Showing papers in "Hastings Law Journal in 2003"

Identity Theft, Privacy, and the Architecture of Vulnerability

Abstract: This Article contrasts two models for understanding and protecting against privacy violations. Traditionally, privacy violations have been understood as invasive actions by particular wrongdoers who cause direct injury to victims. Victims experience embarrassment, mental distress, or harm to their reputations. Privacy is not infringed until these mental injuries materialize. Thus, the law responds when a person's deepest secrets are exposed, reputation is tarnished, or home is invaded. Under the traditional view, privacy is an individual right, remedied at the initiative of the individual. In this Article, Professor Solove contends the traditional model does not adequately account for many of the privacy problems arising today. These privacy problems do not consist merely of a series of isolated and discrete invasions or harms, but are systemic in nature. They cannot adequately be remedied by individual rights and remedies alone. In contrast, Professor Solove proposes a different model for understanding and protecting against these privacy problems. Developing the notion of "architecture" as used by Joel Reidenberg and Lawrence Lessig, Solove contends that many privacy problems must be understood as the product of a broader structural system which shapes the collection, dissemination, and use of personal information. Lessig and Reidenberg focus on "architectures of control," structures that function to exercise greater dominion over individuals. Solove argues that in addition to architectures of control, we are seeing the development of "architectures of vulnerability," which create a world where people are vulnerable to significant harm and are helpless to do anything about it. Solove argues that protecting privacy must focus not merely on remedies and penalties but on shaping architectures. Professor Solove illustrates these points with the example of identity theft, one of the most rapidly growing types of criminal activity. Identity theft is often conceptualized under the traditional model as the product of disparate thieves and crafty criminals. The problem, however, has not been adequately conceptualized, and, as a result, enforcement efforts have been misdirected. The problem, as Solove contends, is one created by an architecture, one that creates a series of vulnerabilities. This architecture is not created by identity thieves; rather, it is exploited by them. It is an architecture of vulnerability, one where personal information is not protected with adequate security. The identity thief's ability to so easily access and use our personal data stems from an architecture that does not provide adequate security to our personal information and that does not afford us with a sufficient degree of participation in the collection, dissemination, and use of that information. Understanding identity theft in terms of architecture reveals that it is part of a larger problem that the law has thus far ignored. Solove then discusses solutions to the identity theft problem. He engages in an extensive critique of Lynn LoPucki's solution, which involves the creation of a public identification system. After pointing out the difficulties in LoPucki's proposal, Solove develops an architecture that can more appropriately curtail identity theft, an architecture based on the Fair Information Practices.

Consent forms as part of the informed consent process: moving away from "medical Miranda".

Abstract: The current state of the law of informed consent represents a failure of legal efforts to implement a bioethical doctrine. Despite the fact that the doctrine of informed consent is one of the oldest and most widely accepted efforts to implement an ethical doctrine as part of the law, studies have consistently and recently demonstrated that the results of this effort have been dismal. This Note examines this failure and trace its roots in part to theoretical misunderstandings about what the goal of informed consent truly is. Specifically, many-both in the medical community and elsewhere-still approach informed consent under a harm-avoidance model, in which the primary goal is to protect physicians from legal liability by providing the patient with massive amounts of complicated medical information. The ethically and legally preferable model is one seeking to enhance the patient's autonomy and understanding of the medical decision through a process of active collaboration between the physician and patient. While the autonomy-enhancing model is widely recognized as being superior to the harm-avoidance approach, recent studies illustrate that the reality of medical practice remains closer to the latter. Concrete steps can and must be taken to alleviate this problem, and this Note examines consent forms as both an example of the ills of the harm-avoidance model in action as well as an area in which measures can be implemented to bring informed consent in line with the ethical ideals it is meant to enact.

The Public's Domain: The Evolution of Legal Restraints on the Government's Power to Control Public Access Through Secrecy or Intellectual Property

Abstract: The concept of the public domain is the focus of a firestorm of debate, precipitated by some of the most important controversies of our digital age. This debate, however, is deeply flawed in two critical respects. First, the debate has invoked the public domain without a clear understanding of the origin of the term and the first principles courts enunciated in recognizing the concept. Second, the debate has focused almost exclusively on intellectual property law in analyzing the public domain, ignoring the many uses of the term in other areas of law, such as First Amendment rights of access, government secrecy agreements, espionage, the Freedom of Information Act, and regulations governing classified information and munitions lists. This Article aims to correct these two shortcomings in the current debate by tracing the historical development of the concept in intellectual property law and in the areas of law involving government secrecy. This analysis is critical for evaluating not only the government's recent expansions of the scope of intellectual property, but also the government's increased use of secrecy, post 9/11, including in the detention of enemy combatants, deportation of aliens, and removal of materials from government websites. Drawing upon modern evolution theory and Bruce Ackerman's theory of constitutional moments, the Article shows how the various uses of the public domain in intellectual property law and government secrecy cases are all related in origin, structure, and function, and concludes by suggesting how the concept of the public domain may now lie in threat of extinction.

Marital Immunity, Intimate Relationships, and Improper Inferences: A New Law on Sexual Offenses by Intimates

Abstract: Today, to one degree or another, marital immunity for sexual offenses persists in over half the states. Underlying the marital rape immunity has been the assumption that when a woman enters into a marriage, she is giving her ongoing consent to sexual intercourse. Professor Michelle Anderson argues that states must abolish this immunity to make the law formally neutral on the marital status of the parties. However, Professor Anderson argues, such formal neutrality is insufficient. The ideology of ongoing consent underlying the marital rape immunity has infected the way the legal system treats sexual offenses among intimates who are not married. The legal system often assumes that ongoing consent also exists between non-married intimates. Professor Anderson argues against the ideology of ongoing consent in both settings and proposes a new, single rule: evidence of a past or continuing sexual relationship between the complainant and the defendant is not itself a defense to a criminal sexual offense and, by itself, does not prove consent to the sexual act.

The Insufficiency of Antitrust Analysis for Patent Misuse

Abstract: Patent misuse lies at the intersection of patent and antitrust law. The history and conceptual overlap of patent law and antitrust law have left the doctrine of misuse hopelessly entangled with antitrust doctrines. In response, a number of scholars and legislators have argued for streamlining the patent misuse inquiry by applying antitrust rules. Current court decisions have moved in this direction as well. The notion of applying antitrust rules to test for patent misuse has an appealing logic. Patent misuse can be defined as an improper attempt to expand a patent. Antitrust principles, among other things, restrict the improper expansion of monopolies. Shouldn’t courts be able to use antitrust rules to identify an improper expansion of a patent monopoly?

Did Privacy Cause Identity Theft

Abstract: This essay argues that the decline of public identities over the past three decades, combined with increasing secrecy in the process of identification, is the root cause of the burgeoning problem of identity theft Identity theft is easy because impersonation increasingly takes place in private transactions that are invisible to the victim The essay compares two proposed solutions: Professor Daniel Soloves' architectural approach and the author's Public Identity System Both would make the identification process transparent to the person identified, put imposters at risk by requiring personal appearances, and ban the use of social security numbers as passwords But the two writers take opposing positions with respect to continued secrecy of the information used to identify consumers Solove would maintain the link between identification information (name and social security number) and personal information (information descriptive of the consumer or the consumer's circumstances) and seek to impose better security to keep all of it from thieves The author would sever the link between the two kinds of information, make identification information - which is harmless - public, and allow consumers to use it to create public, thief-proof identities The essay explains the operation of the Public Identity System the author proposed in Human Identification Theory and the Identity Theft Problem, 80 Texas Law Review 89 (2001) and addresses Solove's objections related to the public display of social security numbers, consumer profiling, stalking, marketing abuse, and other aspects of the proposed System

Are the U.S. Patent Priority Rules Really Necessary

Abstract: Author(s): Lemley, Mark; Chien, Colleen V. | Abstract: The United States is the only country in the world that awards patents to the first person to invent something, rather than the first to file a patent application. In order to determine who is first to invent, the United States has created an elaborate set of "interference" proceedings and legal standards to define invention and decide how it may be proven. Supporters of this system claim that it is necessary to protect small inventors, who may not have the resources to file patent applications quickly, and may therefore lose a patent race to large companies who invented after they did. Advocates of global patent harmonization have suggested, however, that the first inventor is usually also the first to file, and that the first-to-invent standard is unnecessary and wasteful.In this Article, we study U.S. Patent and Trademark Office ("PTO") interference proceedings and court cases in which the parties dispute who is first to invent. We find that the first person to file is usually, but by no means always, also the first to invent. In over 40% of the cases, the first to invent is last to file. We also find that the long-standing rule that discriminated against foreign inventors by requiring proof of inventive activity in the U.S. had surprisingly little effect on outcomes; that a large number of priority disputes involve near-simultaneous invention; and that the vast majority of such disputes could be resolved without reliance on much of the evidence the law permits. Finally, we study the role of small inventors to see whether they are disproportionately the beneficiaries of the first to invent system. While the evidence is mixed, it does not appear that small inventors particularly benefit from the first to invent system.Part I describes the legal background for the international debate over how to determine patent priority. Part II describes our studies and discusses our results in detail. Finally, Part III draws conclusions for policy-makers from the data. There is some truth to the arguments of both sides in this debate. The first to invent system does produce significantly different results in individual cases than a first to file system would. But it is not clear that those different results are particularly fairer, or that they are worth the cost. We suggest some possible ways to modify the U.S. system to take account of these facts without changing entirely to a first-to-file system.

State Wiretaps and Electronic Surveillance after September 11

Abstract: This article examines the changing landscape for wiretaps and other electronic surveillance at the state level in the wake of the events of September 11. Based on available statistics, over two-thirds of law enforcement wiretaps in the United States in 2001 were authorized by state rather than federal judges, and there is evidence of significant under-reporting of state wiretaps. Part I of the Article explains the constitutional and statutory framework for government interception of: the content of a communication ("wiretaps"); to/from information (such as phone numbers or e-mail addresses); and stored communications records. Appendix A to the Article provides a survey and analysis of the interception, to/from, and stored records laws for all 50 states. Appendix B provides a survey of proposed and enacted changes to state laws in the initial period from September 11, 2001 to June 1, 2002. This research was performed on behalf of the Liberty and Security Initiative of the Constitution Project. Part II analyzes the proposed and enacted changes following September 11. Legislation principally addressed these issues: expanding the list of offenses eligible for interception orders; expanding the list of officials with wiretap authority; expanding the categories of persons who may execute wiretaps; authorizing roving and statewide surveillance; and expanding the types of communications and devices subject to interception. The conclusions in Part III highlight the weaker internal and external controls that apply to wiretaps and other electronic surveillance at the state level. At a formal/legal level, the Electronic Communications Privacy Act (ECPA) does provide that state wiretap laws may have effect only if they meet federal minimum standards for nature of the offense, minimization, and other features. Based on our review of state laws, however, we consider it likely that state wiretaps are systematically less subject to training requirements and other institutional controls on prosecutorial and police discretion. External controls are also likely more substantial at the federal level. Academics, the press, advocacy groups, and Congressional oversight have all provided important checks on any temptation by federal officials to overstep the limits of their surveillance powers. These oversight efforts are less developed in most states, and our research on state laws is intended in part to facilitate better understanding of how these laws in fact operate. A separate implication of this research concerns the interplay of federal and state surveillance law. Passage of the USA-PATRIOT Act in 2001 focused essentially exclusively on the scope of surveillance powers appropriate for federal officials. The preemption provision in ECPA, however, means that a change in federal law also permits an equivalent change in state law. Many of the bills recently proposed mirror the reduction of privacy rights in the USA-PATRIOT Act. In considering changes to federal surveillance law, the relatively weak internal and external oversight of state wiretaps is thus relevant. Even where sufficient controls can be created to justify actions by federal officials, the additional issue is whether appropriate safeguards will be created at the state level, where the large majority of wiretaps actually occur.

Should Directors Reduce Executive Pay

Abstract: This paper examines internal pay disparities in American public corporations and argues that wide gaps between the top and bottom of the pay scale can, in certain circumstances, directly and adversely affect firm value, that corporate boards should be informed about these effects, and that they should, in some cases, reduce internal pay differentials to address them. In support of this thesis, it analyzes numerous empirical studies that have shown that wide disparities in corporate pay scales can adversely affect firm value. These studies demonstrate that, at many types of organizations, as internal pay differentials grow, employees and lower level managers increasingly view themselves as being unfairly compensated in comparison to more highly paid top management. This perception adversely affects employee performance, productivity and willingness to work, and thereby reduces firm value. Directors' duty of care requires that they consider the spread between the high and low end of the corporate pay scale in setting firm compensation levels and act in the corporation's best interests to reduce it if necessary to maximize firm value. Moreover, mega-grants of stock options are primarily responsible for these growing pay differentials. Corporate directors are uninformed about the real costs and benefits of these huge awards. Mega-grants of stock options to corporate managers are unjustified if their uncertain benefits are exceeded by their costs. As virtually no research has shown that mega-grants of stock options' costs exceed their benefits, directors need to more carefully determine if these programs maximize firm value. Once again, directors' duty of care obligates them to be reasonably informed about the value of these plans as that constitutes material information about their firm.

Privacy Property, Information Costs, and the Anticommons

Abstract: The current law of privacy is a hodgepodge of rights and remedies. Some rights arise out of a specific statute, others arise out of the general common law of torts and contract. Each system for protecting privacy has its own distinctive remedial scheme. Some rights are backed by public enforcement alone, some by private rights of action, some by both. Some come with compensatory damages, others with attorneys' fees, punitive damages, or statutory damages. Even where a private right of action exists, however, that right is often enforced by civil liability, rather than property-based entitlements. While this essay argues for property-based protection of personal data, its principle goal is to take seriously (and propose techniques for minimizing) the costs associated with the coordination problems created by a regime of information property.

Lifting the Fog of Internet Surveillance: How a Suppression Remedy Would Change Computer Crime Law

Abstract: This Article argues that the rules of Internet surveillance law remain obscure and undeveloped because of the remedies Congress has chosen to enforce its statutory standards. By rejecting a suppression remedy and embracing aggressive civil penalties, Congress has ensured that courts only rarely encounter challenges to Internet surveillance practices - and when they do, the cases tend to be in civil cases between private parties that raise issues far removed from those that animated Congress to pass the statutes. As a result, the courts have not explained how the complex web of surveillance statutes apply in routine criminal cases, and the rare judicial decisions construing the statutes tend to confuse the issues, not clarify them. This article argues that Congress should add a statutory suppression remedy to lift the fog of Internet surveillance law, and that such a change would benefit both civil liberties and law enforcement interests alike.

Homicide on Holiday: Prosecutorial Discretion, Popular Culture, and the Boundaries of the Criminal Law

Abstract: This article discusses prosecutors' discretion to press criminal charges against individuals who cause death during recreational activities. Based on newspaper sources, published opinions, and unpublished materials from cases that resulted in plea bargains, Homicide on Holiday continues the author's exploration of the relationship between the American public, criminal prosecutors, and the nature of the prosecutors' public role. It shows that, despite popular culture's glorification of risk and a nationwide trend in tort law toward sheltering sports co-participants from civil negligence liability, an exhilarating trip down a ski slope is increasingly likely to land a skier in jail if he collides with and kills another person. During the past few years, prosecutors have shown increased zeal in pressing charges against individuals in a variety of recreational contexts from horseback accidents at riding stables to jet-skiing fatalities on reservoirs. This article analyzes the criminal prosecution of recreational risk-takers and proposes a new approach to discretionary charging decisions. It represents the first comprehensive scholarly treatment of the use of the criminal law to regulate recreational risk.

Integrity Review of Statutory Arbitration Awards

Abstract: The 1991 Supreme Court decision in Gilmer v. Interstate/Johnson Lane Corp. introduced a new era in the enforcement of statutory rights designed to protect individuals in the workplace. No longer would employees be entitled to a judicial forum or employers limited to such a forum in adjudicating such disputes. Rather, Gilmer created the possibility that pre-dispute employment contracts could bind workers to litigate important public rights in the private forum of arbitration under the auspices of the Federal Arbitration Act. This possibility reached fruition in the 2001 decision in Circuit City Stores, Inc. v. Adams, making such pre-dispute arbitration contracts, except "contracts of employment of transportation workers," generally applicable throughout the economy. Though the Court in EEOC v. Waffle House, Inc. preserved the enforcement role of the EEOC despite arbitration agreements between employees and targeted employers, it simultaneously acknowledged the limited practical effect of EEOC jurisdiction on employment arbitration in statutory cases. This development potentially subjects most adjudications involving statutory rights to arbitration rather than courts as originally contemplated by Congress in most protective legislation. Critics have objected that the ceding of jurisdiction in statutory cases amounts to an abrogation of employee rights and an abdication of judicial enforcement responsibility. This article recognizes the advantages and disadvantages of arbitration in statutory cases. It also affirms the centrality of judicial supervision to the effective enforcement of statutory rights. In addressing a key issue yet to be decided by the Supreme Court, the article proposes a substantive integrity standard of review which accomplishes the dual purposes of making effective both arbitral disposition of statutory employment cases and judicial supervision of arbitral decision-making. While situating the substantive integrity standard among the prevailing appellate review standards, the article also reconciles the competing statutory policies in the FAA and statutes such as Title VII and incorporates the important policy pronouncements of the Supreme Court. Finally, the article demonstrates the viability of integrity review by applying it and drawing upon the results of the South African experience under a similar standard.

Trustwarp: The Importance of Legal Rules to Electronic Commerce and Internet Privacy

Abstract: This Article puts forward two claims and one proposed new term. The first claim, buttressed by new evidence in this Article, is that we have under-valued the importance of binding legal rules in promoting electronic commerce (“E-Commerce”). The second claim is that, in light of the demonstrated helpfulness of binding legal rules, the case for Internet privacy legislation in the United States is stronger than it was during the start-up period of E-Commerce during the 1990s. The new term, which is central to both of these claims, is the idea of “trustwrap”—the ways that merchants can wrap their transactions in visible, trust-inspiring ways when conducting E-Commerce. The idea of trustwrap arose for me in thinking about the Tylenol scare in the early 1980s. A malicious person injected cyanide poison into bottles of Tylenol pills, resulting in several deaths and enormous negative publicity. The Johnson and Johnson Company, led by James Burke, reacted with perhaps the most-admired crisis response in corporate history. The first part of the response was an immediate announcement that all Tylenol on the shelves nationwide would be removed immediately. The company would take whatever short-term loss was necessary to assure customers that no tainted Tylenol would remain available for sale. This strong statement that the company would “do the right thing” created immediate and widespread sympathy for Johnson and Johnson.