Yale Journal of Law & Technology
Volume 7, 2004-2005 Fall Issue
Architectural Regulation and the Evolution of Social Norms
By Lee Tien
Lee Tien, Architectural Regulation and the Evolution of Social Norms, 7 Yale Journal of Law & Technology 1 (2004).
Current legal scholarship on architectural regulation of software focuses on how its lack of transparency may frustrate public accountability or, by the same token, enhance its effectiveness. This paper argues that architectural regulation poses deeper dangers to the very concept of law. Ordinarily, we think of law as rules that a person thinks about when deciding how to act, and which human beings must decide to enforce. Law as architecture operates differently: instead of affecting our calculus of choice, it structures the very conditions of action, such as social settings and the resources available in those settings. Thus, architectural regulation operates surreptitiously and may not even be perceived as governmental action. Architectural regulation thus allows government to shape our actions without our perceiving that our experience has been deliberately shaped, engendering a loss of moral agency. Because our norms are often the product of social experience with and discourse about new technologies, architectural regulation poses the danger that government can distort the evolution of constitutional norms like privacy.
The Fourth Amendment Unplugged: Electronic Evidence Issues & Wireless Defenses
By Tara McGraw Swaminatha
Tara McGraw Swaminatha, The Fourth Amendment Unplugged: Electronic Evidence Issues & Wireless Defenses, 7 Yale Journal of Law & Technology 51 (2004).
No Abstract
Launch On Warning: Aggressive Defense Of Computer Systems
By Curtis E. A. Karnow
Curtis E. A. Karnow, Launch On Warning: Aggressive Defense Of Computer Systems, 7 Yale Journal of Law & Technology 87 (2004).
No Abstract
Real World Problems Of Virtual Crime
By Beryl A. Howell
Beryl A. Howell, Real World Problems Of Virtual Crime, 7 Yale Journal of Law & Technology 103 (2004).
Theoretical debates about how best to address cybercrime have their place, but, in the real world, companies and individuals face new harmful criminal activity that poses unique technical and investigatory challenges. One of the greatest challenges posed by this new technology is how to combat wrongdoing effectively without netting innocent actors. This Article will present three case studies drawn from recent high-profile news stories to illustrate the pitfalls of legislating in the e-crimes arena.
Technology, Security And Privacy: The Fear Of Frankenstein, The Mythology Of Privacy And The Lessons Of King Ludd
By K. A. Taipale
K. A. Taipale, Technology, Security And Privacy: The Fear Of Frankenstein, The Mythology Of Privacy And The Lessons Of King Ludd, 7 Yale Journal of Law & Technology 123 (2004).
This article suggests that the current public debate that pits security and privacy as dichotomous rivals to be traded one for another in a zero-sum game is based on a general misunderstanding and apprehension of technology on the one hand and a mythology of privacy that conflates secrecy with autonomy on the other. Further, political strategies premised on outlawing particular technologies or techniques or seeking to constrain technology through laws alone are second-best -- and ultimately futile -- strategies that will result in little security and brittle privacy protection.
This article argues that civil liberties can best be protected by employing value sensitive technology development strategies in conjunction with policy implementations, not by opposing technological developments or seeking to control the use of particular technologies or techniques after the fact through law alone. Value sensitive development strategies that take privacy concerns into account during design and development can build in technical features that can enable existing legal control mechanisms and related due process procedures for the protection of civil liberties to function.
This article examines how identification, data aggregation and data analysis (including data mining), and collection technologies intersect with security and privacy interests and suggests certain technical features and strategies premised on separating knowledge of behavior from knowledge of identity based on the anonymization of data (for data sharing, matching and analysis technologies) and the pseudonymization of identity (for identification and collection technologies). Technical requirements to support such strategies include rule-based processing, selective revelation, and strong credential and audit.