Sony, Cyber Security, and Free Speech: Preserving the First Amendment in the Modern World

Reprinted from 16 U.C. Davis Bus. L.J. 309 (2016). This paper explores the Sony hack in 2014 allegedly launched by the North Korean government in retaliation over Sony’s production of The Interview and considers the hack’s chilling impact on speech in technology. One of the most devastating cyber attacks in history, the hack exposed approximately thirty- eight million files of sensitive data, including over 170,000 employee emails, thousands of employee social security numbers and unreleased footage of upcoming movies. The hack caused Sony to censor the film and prompted members of the entertainment industry at large to tailor their communication and conform storylines to societal standards. Such censorship cuts the First Amendment at its core and exemplifies the danger cyber terror poses to freedom of speech by compromising Americans’ privacy in digital mediums. This paper critiques the current methods for combatting cyber terror, which consist of unwieldy federal criminal laws and controversial information sharing policies, while proposing more promising solutions that unleash the competitive power of the free market with limited government regulation. It also recommends legal, affordable and user-friendly tools anyone can use to secure their technology, recapture their privacy and exercise their freedom of speech online without fear of surreptitious surveillance or retaliatory exposure

Website Blocked: Filtering Technology in Schools and School Libraries

This paper investigates the impact of filtering software in K-12 schools and school libraries. The Children\u27s Internet Protection Act, or CIPA, requires that public schools and school libraries use filtering technology in order to receive discounted rates on technology. As a result, nearly all public elementary and secondary schools today use filtering technology. While the provisions of CIPA narrowly define the content to be blocked, filters are often set to block much more than is required. Filtering technology is often ineffective, and many unobjectionable sites end up being blocked, including Web 2.0 sites and tools needed to educate students in a 21st century learning environment. Filtering software raises other issues as well, such as First Amendment implications, a possible digital divide between students that have unfiltered access to online content at home and those that do not, and the loss of opportunity to educate students on how to be good digital citizens. These issues should be acknowledged and addressed. There are many options available to librarians, educators, administrators, and other stakeholders that can increase students\u27 access to online information and educational tools while still protecting children from inappropriate online content and complying with the requirements of CIPA

Planning for the Future of Cyber Attack Attribution : Hearing Before the H. Subcomm. on Technology and Innovation of the H. Comm. on Science and Technology, 111th Cong., July 15, 2010 (Statement by Adjunct Professor Marc Rotenberg, Geo. U. L. Center)

Steve Bellovin, another security expert, noted recently that one of risks of the new White House plan for cyber security is that it places too much emphasis on attribution. As Dr. Bellovin explains: The fundamental premise of the proposed strategy is that our serious Internet security problems are due to lack of sufficient authentication. That is demonstrably false. The biggest problem was and is buggy code. All the authentication in the world won\u27t stop a bad guy who goes around the authentication system, either by finding bugs exploitable before authentication is performed, finding bugs in the authentication system itself, or by hijacking your system and abusing the authenticated connection set up by the legitimate user. While I believe the White House, the Cyber Security Advisor, and the various participants in the drafting process have made an important effort to address privacy and security interests, I share Professor Bellovin’s concern that too much emphasis has been placed on promoting identification. I also believe that online identification, promoted by government, will be used for purposes unrelated to cyber security and could ultimately chill political speech and limit the growth of the Internet. Greater public participation in the development of this policy as well as a formal rulemaking on the White House proposal could help address these concerns

Cybersecurity in the Classroom: Bridging the Gap Between Computer Access and Online Safety

According to ISACA, there will be a global shortage of 2 million cybersecurity professionals worldwide by 2019. Additionally, according to Experian Data Breach Resolution, as much as 80% of all network breaches can be traced to employee negligence. These problems will not solve themselves, and they likewise won’t improve without drastic action. An effort needs to be made to help direct interested and qualified individuals to the field of cybersecurity to move toward closing this gap. Moreover, steps need to be made to better inform the public of general safety measures while online, including the safeguarding of sensitive information. A large issue with solving the problems at hand is that there seems to be no comprehensive curriculum for cybersecurity education to teach these basic principles. In my paper, I review and compare several after- and in-school programs that attempt to address this problem. I’ve also interviewed teachers from Montgomery County Public Schools, a relatively ethnically diverse school district outside of Washington, D.C. These issues need to be addressed, and while private organizations and local schools are attempting to tackle the problem, wider action may need to be taken at a national level to come to a resolution

Cybersecurity in the Classroom: Bridging the Gap Between Computer Access and Online Safety

According to ISACA, there will be a global shortage of 2 million cybersecurity professionals worldwide by 2019. Additionally, according to Experian Data Breach Resolution, as much as 80% of all network breaches can be traced to employee negligence. These problems will not solve themselves, and they likewise won’t improve without drastic action. An effort needs to be made to help direct interested and qualified individuals to the field of cybersecurity to move toward closing this gap. Moreover, steps need to be made to better inform the public of general safety measures while online, including the safeguarding of sensitive information. A large issue with solving the problems at hand is that there seems to be no comprehensive curriculum for cybersecurity education to teach these basic principles. In my paper, I review and compare several after- and in-school programs that attempt to address this problem. I’ve also interviewed teachers from Montgomery County Public Schools, a relatively ethnically diverse school district outside of Washington, D.C. These issues need to be addressed, and while private organizations and local schools are attempting to tackle the problem, wider action may need to be taken at a national level to come to a resolution

Cyber-Democracy or Cyber-Hegemony? Exploring the Political and Economic Structures of the Internet as an Alternative Source of Information

Although government regulation of the Internet has been decried as undercutting free speech, the control of Internet content through capitalist gateways???namely, profit-driven software companies???has gone largely uncriticized. The author argues that this discursive trend manufactures consent through a hegemonic force neglecting to confront the invasion of online advertising or marketing strategies directed at children. This study suggests that ???inappropriate content??? (that is, nudity, pornography, obscenities) constitutes a cultural currency through which concerns and responses to the Internet have been articulated within the mainstream. By examining the rhetorical and financial investments of the telecommunications business sector, the author contends that the rhetorical elements creating ???cyber-safety??? concerns within the mainstream attempt to reach the consent of parents and educators by asking them to see some Internet content as value laden (sexuality, trigger words, or adult content), while disguising the interests and authority of profitable computer software and hardware industries (advertising and marketing). Although most online ???safety measures??? neglect to confront the emerging invasion of advertising/marketing directed at children and youth, the author argues that media literacy in cyberspace demands such scrutiny. Unlike measures to block or filter online information, students need an empowerment approach that will enable them to analyze, evaluate, and judge the information they receive.published or submitted for publicatio

National plan to combat cybercrime

Australia is a highly connected country - technology and the internet are crucial to Australia\u27s way of life. However, while the potential of the internet and digital economy is clearly a massive opportunity for Australia, it is also quickly emerging as a key enabler for criminal activity. In Australia, the term \u27cybercrime\u27 is used to describe both: crimes directed at computers or other information communications technologies (ICTs) (such as hacking and denial of service attacks) and crimes where computers or ICTs are an integral part of an offence (such as online fraud, identity theft and the distribution of child exploitation material). Responsibility for combating the different forms of cybercrime in Australia is shared between Australian Government agencies state and territory agencies. All jurisdictions have criminal laws directed at the various forms of cybercrime. The Australian Attorney-General\u27s Department has led the development of a National Plan to Combat Cybercrime, in consultation with Australian Government agencies, state and territory agencies

Australian Governments and dilemmas in filtering the Internet: juggling freedoms against potential for harm

This paper examines proposed internet filtering policies in Australia from the 1990s to 2014 and discusses some of their ideological underpinnings. Executive summary The Internet is a revolutionary source of information and its dissemination; and a medium for collaboration and interaction between individuals without regard for geographic location. Since its inception, however, concerns have been raised about the potential for unsavoury characters to use the Internet as a vehicle for distributing pornography and material of a violent nature to young or otherwise vulnerable individuals. Governments across the world have attempted to deal with such activities by various means and to varying degrees. These have included imposing mandatory filtering at an Internet Service Provider (ISP) level and optional filtering at the computer level. In Australia there has been considerable debate about what degree of filtering (if any) should be mandated. The Howard Government favoured an approach which emphasised self-regulation by ISPs combined with a legislative component and education and freedom for families to choose between either computer or ISP filtering based on a list of unacceptable content. The Rudd and Gillard Governments preferred the option of a mandatory ISP level filter, although this too was to be based on a ‘blacklist’ of prohibited content. Both options have been criticised as being expensive and inefficient. In addition, it has been argued that the Rudd/Gillard option would have had a detrimental impact on Internet speeds and that it would set a precedent for future governments to widen filtering to other forms of expression. The Howard Government’s programs were largely discarded by Labor after it was elected in 2007. However, Labor’s own filtering option was abandoned prior to its defeat in the 2013 election. In conjunction with their filtering options , both Coalition and Labor Governments have supported education and information campaigns to assist people, particularly children, to deal with online predators and both have introduced successful programs. The current Coalition Government’s policy on Internet filtering appears to favour light-handed legislation combined with education and information programs. This paper examines the iterations of internet filtering policies from the 1990s to 2014 and discusses some of their ideological underpinnings

Open Data, Grey Data, and Stewardship: Universities at the Privacy Frontier

As universities recognize the inherent value in the data they collect and hold, they encounter unforeseen challenges in stewarding those data in ways that balance accountability, transparency, and protection of privacy, academic freedom, and intellectual property. Two parallel developments in academic data collection are converging: (1) open access requirements, whereby researchers must provide access to their data as a condition of obtaining grant funding or publishing results in journals; and (2) the vast accumulation of 'grey data' about individuals in their daily activities of research, teaching, learning, services, and administration. The boundaries between research and grey data are blurring, making it more difficult to assess the risks and responsibilities associated with any data collection. Many sets of data, both research and grey, fall outside privacy regulations such as HIPAA, FERPA, and PII. Universities are exploiting these data for research, learning analytics, faculty evaluation, strategic decisions, and other sensitive matters. Commercial entities are besieging universities with requests for access to data or for partnerships to mine them. The privacy frontier facing research universities spans open access practices, uses and misuses of data, public records requests, cyber risk, and curating data for privacy protection. This paper explores the competing values inherent in data stewardship and makes recommendations for practice, drawing on the pioneering work of the University of California in privacy and information security, data governance, and cyber risk.Comment: Final published version, Sept 30, 201