June 20, 2016

Article of the Day: The Racist Algorithm? by Anupam Chander

Cross-posted from Immigration Prof Blog.

I want to highlight a forthcoming article by Professor Anupam Chander: "The Racist Algorithm?" Michigan Law Review (2017 Forthcoming)

ABSTRACT:  Are we on the verge of an apartheid by algorithm? Will the age of big data lead to decisions that unfairly favor one race over others, or men over women? At the dawn of the Information Age, legal scholars are sounding warnings about the ubiquity of automated algorithms that increasingly govern our lives. In his new book, The Black Box Society: The Hidden Algorithms Behind Money and Information, Frank Pasquale forcefully argues that human beings are increasingly relying on computerized algorithms that make decisions about what information we receive, how much we can borrow, where we go for dinner, or even whom we date. Pasquale's central claim is that these algorithms will mask invidious discrimination, undermining democracy and worsening inequality. In this review, I rebut this prominent claim. I argue that any fair assessment of algorithms must be made against their alternative. Algorithms are certainly obscure and mysterious, but often no more so than the committees or individuals they replace. The ultimate black box is the human mind. Relying on contemporary theories of unconscious discrimination, I show that the consciously racist or sexist algorithm is less likely than the consciously or unconsciously racist or sexist human decision-maker it replaces. The principal problem of algorithmic discrimination lies elsewhere, in a process I label viral discrimination: algorithms trained or operated on a world pervaded by discriminatory effects are likely to reproduce that discrimination.

I argue that the solution to this problem lies in a kind of algorithmic affirmative action. This would require training algorithms on data that includes diverse communities and continually assessing the results for disparate impacts. Instead of insisting on race or gender neutrality and blindness, this would require decision-makers to approach algorithmic design and assessment in a race and gender conscious manner.

March 4, 2016

Outcome of FBI fight with Apple will affect your privacy

Cross-posted from the Sacramento Bee.

The legal dispute between the FBI and Apple over a locked iPhone is clouded in technical details that are hard for many to understand, an unclear area of law, and a terrible tragedy in San Bernardino that provokes unease and fear.

To make matters worse, the FBI and Apple are engaged in a very public battle using open letters, blog posts and hearings before Congress with terms like patriotism, marketability and backdoors.

The outcome of the case will affect everyone's ability to keep their personal information safe on their smartphones and all their electronic devices. And it will test what limits exist on the government's ability to force unwilling and innocent third parties to help it investigate crime.

A federal judge has issued an order forcing Apple to help the FBI "unlock" the iPhone used by Syed Farook, who with his wife Tashfeen Malik, shot and killed 14 people and seriously wounded 22 in the December attack in San Bernardino.

The issue is not whether Apple should help the government in its criminal investigations; the Cupertino-based company has assisted the government many times in the past, and even in this particular investigation. Instead, Apple objects to the order issued by the judge because of the unusual nature of the request.

The government is asking Apple to create something that does not now exist: a custom-built version of Apple's operating system that would sidestep security features on the iPhone.

Without Apple's assistance, the FBI claims that it is unable to access information that exists only in the phone itself. In addition, because the iPhone would not accept this customized software update without Apple's digital signature - which would otherwise vouch for the software's trustworthiness - the court order compels Apple to do this, too.

How does this affect you? If Apple is forced to create the means to hack into its own products, the issue does not end with this case. As FBI Director James Comey confirmed in his testimony before the House Judiciary Committee on Tuesday, there are other phones that the government would like Apple to unlock.

Local police departments are also eager to seek similar orders from Apple if it loses the San Bernardino case. Indeed, the prospect of forcing Apple to create a permanent in-house hacking department for police purposes was one of the reasons a federal magistrate judge in New York on Monday denied the government's request to compel Apple to unlock an iPhone in a different criminal case involving a drug investigation.

Once Apple creates the means to bypass the security features it has created to ensure the security of the information on its phones, that software will be prized not only by law enforcement officials, but also by organized crime rings, identity thieves and foreign intelligence agencies. That's where all of our interests come in.

As the U.S. Supreme Court described them recently, smartphones could easily be described as "cameras, video players, rolodexes, calendars, tape recorders, libraries, diaries, albums, televisions, maps or newspapers" - all at the same time.

That leads to the second issue: the extent to which the government can force an innocent third party to create something for law enforcement purposes.

In the San Bernardino case, the government relied upon the All Writs Act of 1789, a federal law intended to provide courts with the power to issue orders to carry out their duties. The act allows a court to issue orders that are "necessary or appropriate" when "agreeable to the usages and principles of law." No one is quite sure what the outer limits of the act may be, but the Apple case is testing those limits.

Does this include the power to force Apple to create an iPhone hack?

Comey, the FBI director, argues that the San Bernardino tragedy demands it. The problem is that we don't think of law enforcement power simply in terms of its objectives or the gravity of the crime in question. In our legal system, we take the reasonability of the means into account. If Apple is compelled to do this in a terrorism investigation, must it also do so in a drug case? A prostitution case? A delinquent property tax case? What the government seeks, in the words of one friend-of-the-court brief filed by a group of technology companies Thursday, is a demand "unbound by legal limits."

The extraordinary law enforcement means of today, if left unchecked, become the routine methods of tomorrow. And if the government is permitted to compel a technology company to create deliberate vulnerabilities in a phone today, very soon it may apply that power to the growing Internet of Things: the world of Internet-connected "smart" thermostats, televisions, toothbrushes and even Barbie dolls.

Apple's loss may mean that the FBI could one day force a company to deliver malicious security updates to one of the many smart devices you will own. These are products of convenience, not general consent to government surveillance. Do we want this case to pave the way for routine compulsion of private companies to watch us through our connected devices?

We should expect that the FBI and every other law enforcement agency would want to try every means necessary to prevent and investigate crime. But when those means exact a heavy cost upon our information security and privacy, we've struck the wrong bargain.


November 9, 2015

Business Law Journal Symposium on Corporate Data Breaches

At UC Davis School of Law, students and faculty work together to organize some amazing events. 

Last Friday, I had the pleasurable opportunity to provide a welcome to this year's UC Davis's Business Law Journal symposium on "Corporate Data Breaches: What Companies Can Learn from Recent High Profile Attacks."  The symposium examined the new challenges in the increasing numbers of major corporate data breaches.  The Journal brought together a group of the nation's leading professors and lawyers, with diverse expertise, all of whom are well-versed on corporate data breaches.    

We are proud of our business law faculty curriculum at UC Davis School of Law and have had a tradition of excellence in the field.  Professors Anupam Chander and John Hunt participated in the event.  I would be remiss if I did not give a special thanks to Professor John Hunt and law students Lauren Woods, Michel Wigney, and James Swearingen for their hard work in planning this symposium. 

The keynote speaker was Justin Cain, the California Cybersecurity Coordinator for the California Governor's Office of Emergency Services.   Justin is part of the California Cybersecurity Task Force, a statewide partnership comprised of key stakeholders, subject matter experts, and cybersecurity professionals from the public sector, private industry, academia, and law enforcement who are all working to advance and strengthen California's cybersecurity.

July 13, 2013

New Book: The Electronic Silk Road, by Anupam Chander

Yale University Press has just published The Electronic Silk Road: How the Web Binds the World Together in Commerce. The book has been hailed as a "tour de force" by leading trade economist Jagdish Bhagwati of Columbia University, a "must read" by Senator Chris Coons, and "engaging" and "important" by Ricardo Ramírez-Hernández, Chair of the Appellate Body, World Trade Organization.

The hardcover is available from Amazon here, as is a Kindle version.

Former World Trade Organization Director-General Michael Moore, currently New Zealand's Ambassador to the United States, tweeted: "What am I reading? "The Electronic Silk Road" by @AnupamChander explains essential issues for modern trade agenda."

The book has received extensive advance praise from key figures in international law and economics.

  • "An extraordinarily lucid and colorful description of the way cybertrade is changing global commerce -- and global society. Chander proposes realistic legal arrangements that can secure the Web’s benefits and avert its perils. This is an important book."—Michael Reisman, Yale Law School
  • "The world of commerce has changed for services. A masterly analysis of the implications of this development, this book is a tour de force."— Jagdish Bhagwati, University Professor, Columbia University
  • “A must read for those interested in globalization in the information age and the public policy challenges, opportunities, and pitfalls that will result. Anupam Chander offers an insightful primer on international cyberlaw and a thoughtful set of proposals for adapting to a changed world.” —Chris Coons, United States Senator
  • “This engaging book makes a powerful argument for embracing trade, without displacing law, along the new digital trade routes. Indeed, it recognizes law as crucial to promoting both trade and consumer protection. This is an important contribution to thinking about the international legal order.”—Ricardo Ramírez-Hernández, Chair of the Appellate Body, World Trade Organization
  • “Chander examines how international trade is ordering human rights and free expression in the digital age. Virtual borders and transnational corporations are here to stay, and Chander’s notion of ‘net-work’ offers us a sobering analysis of the dangers, and the possibilities.”—Deji Olukotun, PEN American Center
  • “Chander accentuates what is often forgotten--the importance of law underlying the digital evolution. Highly readable and enjoyable, The Electronic Silk Road is a piece of sound intellectual work, which is handsomely written.”—Mira Burri, University of Bern
  • “Anupam Chander takes us on a fascinating journey, raising provocative questions on how to balance competing global and local interests when managing new trade dynamics. Anyone interested in the digital transformation of commerce should consider carefully Chander’s insights.”—Mark Wu, Harvard Law School

The Electronic Silk Road

September 23, 2011

More Jasmine Revolutions? Or Better Big Brothers?

Should dictators fear, or welcome, the Internet?  I grapple with this question in a new essay, Jasmine Revolutions, forthcoming in the Cornell Law Review.  The draft of the paper is available here.

Here is the abstract for the paper:

Will the Internet help topple tyrants, or will it help further cement their control? Prominent skeptics challenge the notion that the Internet will help rid the world of dictators. They suggest that the Internet will simply serve as a new opiate of the masses, or worse, will assist autocrats in manipulating popular opinion. I defend the liberalizing promise of cyberspace. Where others have set out the value of the Internet to dissidents, I answer the main critiques of that position - that Internet activism is futile, that the Internet is simply the new opiate of the masses, and that autocrats will benefit more from the Internet than dissidents. I argue that dictators have revealed their own appraisals of the Internet: when threatened, they shut it down. Tyrants today fear the Internet more than they benefit from it. This summer’s events again confirmed this truth: On the day when the rebels marched into Tripoli, they restored Libya to the Internet.


March 22, 2011

California Bans Impersonating Another Person Online

California has understandably taken a lead in protecting individuals online, for example, in its privacy breach notification law. Now it targets a common tactic for harassing individuals in today's Internet era--impersonating someone.

SB 1411 creates a new section of the California Penal Code, which bars the online impersonation of another person for the purpose of harming someone.

528.5 (a) any person who knowingly and without consent credibly impersonates another actual person through or on an Internet Web site or by other electronic means for purposes of harming, intimidating, threatening, or defrauding another person is guilty of a public offense punishable pursuant to subdivision (d).


(c) For purposes of this section, "electronic means" shall include opening an e-mail account or an account or profile on a social networking Internet Web site in another person's name.

(d) A violation of subdivision (a) is punishable by a fine not exceeding one thousand dollars ($1,000), or by imprisonment in a county jail not exceeding one year, or by both that fine and imprisonment.

(e) In addition to any other civil remedy available, a person who suffers damage or loss by reason of a violation of subdivision (a) may bring a civil action against the violator for compensatory damages and injunctive relief or other equitable relief pursuant to paragraphs (1), (2), (4), and (5) of subdivision (e) and subdivision (g) of Section 502.

(f) This section shall not preclude prosecution under any other law.

December 17, 2010

The Dark Side of the Internet: Privacy, Defamation, and Free Speech

Harvard University Press just sent me a copy of the new book, The Offensive Internet, edited by University of Chicago law professors Saul Levmore and Martha Nussbaum (each of whom also contributes a chapter in the book). 

The book is an important antidote to the often Panglossian approach of early cyberspace enthusiasts.

I contributed a chapter titled "Youthful Indiscretion in the Internet Age." It's a collection of thoughtful papers. While you are likely to disagree with many of them (as I do), the papers each make significant contributions to the literature.

June 24, 2010

Viacom v. YouTube, Round One

YouTube logo

Viacom sued YouTube for hosting material that Viacom claims infringes Viacom’s copyright. Yesterday, the federal District Court for the Southern District of New York handed down a summary judgment siding with YouTube.

District Judge Louis Stanton’s decision is a model of judicial clarity. It quickly identifies the principal issue in the case and focuses the bulk of the opinion on that issue. As Judge Stanton sees it, the issue is whether YouTube qualifies for the Digital Millennium Copyright Act (DMCA) safe harbor even if it does not itself search out and destroy copyright infringing material without a specific request from a copyright holder identifying the infringing material. The burden, Judge Stanton argues, falls on the copyright holder and not YouTube.  It is clear that there is a substantial amount of infringing material on YouTube, but YouTube does not have the responsibility to remove it without a clearer “red flag”—such as a moniker that it is “pirated” material.  (Not to cavil, but even The Pirate Bay hosts material that is not copyright infringing.)

Judge Stanton’s decision seems a clear and logical interpretation of the DMCA. He spends a great deal of time focusing on the legislative history of the statute as reflected in the legislative reports before Congress.

He does not dwell on some of the sideshow that developed during the discovery, including an email during YouTube's early period in which founder Steve Chen acknowledges that a substantial amount of the material on the site is infringing. That email demonstrated knowledge of infringement, but not the particularized knowledge that the DMCA requires. Otherwise, every web hosting service would be at risk--because copyright infringement is so widespread in cyberspace.

It is too early for YouTube (and us netizens, more generally) to declare victory. The decision is likely but Round One.  Viacom has the resources to continue the challenge on appeal. It might choose not to do so (1) if it believed it too expensive to do so; (2) if it believed that an appeal would risk creating “bad law” from its perspective; (3) if it believed that further publicity for its claim against a beloved website would antagonize its consumers; or (4) the litigation sapped too much executive time and energy.

Assuming an appeal is filed, the Second Circuit Court of Appeals will review the decision below, based as it is purely on an interpretation of law, de novo. That means that Judge Stanton’s decision will receive absolutely no deference. The Second Circuit will review the issue entirely anew.

It is too early to pronounce victory, but Judge Stanton’s decision marks a helpful first step.

Cross-posted on Chander.com.

March 11, 2010

Does the Internet Deserve a Nobel Peace Prize?

The BBC reports that the Internet has been nominated for the Nobel Peace Prize. 

Some, such as the Italian version of Wired magazine, have championed the Internet's nomination for helping advance "dialogue, debate and consensus."

It may seem laughable to give a Peace Prize to a communications medium, but there is reason to take the nomination seriously. 

Alfred Nobel, in his will, announced that one prize should be awarded to "the person who shall have done the most or the best work for fraternity between the nations and the abolition or reduction of standing armies and the formation and spreading of peace congresses."

The Nobel Prize Committee has long awarded the Prize to associations, not just natural "persons"--including recently the Intergovernmental Panel on Climate Change and the International Atomic Energy Agency. Selecting the Internet would extend the prize further to an even more abstract entity, but it would still go to a human endeavor.

Has the Internet advanced the cause of peace?  That still remains unclear, but there is reason to be hopeful. The Web makes possible an increasing sense of common membership in the world. The very nature of the "World Wide" Web, with its focus on interconnectedness and its disrespect for political borders or geographical distance, promotes this. The Internet, in this sense, promotes "fraternity between the nations."

The Internet also allows dissidents to escape local controls on speech. I explore this further in a forthcoming California Law Review article, Googling Freedom, which I will post soon. This may be the reason that Nobel Peace Laureate Shirin Ebadi is cited as a supporter of the nomination of the Internet for the Peace Prize.

There is of course the dark side of the Internet. Through this medium, terrorists have plotted their terror and arms merchants have found buyers. Nationalists have promoted jingoism.

Indeed, the Internet might permit individuals to limit themselves to a narrow informational universe, accessing only sites and information that confirm (and perhaps strengthen) our prior views.  This is Cass Sunstein's argument, which I have critiqued in my paper, Whose Republic?, published in the University of Chicago Law Review. Where Sunstein worries about the "Daily Me" made possible by electronic intermediaries that deliver news tailored to a reader's tastes, I observe that, for minorities, the traditional media offer the "Daily Them" -- a vision of society focused on its dominant members.

The BBC story notes that "[i]t is unclear who would accept the prize if the internet were to win."  I would nominate Tim Berners-Lee, the man who gave the world the "World-Wide-Web," a visionary communications protocol that made the Internet popular beyond the relatively narrow confines of technologists. 

By raising the possibility of the Internet as a Nobel Laureate, I should not be misunderstood as endorsing such a choice. There are many worthy candidates, including Chinese dissident Liu Xiaobo, who languishes under arrest. Indeed, it is likely the case that these other candidates are more worthy of the prize--and that choosing them might have a greater likelihood of promoting the cause of peace.