Back to News

GLC Hosts Events on Cybersecurity

150605-building-006.jpg

This semester, the Center for Global Legal Challenges has hosted several cybersecurity speakers and panels. In October, the Center hosted lunchtime talks with Andrew Burt, and Carrie Cordero, and in November, the Center held the “Hijacking Information: Software Vulnerabilities, Ransomware, and Law”—a two-panel conference on how vulnerabilities and patching affect overall cybersecurity, and on the emerging threat of ransomware.

Andrew Burt is a YLS graduate and Chief Privacy Officer & Legal Engineer at Immuta, a data management platform. Andrew’s talk topic focused on the new laws around the world, beginning to force the technology industry to rethink how it approaches the law, on how and why the worlds of law and technology are colliding, and what this means for data-driven companies, the technology industry, and governments and citizens around the world. 

Burt argued that the rise of complex software systems is leading to new legal challenges. For example, the artificial intelligence systems used in self-driving cars challenge the notion of who the law considers “driver.” This illustrates that regulations traditionally meant to govern the way that humans interact have to adapt to a world that has been eaten by software. This goes beyond just self-deriving cars—complex algorithms are used in mortgage and credit decisions, in the criminal justice and immigration systems and in the realm of national security, and more.

Carrie Cordero is a Counsel at ZwillGen PLLC, which advises and represents leading internet and tech companies in high-profile online legal matters, including data protection and information security, law enforcement and surveillance, and more. Cordero's talk focused on how changes to U.S. intelligence law and policy have focused on information sharing within the U.S. Intelligence Community and amongst government entities.

As a result of the recent 2016 election interference by the Russian government, our law and policies need to be updated to facilitate intelligence and national security information being shared with the public at large. Current and future cybersecurity threats and their potential influence on democratic processes lead to the public having a greater expectation of being informed directly about the government’s assessment of national security threats, and our laws, policies, and institutions need to be ready to take on that expectation.

Finally, last week, the Center held its “Hijacking Information” conference. This conference was organized in response to the proliferation of vulnerabilities in software, enabling hackers to access systems and sensitive data stored within them. Vulnerabilities in software are the central reason for the majority of recent data breaches. In the aftermath of these breaches, the public discourse tends to focus on questions of accountability, management of vulnerabilities, and regulation. The purpose of this conference was to discuss emerging attack vectors in cyberspace, as well as the regulatory gaps pertaining to data breaches of the recent years. These two panels explored topics pertaining to vulnerability management, patching, the Internet of Things (and Bodies), and the changing cybersecurity landscape with the emergence of ransomware.

Speakers included Kim Zetter (WIRED), Rebekah Lewis (AU Kogod Cybersecurity Governance Center), Professors Scott Shackelford (Indiana University), Josephine Wolff (Rochester Institute of Technology), Annie Anton (Georgia Tech, School of Computing), and Andrea Matwyshyn (Northeastern Law). Panels were moderated by Professor Scott J. Shapiro ’90 and the Center’s Cyber Fellow Ido Kilovaty.

These events have been co-sponsored with the Information Society Project, and generously funded by the Oscar M. Ruebhausen Fund.