiction, but it is a possibility that could become a reality sooner than we think.

 

[1] Kelly Hodgkins, Cancer Patient Undergoes World’s First 3D Printed Sternum Replacement Surgery, Digital Trends (Sep. 11, 2015), http://www.digitaltrends.com/cool-tech/sternum-ribs-3d-print-implant/.

[2] Id.

[3] Id.

[4] Dominic Basulto, Why It Matters That the FDA Just Approved The First 3D Printed Drug, The Washington Post (Aug. 11, 2015), https://www.washingtonpost.com/news/innovations/wp/2015/08/11/why-it-matters-that-the-fda-just-approved-the-first-3d-printed-drug/.

[5] Id.

[6] Zuzanna Fiminska, 3D Printing Set To Revolutionize Pharma, Eye For Pharma (July 15, 2014), http://social.eyeforpharma.com/clinical/3d-printing-set-revolutionize-pharma.

[7] Id.

[8] Id.

[9] Id.

[10] Towards a Body-On-A-Chip, The Economist (Jun 13, 2015), http://www.economist.com/news/science-and-technology/21654013-first-organ-chips-are-coming-market-and-regulators-permitting-will-speed.

[11] Fiminska, supra note 6.

[12] Id.

[13] Towards a Body-On-A-Chip, supra note 10.

[14] Basulto, supra note 4.

[15] Bethany Gross, Evaluation of 3D Printing and Its Potential Impact on Biotechnology and Chemical Sciences, Analytical Chemistry (Jan. 16, 2014), http://pubs.acs.org/doi/pdf/10.1021/ac403397r.

[16] Basulto, supra note 4.

By: Jeffrey Cullen

The recent proposition by Britain’s MI5 Security Service raises the question whether measures to prevent potential terrorist plots are more important than guaranteeing the privacy of citizens’ communication on the Internet. The constant upgrades in technologies have caused difficulty in law enforcement’s ability to identify and eliminate potential terrorist threats. According to MI5’s Chief, Andrew Parker, there have been six attempted terrorist attacks in Britain in the past year, raising Britain’s terrorism threat level to “severe”.[1]

Parker has called for increased surveillance support from United States tech companies.[2] Parker commented these companies have an ethical responsibility to provide more help in monitoring communications that are suspect to be terroristic.[3] “MI5 and others need to be able to navigate the Internet to find terrorist communication, we need to be able to use data sets to be able to join the dots to be able to find and stop the terrorists who mean us harm before they are able to bring plots to fruition.”[4] The rapid change and growth in technology has made navigating and finding communications increasingly difficult.

Some major Internet companies have made encrypted messaging available to their users.[5] Encrypted messaging allows users to communicate with each other without surveillance from the provider of the service. The service provider’s inability to see these communications also means the government is unable to view them. People posing potential threats have been able to exploit encrypted communications, allowing them to hide their plans from authorities.[6] Parker commented, “The way we work these days has changed as technology has advanced. Our success depends on us and our partner agencies having sufficient up-to-date capabilities, used within a clear framework of law against those who threaten this country.”[7] Parker reassured the purpose for the increased surveillance is not to survey citizens’ private lives, but solely to identify terrorist threats.[8] However, this proposal calls into question the extent to which surveillance has already gone and how much further it may go.

Those in opposition to increased surveillance are skeptical due to Edward Snowden’s revelations of the United States and Britain “conducting mass monitoring of communications.”[9] Further, phone and Internet executives voiced their concerns of customers’ trust and the violation of civil liberties.[10] However, Parker emphasized increased surveillance is required. “[I]f we lose that ability, if parts of the radar go dark and terrorists are confident that they are beyond the reach of MI5 and GCHQ, acting with proper legal warrant, then our ability to keep the country safe is also reduced.”[11]

In the United States, the National Security Agency (NSA) has been searching the contents of Americans’ email and text communications to foreigners outside the country without warrants. Officials justify this surveillance in accordance with the 2008 FISA Amendments Act “in which Congress approved eavesdropping on domestic soil without warrants as long as the ‘target’ was a noncitizen abroad.”[12] The intention of this law was to gather intelligence pertaining to foreign organizations. This Act works by gathering all communications sent outside the country. The communications are then sifted through and searched for keywords in order to minimize the number of innocent communications that were flagged. The rest of the communications are deleted.[13] The deputy director of the NSA said they do not target any American’s content without a warrant. However, the rule written approved such surveillance as long as the NSA proves that one of the participants in the communication is outside the United States.[14] With this already open standard, should a treaty be reached between MI5 and United States companies like Google and Facebook to broaden surveillance, how much further will private citizen communications likely be opened?

 

 

[1] Michael Holden, UK MI5 spy chief calls for more powers to counter terror threat, Reuters (Sept. 17, 2015), http://www.reuters.com/article/2015/09/17/britain-security-idUSL5N11N0YB20150917

[2] Ewen MacAskill, MI5 chief calls for more up-to-date surveillance powers, The Guardian (Sept. 17, 2015), http://www.theguardian.com/world/2015/sep/17/mi5-chief-calls-for-more-up-to-date-surveillance-powers

[3] Id.

[4] Id.

[5] Id.

[6] Holden, supra note 1.

[7] Thomas Tamblyn, MI5 Chief Calls for Increased Surveillance Capabilities Ahead of ‘Snoopers Charter’ Bill, The Huffington Post (Sept. 17, 2015), http://www.huffingtonpost.co.uk/2015/09/17/mi5-chief-calls-for-increased-surveillance-capabilities-ahead-of-snoopers-charter-bill_n_8152932.html

[8] Id.

[9] Holden, supra note 1.

[10] MacAskill, supra note 2.

[11] Terrorism, Technology and Accountability, Security Service MI5 (Jan. 8, 2015), https://www.mi5.gov.uk/home/about-us/who-we-are/staff-and-management/director-general/speeches-by-the-director-general/director-generals-speech-on-terrorism-technology-and-accountability.html

[12] Charlie Savage, N.S.A. Said to Search Content of Messages to and From U.S., The New York Times (Aug. 8, 2015), http://www.nytimes.com/2013/08/08/us/broader-sifting-of-data-abroad-is-seen-by-nsa.html?pagewanted=all&_r=1

[13] Id.

[14] Id.

By: Kory Crichton

The United Nations memorialized the freedom of movement, where every human being has “the right to leave any country, including his own, and to return to his country.”[1] 165 years before the Universal Declaration of Human Rights, United States President George Washington emphasized the value of immigration:

“The bosom of America is open to receive not only the Opulent and respectable Stranger, but the oppressed and persecuted of all Nations and Religions; whom we shall welcome to a participation of all our rights and privileges, if by decency and propriety of conduct they appear to merit the enjoyment.”[2] [emphasis added]

Government can establish and enforce a system that welcomes immigrants and benefit from their wealth of experience and expertise, while minimizing the associated risks. How far can a government regulate immigration before (1) encroaching upon the right to freely move, and (2) losing the innovative gains of immigration?

As is evident by the 2016 presidential elections, the merit of an immigrant group is informed by cultural values and biases. Fear and ethnocentrism are dominant values expressed on the campaign trail. These values breed hate, a perverted sense of nationalism, and a false sense of security.

The frontrunners in this election have advocated building walls—a technology of ancient times and a present day symbol of apartheid. On one side of the aisle the leading candidate voted for a discomfiting piece of legislation known as the “Secure Fence Act of 2006.”[3] The Act, amongst other provisions, called for a wall to stretch 700 miles along the Mexican border from California to Texas.[4] The other side of the aisle pledged with bombastic rhetoric: “I will build a great, great wall on our southern border and I will have Mexico pay for that wall. Mark my words.”[5]

Ironically, the United States’ economy is driven by “service industries, where free cross border movement of talent is increasingly important to economic health.”[6] When it comes to immigration, inflaming the passions of jingoism adversely impacts our economic prosperity and national security. Throughout history, addressing challenges with divisive values has favored faddish symbols over human progress.

In addressing the deficiencies of the U.S. Visa System, a state governor compared visas to FedEx: “You go on online and at any moment, FedEx can tell you where that package is. Yet we let people come into this country with visas, and the minute they come in, we lose track of them.”[7] Then, he offered “FedEx founder Fred Smith to come and work for the government to show U.S. Immigration and Customs Enforcement (ICE) how to set up a system for tracking people.“[8] The suggested technology is reminiscent of the movie Eagle Eye, where the government designed a system to track people, which ultimately developed autonomous capabilities to research, study, spy upon, and attempt to kill Shia LaBeouf.[9] Designing a system to track immigrants like they are FedEx packages lends itself to abuse.

Far from these erratic suggestions proposed by petulant voices, there are reasonable proposals that offer practical solutions. In 2014, President Barack Obama issued a memo discussing five necessary steps to update the U.S. Visa System: (1) developing a cross-agency digital services team to improve user experience and adjudicative efficiency, (2) redesigning “systems with an eye towards human perspective and accessibility,” (3) establishing “a communication task force to create clearer, plain-language instructions,” (4) improving “content management”, and (5) creating “an interagency task force to enhance data collection.”[10] In contrast, this suggestion by the President promotes values that do not involve building a wall or tracking devices. Rather, they involve the recognition of the United States as a country founded and built by immigrants.

Our Southern border and the U.S. Visa System are one of many issues plaguing the current immigration process. Apartheid and invasive technologies have no place in our society. The discussion needs to be about humane solutions for resolving the difficulties of the United States’ immigration system.

In 2016, which set of values will you vote for?

 

[1] G.A. Res. 217 (III), art. 13, (Dec. 10, 1948).

[2] George Washington, “Address to the Members of the Volunteer Association of Ireland, December 2, 1783,” in John C. Fitzpatrick (ed.), The Writings of George Washington (Washington DC: Government Printing Office, 1921, vol. XXVI, p. 254.

[3] H.R. 6061, 109^th Cong. (2006) (where Hillary Clinton voted “Yea,” the bill ultimately passed in the Senate, and construction of the wall has already taken place).

[4] The Secure Fence Act of 2006, Pub. L. 109-367, 120 Stat. 2638 (Oct. 26, 2006).

[5] Donald Trump, Donald Trump Presidential Announcement Full Speech 6/16/15, YouTube (June 16, 2015), https://www.youtube.com/watch?v=0XXcPl4T55I.

[6] Kenneth J. Harder, Immigration Law, 74 Tex. B.J. 34, 35 (2011).

[7] Raul A. Reyes, Christie’s laughable FedEx solution on immigration, CNN, (Aug. 31, 2015), http://www.cnn.com/2015/08/31/opinions/reyes-chris-christie/.

[8] Id.

[9] Eagle Eye (DreamWorks Pictures 2008).

[10] The White House, Office of the Press Secretary, Modernizing & Streamlining Our Immigration System for the 21^st Century, (July 15, 2015), at 5.

By: Jonathan Ziarko 

“Life is short. Have an affair,” – the now infamous tagline of Ashleymadison.com. This summer the website was subject to one of the largest data breaches yet. Ashley Madison is a website owned by Avid Life Media, and it provides an online dating service for people who are already in a relationship. [1]

The hack, perpetrated by “The Impact Team,” a group of hackers who are taking credit for this massive data breach, is just one in a long line of data breaches of websites and companies.[2] In late August the hackers released the data of 33 million website users including their user names, real life addresses, phone numbers, passwords, email addresses, and potential credit card information.[3] Around 15,000 of the email addresses in the data file have been linked to the U.S. military or government addresses.[4] Access to the data could have a real impact on the people who are linked to the accounts. There is a serious possibility that the information leaked could be used to blackmail people who do not want their membership to such a website revealed. In fact, simply being on the list could put marriages in jeopardy.[5] The revealed information has already been linked to two suicides in Canada.[6]

So far there have been four class action suits brought against Avid Life Media, including one originating in Canada.[7] Avid Life Media is facing damages up to around $578 million from the Canadian lawsuit alone. [8] The lawsuits originating in the U.S. have yet to specify damages or even gain class action status but it is alleged that Avid Life Media acted negligently by failing to exercise reasonable care in protecting and safeguarding personal information in their possession, breach of contract, and other privacy violations.[9] A major contention in the lawsuits is the fact that the website charged users a $19 fee to permanently delete all of their data, however the data was still available.[10] The hackers stated this is the reason why they targeted the website in the first place as an act of so-called “hacktivism,” in order to stop the website form taking money for not actually removing data.[11] Internal sources are showing that the company was aware of some of the potential vulnerabilities but took no steps to fix them.[12]

The outcome of these cases could very well be groundbreaking on the subject regarding how the law is shaped around data protection. To date it seems there is no security system that is impervious to hacking, even the government is susceptible. Can there ever really be a reasonable expectation that all the data we put out on the Internet will remain private? All that companies can do is to use the best security they can by following industry standards and by doing their best to contain a breach when it does occur. As these cases unfold it may in fact have a large impact on how Internet based services conduct business and store data. It no longer seems a question of can personal data be stored securely online, but rather how long until someone decides they want to take our information and share it with the world.

 

[1] Amanda Lee Myers, Americans Sue Ashley Madison Over Hack, Time Inc. (Aug. 25, 2015), http://time.com/4010665/ashley-madison-american-lawsuit/

 

[2] Meg Wagner, Adultery website Ashley Madison hacked; intruders threaten to leak 37 million users’ personal info, New York Daily News (July 20, 2015, 8:40 AM), http://www.nydailynews.com/news/national/adultery-website-ashley-madison-hacked-article-1.2297545

 

[3] Ashley Madison: What’s in the leaked account data dump?, BBC (Aug. 19, 2015), http://www.bbc.com/news/technology-33986228

 

[4] Id.

[5] Myers, supra note 1.

 

[6] Ashley Madison: ‘Suicides’ over website hack, BBC (Aug. 25, 2015), http://www.bbc.com/news/technology-34044506

 

[7] Myers, supra note 1.

 

[8] Id.

 

[9] Kim Zetter, Ashley Madison Hit With $500 Million In Lawsuits, WIRED (Aug. 25, 2015, 3:30 PM), http://www.wired.com/2015/08/ashley-madison-hit-500-million-lawsuits/

 

[10] Myers, supra note 1.

 

[11] Wagner, supra note 2.

 

[12] Zetter, supra note 9.

 

By: Khadijah Peek Movies like Surrogates and I Robot have depicted realities where robots mimic everything that makes us human.

By: Ariana Doty Let me take a selfie. A 2012 survey found that four out of five law enforcement officials used online networks such as Facebook and Twitter during criminal investigations due to the increase in the number of criminals posting self-incriminating evidence.