Category: Uncategorized
On July 1, 2021, the original source code for the World Wide Web sold for $5.4 million at a Sotheby’s auction. This was not the actual source code, which is open source and freely available in the public domain, but rather a non-fungible token (NFT) version of the source code. NFTs, a new block chain based asset, have been making waves as everyone — from artists, sports leagues, to exiled whistleblowers and institutional investors — looks to participate in the craze by creating and selling digital assets for millions of dollars. (See also) So, what are NFTs, and what property rights and liabilities do buyers take on with their purchases?
What are Non-Fungible Tokens?
Non-fungible tokens, or NFTs, are unique digital assets stored on blockchain and used to create authenticated digital ownership of a scarce asset. The concept was first introduced by Vitalik Buterin, creator of the fungible crypto currency Ethereum, in December 2012 with “Colored Coins.”
An NFT uses “smart contracts,” which are open-sourced blockchain protocols outlining specific terms and conditions for the transfer of digital ownership. The smart contract is then permanently “minted,” or stored onto a blockchain token (most commonly Ethereum) creating an immutable record of the token’s history, from its creation all the way to its most recent sale. The secure digital storage of ownership records is one of the chief benefits of NFTs as a vehicle for storing wealth, especially compared with similar markets, like art, which are often plagued with authentication problems.
In 2017, the potential for digital assets as a means to store and create wealth was first initiated when CryptoPunks launched the world’s first marketplace for NFT digital art on the Ethereum blockchain. The project’s creators distributed 10,000 different claimable cartoon characters to entice market participants, and the characters were quickly claimed and subsequently traded in a freely formed secondary market.
State of the Market Today
Today, the NFT market is exploding. For example, on August 28, 2021, just four years after launch, CryptoPunks crossed $1 billion in all time sales. Much of this growth has occurred over the past twelve months. During 2020, NFT sales are estimated to have totaled a mere $94.7 million; however, for 2021 NFT sales have sky rocketed all the way to $24.9 billion. Much of this growth occurred in the second half of the year with sales volume growing from a combined $2.1 billion during Q1 and Q2 to a combined $22.3 billion during Q3 and Q4. Despite current volatile equity markets, NFTs continue to remain popular during 2022, with OpenSea, the largest NFT marketplace, announcing a record $5 Billion in transaction volume for the month of January.
Much of the NFT growth has been attributed to increased demand and acceptance for cryptocurrencies, coupled with an increased participation in public consumer trading during the COVID-19 pandemic. The explosive growth has drawn increased media attention, which has further fueled its virtuous cycle. Today, blue-chip companies like Coca-Cola are issuing their own NFTs, while institutional investors and fund advisors like Andressen Horowitz are investing heavily in the NFT marketplace, demonstrating confidence in its continued growth. Accordingly, this formerly fringe product has come under increased legal and regulatory scrutiny.
The scope of transferred property rights with NFTs
The rights acquired by an NFT purchaser vary widely based on how and where the NFT was acquired. In most cases an NFT holder, similar to a purchaser of a physical collectible, is purchasing a non-exclusive license to the underlying intellectual property rights of the asset for a non-commercial purpose. However, unlike a physical collectible, a digital NFT is easily and cheaply created, reproduced, or downloaded. A crucial distinction is that an NFT holder is merely acquiring the rights to the blockchain token imprinted with the intellectual property, and not the underlying intellectual property itself. Furthermore, for many NFTs the blockchain is unable to store the actual underlying digital asset, so what is actually being bought is an imprinted link to the asset. As a result, the underlying copyright only transfers if the copyright’s owner assents to such transfer in writing alongside the transfer of the digital asset.
The totality of the rights associated with the token are defined by the smart contract. Thus, there is a huge importance on the drafting of the smart contract coded into the token during an NFT transaction, which is an element not evinced during a physical collectible sale.
Smart contracts are the coded instructions of the NFT defining the scope and limitations of use. Depending on where the NFT is acquired the license agreement can vary immensely. The NBA Top Shot platform is an example of a proprietary marketplace, meaning the NFTs are created by a single market operator who does not allow third party transactions. For their platform, Top Shot has promulgated an internal standard NFT license agreement. These kinds of agreements stipulate that the buyer receives, “(i) a personal license to use and display the art associated with the NFT, as well as (ii) a commercial license to make merchandise that displays that art associated with the NFT, a license subject to a $100,000 gross revenue per year limit.” Given the market operator is minting all listed products, this concentrates even more control in the market operator and typically transfers the fewest rights to the subsequent owner, as evidenced by Top Shop limiting the ability of future owners to commercialize their purchase.
On the other end of the spectrum is OpenSea, an example of an “open” marketplace that allows anyone to mint and sell NFTs and enables customizable licenses. For example, an NFT of a tungsten cube sold for $200,000 and included the right to touch a physical one-ton tungsten cube stored at Midwest Tungsten Service headquarters once per year. This market offers financial freedom, but also features high risk of fraud due to ease of access, lack of market oversight, and difficulty in tracing actual wallet ownership.
In the middle are curated marketplaces, which require artists to apply to have their items listed by the market operator; however, unlike proprietary marketplaces, any creator can apply to have their NFT listed so long as the NFT conforms with the market operator’s regulations. Approval generally requires the NFT seller to abide by the market’s standard license agreement, similar to the proprietary market.
Regardless of who is dictating the terms, NFT license agreements cover a variety of issues tied to which property rights are being transferred. Typically, this includes many common terms and conditions such as indemnification clauses, buyer and seller rights, and definitions for various duties and obligations amongst others. However, the intrinsic qualities of an NFT also necessitate some atypical clauses such as ownership of platform IP, digital wallet verification, and outlining the commercialization or transfer rights. The most important and heavily scrutinized term of an agreement though is how the agreement handles the ownership of the copyright connected to the token. Thus, understanding the terms contained in these agreements is essential to evaluating and participating in this fast growing and evolving digital marketplace.
The potential for copyright infringement and liability for NFTs
While blockchain can authenticate the transactions, blockchain is unable to inform the buyer if the seller has rights to underlying copyrighted work or is merely selling someone else’s copyrighted work. This is important because section 504 of the Copyright Act holds even an innocent actor who unknowingly violated somebody else’s copyright automatically liable for both actual and statutory infringement damages. Recently, an NFT of Whales produced by a 12 year old programmer was sold for thousands of dollars, only for the images to later be discovered to have been copied directly from another project. Assuming the use constituted infringement (the issue has not yet been litigated), the buyer at a minimum is liable to return the NFT to its rightful owner and handover any profits. Furthermore, if the buyer knew there was a potential infringement and still sold the NFT, the statutory liability could be over a million dollars.
Conclusion
NFT case law is still being developed, with the first cases just now working their way through the legal system. As the market continues to grow, more regulatory agencies, including the SEC, are taking a closer look at security status and potential acts of fraud. However, until the regulatory status is cleared NFTs exist in a caveat emptor market. The onus is on the purchaser to verify the terms of the license agreement they are acquiring, the status of the seller, and the underlying intellectual property. While blockchain makes the verification and authentication process easier, it still has gaps creating additional liability, especially for copyright infringement.
TRIPS Waiver and COVID-19 Policy
As COVID continues to impact nations across the world, policymakers are left trying to facilitate ways to better deal with a global event of this magnitude. Public health concerns forced leaders to re-think current laws and agreements. Intellectual property law is not an outlier. To mitigate some of the effects of the pandemic, some countries have tried to waive certain intellectual property rights for knowledge sharing. In October of 2020, for instance, India and South Africa proposed a TRIPS waiver related to the COVID-19 pandemic, which sparked a global debate around balancing intellectual property rights and managing a global health crisis.
Countries that are members of the WTO have all signed agreements related to trade and intellectual property protection–this agreement is the TRIPS agreement. Governments that have agreed to this TRIPS agreement can bring waivers, such as the one proposed now, in times when they believe the public good may be better served without certain IP protections. The idea is that waiving certain obligations pertaining to either patents related to COVID-19 related inventions or discoveries would allow greater access to COVID-19 vaccines and drugs. India and South Africa’s proposal was amended in May of 2021, with the support of 60 low-income countries. The main amendment was the addition of a clause that limited the waiver to cover a period of three years. The waiver would cover “health products and technologies, including diagnostics, therapeutics, vaccines, medical devices, personal protective equipment, their materials or components, and their methods and means of manufacture for the prevention, treatment, or containment of COVID-19.”
Support for this waiver has expanded to more countries, including China, but notably it did not receive initial backing from the U.S. The U.S. has historically been opposed to such intellectual property waivers. However, on May 5, 2021, the Biden Administration released a statement in support for a TRIPS waiver for COVID-19 vaccines, specifically. It stated, “The Administration believes strongly in intellectual property protections, but in service of ending this pandemic, supports the waiver of those protections for COVID-19 vaccines.”
More than a year after India and South Africa’s initial TRIPS proposal, discussions continue among WTO nations, but no agreement has been reached. Countries like Germany, Switzerland, Norway, and the UK are standing firm in their objections. Though as of January 2022, roughly 10 billion doses of the COVID-19 vaccine have been administered, Our World in Data reports that only 10% of people in low-income countries have received at least one dose.
Would Climate Change Fit Under a TRIPS Waiver?
If a TRIPS waiver cannot be approved for something as global and life-threatening as the COVID-19 pandemic, can a TRIPS waiver ever be approved for something else? In the face of impending climate change, for example, could a TRIPS waiver be effective in the sharing and access of climate technologies, much as a COVID-19 waiver would be effective in sharing technologies related to the pandemic?
Simply put, yes. Climate change could be similarly categorized as a type of disaster that could be noted in a TRIPS waiver proposal to temporarily waive intellectual property rights, specifically patent protections. However, at this point, a TRIPS waiver for climate change has not been formally proposed.
Possibility of Extended TRIPS Waiver to Combat Climate Change
Just as with the COVID-19 pandemic, low-income countries are likely to suffer the most from climate change. Like with COVID-19 relief, knowledge sharing of climate change technologies may be needed and desired. A TRIPS waiver could promote “technology transfer” related to climate change, which in turn could promote access to climate technologies, especially in low-income countries. This sharing of knowledge would ideally lead to developments in climate technology and further access around the world.
However, opponents to TRIPS waivers state that without intellectual property protections, inventors are not sufficiently incentivized to continue to create new technologies. It is argued that stripping away financial incentives would hinder the development of climate technology and that the TRIPS agreement is in place primarily to guard those property rights of patent, copyright, and trademark owners. To secure a TRIPS waiver for climate change technologies, approval would be needed from many different countries. Low-income countries would potentially be more willing to sign on to this type of waiver, as evidenced by their support of the COVID-19 waiver. As has been the case with other proposed waivers, it will potentially be difficult to influence higher-income countries like the United States. Yet, since the Biden administration has supported a limited, temporary COVID-19 waiver, perhaps this administration or future administrations would support similar proposals relating to climate change.
Other high-income countries would need to sign on for the waiver to be effective and lead to knowledge sharing. As James Bacchus emphasizes in his report for a WTO climate waiver, being able to secure such a waiver will fall on the political persuasion of countries who hold the most power. It will take the persuasion of these countries in convincing the WTO that this type of waiver is necessary to battle the potential destruction of climate change. Drafting a climate change waiver and waiving certain intellectual property rights temporarily to create knowledge sharing of climate technologies would be the easy part of this venture. Getting the necessary support from countries who have the most power would be much harder.
Alternate Routes of Knowledge Sharing
A TRIPS waiver could allow access to intellectual property, specifically patents, within a timeframe normally unachievable under the current intellectual property regime. But is there another way to increase knowledge sharing, without relying on a TRIPS waiver being passed?
One alternative may be patent pools. The creation of patent pools has improved access to public health when intellectual property laws may have previously limited knowledge sharing. Patent pools are agreements between patent owners and/or third parties, to license a patent for others to use, create, or make. They work by allowing patent holders to license their patents to a shared pool. Then, manufacturers, developers, and other inventors that are part of this pool can use the rights to make the patented invention at lower costs. The patent holder gets royalties from what is sold, therefore allowing them to still benefit from their work. The Medicines Patent Pool, for example, operates to increase access to HIV treatments. It continues to create lower-cost drugs for those living with HIV/AIDS.
Applying the same idea, a patent pool could be created for climate change related technologies. The benefit of a patent pool is that it would not need broad approval from countries in the WTO, like a TRIPS waiver would need. A patent pool for climate change technologies would instead rely on the licensing of technology from patent holders themselves. Once the patent pool has patents that can be used, manufacturers can start to make and sell these inventions at lower costs, which would hopefully provide more access. The downside to a patent pool solution is that, though licensing patent holders would collect royalties, to make the pool work, all participants would need to agree on the licensing details. This would require that patent holders independently make the decision to share knowledge on their own and then agree with the other patent holders in the group. Without buy in from governments, the patent pool system relies on the goodwill and good faith of individual patent owners.
Conclusion
Ultimately, it would likely be difficult to set in place a TRIPS waiver for climate change technologies, even though such a waiver can be highly effective in promoting knowledge sharing. As a TRIPS waiver has not yet been available for COVID-19 related relief, trying to obtain buy in for a potential crisis that may be slower-paced than COVID-19, like climate change, would be challenging. However, without waiting for sign on from every country, effective knowledge sharing can still take place by adopting alternative plans like patent pools. Because patent owners would still receive royalties and be able to opt-in on their own accord, patent pools may be a particularly effective way to promote the sharing of climate change technologies.
Madeline Thompson is a second year law student at Northwestern Pritzker School of Law.
Gambling, in one way or another, has been part of American life for centuries—early colonists participated in activities such as lotteries, betting on cock fights, and other games of chance. Throughout our history, gambling has remained a source of moral debate. On one hand, it is argued that Americans should be free to use their money how they see fit, and gambling typically consists of ‘harmless’ games. On the other, gambling can become a crippling addiction that leads many to economic hardship and is often tied to corruption and crime. This tension has resulted in a complex regulatory relationship between the government and the gambling industry. Nevertheless, gambling has only grown in popularity over the years and is now a massive industry that generated over 40 billion dollars in revenue in 2019 alone. The United States is now facing even more regulatory complexity as the rise of the internet and cryptocurrencies has rendered the existing regulations largely ineffective.
Throughout American history, regulating gambling has largely been the responsibility of each state. The federal government has taken a back seat role and typically gets involved only to supplement and support state law in the face of interstate gambling.
As with many aspects of modern life, the rise of the internet has quickly and drastically changed the gambling landscape. Online gambling sites began cropping up in the 90s, and people who lived in states where gambling was illegal were suddenly able to sign up online and make bets from anywhere. Even people in states where gambling was legal took advantage of the convenience of online gambling.
Many of these gambling sites were hosted abroad, resulting in the shift of a large portion of potential gambling revenue to offshore operations. Further, these online gambling hubs lacked any regulation and were much more likely to rig odds in their own favor or participate in money laundering schemes.
Finally, in 2006, the federal government deemed it necessary to take a more active role in regulating online gambling and passed The Unlawful Internet Gambling Enforcement Act (UIGEA). The UIGEA did not go so far as to outlaw online gambling. In fact, it didn’t impose any liability on individual online gamblers and included a clarification in its purpose section that emphasized that the Act should not be construed as “altering, limiting, or extending any Federal or State law . . . prohibiting, permitting, or regulating gambling within the United States.” Instead, the Act prohibited businesses from accepting payments from people engaging in any form of illegal online gambling. The main provision reads: “No person engaged in the business of betting or wagering may knowingly accept [any form of payment], in connection with the participation of another person in unlawful Internet gambling.”
In effect, the Act put online gambling purveyors that accept payments from players in the United States in violation of the law unless they are directly authorized by a state and acting in accordance with that state’s laws and all bets or wagers are initiated and received within that singular state. It also prohibited financial institutions from processing any gambling payments.
Naturally, many online gambling sites stopped allowing players in the United States from gambling on their websites to comply with the law. But of course, some online gambling sites remained in operation. Online poker sites, for example, hoped that the vague language of the UIGEA did not cover poker, since poker can be characterized as a game of skill rather than of chance.
In 2011, though, the Department of Justice exercised its first major enforcement of the UIGEA and shut down these online poker sites, while at the same time freezing millions of players’ accounts, many of which held enormous sums of money. Mass chaos ensued. Avid online poker players refer to the date of the shut down as “Black Friday,” and as a result, ‘illegal’ online gambling largely tapered off for several years.
Currently, online gambling is legal in six states: New Jersey, Connecticut, Delaware, Michigan, Pennsylvania, and West Virginia. Gamblers in these states can access and legally gamble on a small selection of state-authorized casino websites. These states have seen massive benefits from the legalization of online gambling. New Jersey, for instance, has generated over $600 million dollars in tax revenue since it first authorized online casinos in 2013.
However, those located in the remaining 44 states where online gambling is illegal were largely out of luck. Recently though, thanks to the rise of individual VPN use and cryptocurrencies, online gambling has had a huge resurgence. But of course, with this resurgence comes new legal implications and gray areas.
VPNs
A Virtual Private Network (VPN) is a service that allows you to encrypt your data and mask your computer’s IP address when you surf the web. It does so by connecting you to the internet via a secured private server, rather than through your own internet service provider. When using the internet through a VPN, websites you visit do not know your IP address, which normally connects your location and identity to your online activity. Instead, sites only know the IP address of the VPN. VPNs themselves are legal and a valuable way to use the internet while also protecting your personal data. But they also give people the freedom to do things they wouldn’t, or couldn’t, do if their activity were tied to their personal IP address.
American online gamblers have taken to using VPNs located in more gambling friendly countries in order to circumvent online casinos’ bans on American users. However, most of these sites ultimately require users to provide personal information in order to validate users’ identities prior to allowing them to deposit and withdraw funds. This validation step effectively filters out most American online gambling attempts. That is, until the rise of cryptocurrencies.
Cryptocurrencies
On a basic level, cryptocurrency is a type of digital money that is encrypted and decentralized. Cryptocurrencies allow users to anonymously participate in transactions without the help of a traditional bank or financial institution. Over the past few years, as cryptocurrencies have gained major traction, online casinos have kept up with the trend and many now accept cryptocurrencies. Some casinos have even cropped up that run exclusively on cryptocurrencies. The anonymous nature of using a cryptocurrency has made it possible for virtually any American, especially if they are masking their IP address with a foreign-based VPN, to gamble online at offshore online casinos that accept cryptocurrency. And not only are they able to do so, but it is virtually risk free.
Looking Ahead
Since the UIGEA didn’t criminalize the act of online gambling for players, there is currently no federal legal risk for those who choose to skirt location restrictions and gamble on sites that technically are not allowed to operate in the United States. And while some states have laws that make it a misdemeanor to participate in unauthorized gambling, these laws are seldomly enforced and rarely specify the rules surrounding online gambling in particular.
The online “crypto casinos” themselves also face little risk. First, it is not yet established whether cryptocurrencies fall under the definition of ‘payments’ set forth in the UIGEA. And second, cryptocurrencies make it much harder, if not impossible, to trace the physical location origins of payments. Therefore, it is much harder to pin any misconduct on crypto casinos.
Online gambling has recently become even more widespread and has reached younger audiences it otherwise may not have via live streaming on sites such as Twitch. Popular online personalities and influencers have developed a new niche in which they live stream themselves online gambling, most often playing slots, and often for hours on end. Thousands of people tune in to watch them win, or squander away, incredibly large amounts of money. These influencers also often share incentives or bonuses for their viewers to sign up with these online casinos, which opens another can of legal worms given it is unclear whether the streamers are gambling with their own money or have the odds rigged in their favor to draw in more customers. This is on top of the fact that they are influencing people to partake in a legally ambiguous activity (and often they are influencing children to gamble, which is certainly illegal).
There are no signs of the online gambling fad slowing, which leaves the United States in murky waters with respect to the legal and policy implications it raises. Some have suggested that criminalizing the act of online gambling is the only viable solution. Others argue that the UIGEA should be repealed and that online gambling should be legalized and further regulated to make it safer and more fair for American residents, as well as to generate tax revenue. The government will likely need to determine a course of action sooner rather than later to combat the undoubted consequences of unchecked online gambling.
Mari Earhart-Price is a second-year law student at Northwestern Pritzker School of Law.
The Development of Artificial Intelligence
Today, Artificial Intelligence (AI) has developed into deep learning. Deep learning is the ability of an AI system not only to learn but also to independently make decisions without human intervention. With the development of deep learning, services that automatically compose music or draw a picture are appearing. For example, Google’s experimental “Auto Draw” tool uses deep learning algorithms to suggest complete drawings as users roughly sketch out their ideas. With the development of these types of AI services, there are copyright issues relating to both the inputs and outputs of such systems.
These services are still in the early stages, but as these services develop, they have the potential to produce results of commercial value. Therefore, their development may produce copyright issues. This post will (i) explain some copyright issues that may arise in relation to such deep learning services in two main categories and (ii) introduce the current situations in the U.S., South Korea, and Japan.
Deep Learning and Copyright
There are two major copyright issues related to services using deep learning. The first issue concerns the use of third-party data that is necessary for the learning process of a deep learning system. In general, copyright law requires permission from the rights holders for all such data. However, in many cases, it is practically impossible to obtain consent for all of the data that deep learning services use.
The second issue relates to the rights of AI-generated works. If contracts or legal documents created by AI have commercial value, then who owns the copyright of those works? In such situations, there is the possibility of a dispute between the AI service provider and the user using that service over the rights to any profit generated.
The current state of the law in the U.S., South Korea and Japan
A. United States
The first issue, permissive use, is whether using training data constitute unauthorized reproduction, thereby giving rise to copyright infringement liability. Circuit courts are divided on this issue.[i] However, even if infringement occurs during machine learning, training AI with copyrighted works would likely be excused by the ‘fair use’ doctrine.[ii] For example, in Authors Guild v. Google, Inc.[iii], Google had scanned digital copies of books and established a publicly available search function. The plaintiffs alleged that this constituted infringement of copyrights. The Second Circuit held that Google’s works were non-infringing fair uses because the purpose of the copying was highly transformative, the public display of text was limited, and the revelations did not provide a significant market substitute for the protected aspects of the originals. The court also said that a profit motivation in and of itself did not justify denial of fair use.
On the ownership issue, it is not clear whether the U.S. Copyright Act itself explicitly requires the author of a creative work to be human. However, the U.S. Copyright Office, by publishing “The Compendium II of Copyright Practices,” went beyond the statutory text in requiring that an author be human in order for the work to be eligible for copyright protection.[iv] And in Naruto v. Slater[v], Naruto, a crested macaque monkey, took several self-portrait photographs with photographer’s unattended camera. The Ninth Circuit dismissed the copyright claims brought by Naruto’s representative PETA.
B. South Korea
Currently, regarding permissive use, there are no regulations relating to AI learning data in the Copyright Act of South Korea. Therefore, when copyright-protected materials are used as AI learning data under the current law, that use may conceivably be judged as copyright infringement. However, Article 35-3(1) of South Korean law states that “… where a person does not unreasonably prejudice an author’s legitimate interest without conflicting with the normal exploitation of works, he/she may use such works.” In other words, the fair use doctrine is also possible under South Korean law, and there is a possibility that this provision will apply to AI learning.
Thus, with no legal provisions in place and with no relevant precedent cases, this legal uncertainty acts as an obstacle to the use of data in AI learning in South Korea. However, the South Korean Ministry of Culture, Sports and Tourism is working on a revision of the Copyright Act to include a clause that does not require consent of the copyright holder to the extent that the material is used for AI learning and big data analyses. The revised Act was proposed in Korean National Assembly on January 15th 2021, and the procedure is currently underway.
Regarding the ownership issue, the Copyright Act of South Korea defines the term “work” to mean “a creative production that expresses human thoughts and emotions” in Article 2(1), and “author” to mean “a person who creates a ‘work’” in Article 2(2). As such, unless the current law is amended, only humans can be the authors of creative endeavors. Therefore, AI-generated works are not protected by the current law.
However, South Korea may also see progress on this front. The Presidential Council on Intellectual Property formed the AI-Intellectual Property Special Expert Committee in June of 2020 to establish a pan-government AI policy. This committee will discuss a variety of policy issues, such as 1) whether AI should be recognized as an author, 2) whether the works created by AI should be protected to the same level as those by humans, and 3) who owns the work created by AI.
C. Japan
Japan has already solved the problem of permissive use through legislation. Japan revised related regulations through the revision of the Copyright Act on May 25, 2018. According to Article 30-4 of the new Copyright Act, it is permissible to exploit a work as necessary if it is used in data analysis. As a result, there are no restrictions on the subject, purpose, and method of data analysis, and there is no obligation to compensate the copyright holder. It is now also permitted to provide learning data in cooperation with multiple corporations.
Regarding ownership, under Japan’s Copyright Act Article 2(1), a copyright-protected work is defined as a creation expressing “human thoughts and emotions.” Thus, it appears difficult for AI to become the author of its own creations under the current law. To address this, the “Intellectual Property Strategy Headquarters” of the Prime Minister’s Office has suggested specific policies for AI copyright policy in its “Intellectual Property Promotion Plan 2016.” Specifically, this plan says that in order to promote AI creation, incentives to those involved in AI creation must be guaranteed. Thus, it is necessary to recognize the copyright of AI creations as well. However, the policy also stated that granting IP protection to all AI-created works may be subject to excessive protection. Thus, it is necessary to limit the content and scope of recognition of rights in consideration of the need for such protection.
Conclusions and Final Thoughts
Regarding the permissive use issue, unlike the U.S. and Japan, South Korea still has legal uncertainty. In South Korea, more specific legal provisions are required for using copyright-protected works as learning data for AI as a fair use. If the Copyright Act is amended, this problem can be resolved. Thus, it is necessary to watch for future progress.
In terms of the ownership issue, each of these countries currently has a problem in that the author of copyright must be human. Therefore, it is necessary to amend the copyright law for attribution of the rights of AI-generated works. However, a more detailed and careful discussion on who precisely will hold that copyright, is still needed.
Seung Hoon Park is a third-year law student at Northwestern Pritzker School of Law.
[i] Jessica L. Gillotte, COPYRIGHT INFRINGEMENT IN AI-GENERATED ARTWORKS, 53 U.C. Davis L. Rev. 2655, 2674-76 (2020).
[ii] Id. at 2659.
[iii] Authors Guild v. Google, Inc., 804 F.3d 202 (2d Cir. 2015).
[iv] Shlomit Yanisky-Ravid, Generating Rembrandt: Artificial Intelligence, Copyright, and Accountability in the 3A Era — The Human-Like Authors Are Already Here — A New Model, 2017 MICH. ST. L. REV. 659, 718-19 (2017).
[v] Naruto v. Slater, 888 F.3d 418 (9th Cir. 2018).
To clients, legal billing can seem “like a black box.” Many clients worry about lawyers overstating their billable hours (“bill padding”) or charging exorbitant hourly rates. By using data analytics to optimize legal billing (“data-driven billing”), law firms can stand out from their competitors and win more business.
1 – Problems that Exist in Legal Billing
Bill Padding
There is cause for concern that legal costs are inflated. Bill padding is partially caused by high billable hours targets. As of 2016, the average associate was required to log 1,892 billable hours per year. These targets “virtually assure[] that some clients will be overbilled.” The economic model that governs law firm billing incentivizes firms to assess lawyers based entirely “upon the ability to generate revenue through the billable hour.” This type of assessment pressures lawyers to bill as many hours as possible. “[P]erceived billing expectations” have led at least some lawyers to inflate their logged billable hours. This sort of fraudulent billing makes law firms look bad and frustrates their clients.
The Cost of a Billable Hour
Despite concerns that billing by the hour may incentivize lawyers to be inefficient, law firms remain “wedded to the billable hour” because of the difficulty in estimating how much time legal work will take. Some firms set prices using cost-based, competition-based, or value-based pricing. Law firms also consider the firm’s expertise in the subject, market rates in the jurisdiction, the type of matter, and the type of client when setting prices. In general, the pricing strategy for many law firms is not data-driven. This lack of optimization suggests that current market prices are likely inflated. The opaqueness of legal billing practices leads to clients dreading the results.
2 – How Data-Driven Billing Can Help
Data-driven billing can help detect bill padding and intelligently set the price of billable hours. Billing software can identify bill padding through “scrutiniz[ing] bills to see irregularities and billing guideline violations” by comparing billable hour submissions against budgets and industry-wide data. Law firms can use pricing analytics to set pricing that will maximize the chance of getting not just a new client but also a profitable one. Using data analytics to minimize bill padding and intelligently set pricing allows law firms to differentiate themselves from competitors and maximize their profitability. “Pricing analytics is a huge untapped opportunity” for law firms. Although clients do not base their decisions purely on price, using data analytics to be an industry leader in pricing can help a law firm stand out in a competitive legal market.
The use of data analytics to analyze legal billing has grown rapidly. In 2014, auditing legal fees was identified as a growth industry. Since then, legal departments have expanded their use of data-driven billing and “have grown increasingly comfortable asking for and analyzing billing-related data.” There are now a large number of private companies that offer data-driven billing software, such as:
- Consilio offers its Sky Analytics software to analyze law firm invoice data to give legal departments cost-savings recommendations.
- Legal Decoder offers its Compliance Engine and Pricing Engine to help firms accurately price legal services to review billable hours and help determine future pricing.
- Lex Machina offers its Legal Analytics service which helps law firms analyze case timing, understand damage exposure, and assess parties’ track records to set competitive pricing.
- Quovant offers its LegalBill spend management tool to help analyze legal spend information.
- Time by Ping offers its automated timekeeping software for lawyers that allows law firms to provide value-based pricing.
3 – How Data-Driven Billing Works
Most data-driven billing software expands upon the Uniform Task-Based Management System (“UTBMS”) legal billing codes used to log billable hours. UTBMS codes were introduced by the American Bar Association in the mid-1990’s to standardize billing practices. While UTBMS codes “brought some clarity” to billing, the codes suffer “significant limitations” because of how broad they are. Legal billing data analytics software can use natural language processing, a form of artificial intelligence, to analyze the text descriptions accompanying time logs to determine exactly what a lawyer was doing and classify it more precisely than the default UTBMS codes can. The analytics software can then compare those classifications against historical data from the law firm and legal industry as a whole to flag potential bill padding. It will also help law firms efficiently price their services by providing them with historical billing data to use when determining pricing. This sort of data-driven pricing could become more important going forward if more law firms begin providing fixed-price quotes to clients instead of using billable hours to determine fees.
To learn more about how data-driven billing works, I spoke with Joe Tiano, the founder and chief executive officer of Legal Decoder. He explained that Legal Decoder uses proprietary natural language processing to analyze billing records and determine what a lawyer did at a more precise level. Legal Decoder has developed a set of proprietary billing categories that are more precise than the standard UTBMS codes. For example, a UTBMS code may indicate that a lawyer was working on a discovery matter, but it will not say whether it was a discovery motion, a deposition, or a motion to compel.
In the process of classifying each billable hour, Legal Decoder’s Compliance Engine looks for three types of problems with legal billing. First, it examines staffing efficiency, which asks whether the most competent and lowest cost lawyer was assigned to a task. For example, the software can detect if a firm is having a partner work on an task that an associate could handle. Second, it examines workflow efficiency, which asks whether a lawyer’s work is redundant or inefficient. Third, it examines billing hygiene, which ensures that the billable hour entries accurately record the time spent on a task.
After Legal Decoder’s proprietary software drills down to precisely classify each billable hour, it then analyzes how long each assignment took. Using historical data from industry-wide benchmarks, Legal Decoder’s Pricing Engine estimates how long each task should take and analyzes whether each matter was handled efficiently. Joe explained that although there can be variance in how long each task will take, the software can, for the most part, effectively estimate how long a task should take. Legal Decoder then presents the results from its Pricing and Compliance Engines in intuitive Tableau dashboards for its clients to analyze.
The following screenshots of the Legal Decoder dashboard were provided courtesy of Joe Tiano. All data displayed in the screenshots are from bankruptcy data and are in the public domain. © 2019 Legal Decoder, Inc. All rights reserved.
4 – How Increased Implementation of Data-Driven Billing Will Impact the Legal Industry
While describing how Legal Decoder’s software works, Joe explained that law firms are sitting on treasure troves of data that they are currently not leveraging. The success of companies like Legal Decoder demonstrates how valuable data-driven billing can be. The continued expansion of applying data analytics to legal billing will likely lead to several changes in the legal industry.
Data-Driven Billing Makes Law Firms More Attractive and Increases Predictability
It may seem like data-driven billing benefits clients and harms law firms by giving clients leverage to negotiate better pricing. Joe pushed back on that idea by explaining that through data-driven billing, law firms can increase their realization rate, which measures the difference between the amount of billable hours logged and what percentage of that time is ultimately paid for by the client. According to Joe’s previous research, as of 2016 roughly $60 billion in billable hours are lost due to the 83% net realization rate across the legal industry. Cost-conscious clients have increasingly begun to push back against what they perceive as inflated bills. In 2015, 68% of law departments received discounted fees by negotiating billing with outside counsel. Inside counsel for clients view receiving a discount as a way to flaunt their efficiency to their chief financial officer. Joe has previously written that by using data analytics to analyze legal billing, law firms can “operate more efficiently (and more profitably) with greater client attraction, retention, and satisfaction.” Put another way, by using data-driven billing, law firms can differentiate themselves from competitors and thus win more business.
Data Analytics Can Affect Partnership Decisions
Data-driven billing gives law firms another way to assess potential partners. Joe explained some of his clients use Legal Decoder’s software to analyze the work of potential partners. Without Legal Decoder’s software, law firms would evaluate an associate based on their total billable hours and overall feedback. Legal Decoder’s software lets law firms drill down into an associate’s billable hours and look for potential issues that would otherwise go unnoticed.
Pricing Will Become a More Important Differentiator in a Post-Covid Market
Most lawyers want to continue working remotely, even when it is safe to return to offices again. Working remotely could allow lawyers to live in lower cost of living areas, allowing firms to pay lower salaries for these lawyers. Law firms are reconsidering their expensive office leases and may look to downsize their square footage in the future. Paying for less office space could lead to law firms lowering their fixed costs. Clients are “smarter than ever before” and have exerted “a continual downward pressure on fees.” All of these trends indicate that pricing will be a more important differentiator between law firms than ever before. Data-driven billing can help a firm stand out by intelligently pricing its services.
Kyle Stenseth is a second-year law student at Northwestern Pritzker School of Law.
Underlying the U.S. and global patent systems is the belief that granting a limited monopoly will incentivize innovation. Although climate change comes to mind as a particularly controversial topic, according to PEW Research, six in ten Americans and majorities in other surveyed countries see climate change as a major threat. Patent filings seemed to reflect that concern as climate change mitigation technology patents more than doubled between 2005 and 2012. However, beginning in 2012, patent filings for climate change mitigation technologies plummeted— down 44% for carbon capture and storage and 29% for clean energy patents. Why, in a world of increased awareness and acceptance of climate change, did the U.S. and global patent systems fail to deliver on the promise that patents were enough to incentivize innovation?
There are several potential explanations for the green tech patent drop-off. From a technological perspective, there is some evidence that green tech matured quickly and capped, leaving room only for improvement patents. From a policy perspective, many have argued that continued fossil fuel and carbon subsidies, along with the lack of a carbon pricing system, have disincentivized green energy and made it more difficult to compete. From a global market perspective, did the U.S. and China trade war for independence and dominance over the $300B semiconductor market detract from China, which was the largest patentor of green tech, filing patents in the biotech, chemical, and green tech sectors? What is the solution to reversing the green tech patent drop off? From a legal and patent perspective, I argue that the U.S. and global patent systems need to provide fast-tracking for green tech patent applications and reduced standards.
Patent Filings for Climate Change Mitigation Technology Plummeted
As the United States and the rest of the world moved toward embracing technology to remove and reduce carbon emissions, the innovation theorists appeared correct. Worldwide patent filings for climate change mitigation technologies more than doubled between 2005 and 2012. During that period, the growth in the green tech sector was increasing at a faster rate than other technologies. But while technologies in the health, engineering, and information and communication fields continued on their normal trajectories, in 2012 green tech did what few could have anticipated: it defied the innovation push and plummeted. For conservationists and technologists alike, this unexpected nosedive came in the form of a reduction by 44% for carbon capture and storage and 29% for clean energy patents. Only a few related fields avoided this trend: patents that enable power system integration of climate change mitigation and patents for regulated maritime and air vessels.
Possible Causes for the Green Tech Patent Drop-Off
Old technologies are constantly being replaced by new technologies, but in a field that was already heavily digitized (40%) and therefore not needing to be retrofitted, green technology certainly did not appear to be on the verge of a swift exit. There are, however, particular reasons for why green technology patents dropped off.
Technology Perspective: Green Tech Matured and Capped Quickly
First, some energy and economic reports noted that some green technology was uniquely susceptible to maturing and capping earlier in the innovation phase. However, the International Energy Agency surveyed 400 technologies to model commercial readiness and reported the opposite: by 2070, still less than 25% of “key technologies the energy sector needs to reach net-zero emissions” will reach maturity, 41% will be in the early adoption stage, 17% in the demonstration stage, and 17% in the prototype stage. In particular, electricity infrastructure and electrification of heavy industry remain the furthest from zero-carbon maturity.
Policy Perspective: Green Tech Struggling to Compete with Well-Funded Oil and Gas Industries
A second possible cause for the green technology patent drop-off is that less subsidized renewable technologies struggled to compete against heavily funded fossil fuel industries. A nascent and unsubsidized industry that is not yet commercially viable has a much greater likelihood of extinction compared to subsidized industries that are well-established and commercialized. The U.S. Congressional Research Service reported that between 2009 and 2018, renewables received 19% of research and development funding while fossil energy received 21%. However, both are dwarfed by the $100 billion in subsidies or 29% of the R&D funding that nuclear energy received in that same time period. Nonetheless, the relatively similar percentage of R&D funding of renewables and fossil energy may be misleading, at least according to the International Energy Agency, which notes that despite increased urgency, low-carbon energy R&D is actually “below the levels in the 1980s[.]”
Market Perspective: China, the leader in Green Tech Patent Filings, Shifting R&D to Win Semiconductor Trade War with U.S.
A third possible cause for the green technology patent drop-off is less the result of internal U.S. policies, and more the result of external China-U.S. foreign relations. Between 2000-2011, China was leading the global growth in environmentally-related patents with a more than 1,040% increase in applications according to the OECD. Thus, any shifts away from green R&D and patenting would likely be significant. When both the United States and China began to engage in a trade war for greater control over the semiconductor industry, which is the most intensive R&D industry, China doubled down on its plan to invest $118 billion over five years into semiconductors. This US-China trade war may partly explain why China shifted political energy and funding away from green technology and into semiconductors.
Regardless of the initial cause of the shift away from green technology, unlike the U.S., China appears to be on the rebound. Specifically, in 2018-2019, UK commercial law firm EMW reported that China filed 81% of the world’s renewable energy patents, a 28% increase from the year before, compared to the United States, which filed 8% of the world’s renewable energy patents. Additionally, there are some in the semiconductor industry who believe semiconductors can actually play a constructive role in fighting climate change.
How Fast-Tracking Patent Applications for Climate Change Mitigation Technology is the Fastest Way to Reverse This Trend
In order for the U.S. to reverse the trend away from needed and important patent applications for climate change mitigation technology, the U.S. should begin by restarting the Green Technology Pilot Program that it once championed to fast-track these technologies. Before the program ended on March 30, 2012, the USPTO accorded special status to 3,500 applications related to environmental quality, energy conservation, renewable energy development, and greenhouse gas emission reductions. These accelerated examination programs allowed patentees to receive a final disposition within about 12 months. Despite the seemingly premature ending, there remain significant and promising technological inventions that have yet to be widely patented or enabled, including patents in relation to grids, batteries, and carbon capture technology. Because patents are an essential tool to combat climate change, the USPTO and the federal government should actively consider expanding and improving the fast-track process.
The Consequences of Not Fast-Tracking Patent Applications for Climate Change Mitigation Technology Are Dire
According to 98% of climate scientists, the warnings have not been heeded. Much has been discussed about the rapidly deteriorating state of icebergs at the polar caps, and of shifting weather patterns that would result in increased drought, starvation, human migration, and conflict. More innovation and thus more innovators are needed to respond to this growing threat. Innovation needs to be re-injected into green technology: the world does not yet have a fully zero-emission fleet of vehicles; homes are not being constructed with materials that are resilient to increased extreme weather events; it will take years to commercialize fungi to break down plastic; it will take a decade for the alternative meat industry to capture 10% of the market; and it will take until 2040 for the Ocean Cleanup’s proprietary system to clean the Great Pacific Garbage Patch. If the U.S. and the world continue to ignore extreme shifts in climate, green innovators risk losing what traction they have. That is a loss we will all share.
Conclusion
Climate change is a critical problem that requires a solution, but the traditional solution–the patent system–stopped delivering on its essential promise to drive innovation. Beginning in 2012, while climate change awareness and acceptance grew, research and development sputtered. Fewer patents followed, down 44% for carbon capture and storage and 29% for clean energy patents. Various causes may underlie this problem, including some technological limitations, policy prioritization of fossil fuel and nuclear energy, and competing R&D concerns like the semiconductor trade-war. Nonetheless and regardless of the cause, the green technology patent drop-off has gone unnoticed and uncorrected for too long. Here in the U.S., the USPTO and the federal government have an important role to play in finding ways to get the patent system back on track. Fast-tracking green technology patent applications is the best way to accomplish this because time is what the green sector does not have enough of.
Melissa Hurtado is a second-year law student at Northwestern Pritzker School of Law.
A Primer on Training Sets and Machine Learning.
Merging computer processing and the practice of transactional law is a concept that has been around longer than you might think. Technologies for automating contract management and drafting tasks existed as early as the 1970’s, and consumer-facing software for automating tasks like incorporation and estate-planning have been a fixture in the legal service market for well over a decade. Both the number and the utility of legal technology innovations used in contracting are growing exponentially, and much of that growth is being driven by machine learning technology.
Machine learning is a form of artificial intelligence in which computer algorithms are utilized in a way such that the software “learns” and improves performance on its own. Training sets are the initial samples presented to the software, and for the purposes of AI contracting, training sets take the form of documents – contracts, forms, filings, etc., provided to the software. The quantity of data included in a training set can affect both the software’s ability to produce new outputs and the accuracy of those outputs. In other words, the more contracts fed to machine learning software, the better it can learn to discover patterns in order to manage and classify contracts, analyze qualities such as risk, suggest changes, or even predict operative results from contract drafts. The more complex and variable the contract-related output to be produced by the software is, the larger the training set required in order for the software to function accurately.
The quality of data included in the training set also affects the software’s ability to perform its purpose. The term “Garbage in, garbage out” describes the concept that the overall quality of the training set used to develop a software’s learning capability will affect both its ability to accurately analyze problems and the overall quality of its outputs. Even setting aside judgments on the quality of the inputs, form and content of outputs will often mirror the inputs, especially when dealing with textual data. In short, the value of contracting software will depend on the quality (including context and similarity) and quantity of training set data.
Issues with Contract Language.
The momentum for another fascinating shift in contract drafting is building alongside the proliferation of artificial intelligence – a push for simplifying contract language. Legal tech companies are investing in adapting Natural Language Processing (NLP) techniques to more easily code legalese and convoluted sentence structures commonly found in legal contracts. LawGeex, for instance, developed algorithms that can comprehend unfamiliar legalese, and the company’s product can perform contract review tasks more accurately than human lawyers. The need for this interpretation creates barriers for companies that are not as well-funded or do not have the ability to implement the multi-year lead time required to train such systems.
While technical contract language alone presents issues for training set availability, interpreting complex legal language is not just an issue for software and machines. The digitalization of consumer-facing contracts has fueled a demand for simpler, more natural language used in the day-to-day lives of customers. There is growing support for reducing the complexity of overall drafting language and contracting organizations like World Commerce and Contracting have already issued guidance for implementing this shift. Ironically, this trend presents potential future issues for software built on current training sets that include convoluted language. As Professors Daniel W. Linna Jr. and Helena Haapio put it, “[W]e have a disconnect between people developing AI for contracting and people working to improve contracting through simplification and redesign.” This disconnect impacts the quality of training sets as we might soon face a situation where the expectations of legal language that impact how companies train software do not match society’s expectations of contract language.
Issues with Availability and Quality of Contracts.
The availability of contracts on which to train software is important for any developers of new AI contracting software because machine learning processes can learn more from larger training sets. The issue of availability is a simple one: the vast majority of contracts are not public documents. Additionally, public databases that do exist, such as the SEC’s EDGAR database, relate mostly to specific practices and types of contracting parties. Still, LexPredict, Bloomberg and Contract Standards are among the many legal tech providers who utilize public databases to account for at least part of their training sets. Public filings are included in databases for reasons of disclosure rather thanfor their intrinsic value or paradigmatic drafting, and their use for training set data presents issues of quality.
Also problematic is the fact that public filings often represent only an end product. Especially for emerging predictive applications of AI contracting, AI needs to, first, learn which contract provisions are standard in order to create baseline precedent documents that can be customized and, second, gather information about specific situations and conditions in which specific, non-standard customizations are to be applied. The emphases on both disclosure over process and the end product create a paradox where outcomes are transparent but process is opaque, creating yet another potential difficulty in utilizing public documents for training purposes.
Issues for Specific Practices and Contract Types.
There are both quality and quantity (availability) issues that affect the supply of satisfactory training sets for particular types of contracts. As previously stated, legal tech companies pre-train their software with large, often public, data sets. Software often will not properly recognize unfamiliar terms and contracts that are not part of the existing set, and so the software will not be useful for more niche or particularly complex contracts. Additionally, when developing newer predictive contracting technology, it will be difficult to train models to accurately predict outputs for circumstances which occur infrequently, such as “bet the company” situations. Finally, legal market conditions that arise within particular practice areas might present unique roadblocks to innovation, leading to less generation of training sets. In his paper on the inefficiency of precedent selection in the M&A field, Professor Robert Anderson IV notes that pressure to standardize agreements often comes from the client side, and firms are less likely to invest in standardizing deal documentation via technology in matters like bankruptcy or acquisitions where clients are unlikely to be repeat players. He also notes that a particularly small number of firms dominate the M&A field, and reputational barriers may exclude new and innovative firms from entering the marketplace and leveraging technology to challenge the status quo.
Conclusion and Beyond.
This post briefly surveys a few contract-specific issues that might limit the quality and availability of training sets for AI contract drafting, but there are undoubtedly many more. In addition to technological issues, other issues relate to the way law firms, other legal service providers, and clients behave. In a future post, I hope to survey more of these, along with a couple of proposed solutions for issues with training sets for AI contracting. Suggested solutions include affording greater IP protection to contracts and sharing contract management resources among firms. These solutions, if implemented, may in turn pose new issues, such as ones involving cost-sharing and privacy concerns. AI contracting, following the path of machine learning in a more general sense, is a rapidly advancing technology, and new issues with its implementation will likely continue to arise.
Zach Frankel is a second-year law student at Northwestern Pritzker School of Law.
Introduction
The COVID-19 pandemic has accelerated the introduction of online learning platforms to elementary and secondary schools across the United States. In many ways, online learning—via Zoom, for example–has presented younger students the opportunity to continue their education during a time when they’re not able to be physically present in a classroom, but online learning has also presented privacy concerns to these students that school districts and parents must grapple with. Virtual education has historically not been offered to younger students, meaning that this is new territory for school districts and parents alike. This post will focus on one major online learning platform, Zoom, and evaluate how it is complying with federal law in this new era of online learning.
Statutory Discussion
This discussion implicates two federal privacy laws. The first is the Children’s Online Privacy Act (“COPPA,” 15 U.S.C. §§ 6501-6505), which was passed in 1998 to “prohibit[] unfair or deceptive acts or practices in connection with the collection, use, and/or disclosure of personal information from and about children on the internet.” Among other things, COPPA requires operators of web sites or online services directed at children
• to provide notice on their web sites of the information it collects from children, how it uses the information, and its disclosure practices;
• to obtain verifiable parental consent prior to any collection, use, and/or disclosure of personal information from children;
• to provide a reasonable means for parents to review the personal information collected from their children and to refuse to permit its further use or maintenance; and,
• to establish and maintain reasonable procedures to protect the confidentiality, security, and integrity of personal information collected from children.
The second implicated law is the Family Educational and Privacy Rights Act (“FERPA,” 20 U.S.C. § 1232g), which gives parents of children under the age of 18 control over their children’s education records. The act defines these records as records, files, documents, and other materials that contain personally identifiable information (“PII”) about a student and that are maintained by an education agency or institution or by a person acting for such agency or institution. In most cases, FERPA prohibits schools from sharing these records with third parties without written permission from a student’s parent.
Given its role as an online learning platform that serves students—including some that are under the age of 13 (the relevant age for COPPA)—in this new era of education, Zoom must comply with both laws.
Zoom’s Privacy Policy
Before the COVID-19 pandemic forced students to switch to online learning, Zoom was a relatively unknown company. Now, it is a household name, offering its services to 90,000 schools across 20 countries as of April 1, 2020. This sudden increase in users has exposed some underlying privacy issues with Zoom, but over the past several months, the company has made changes to its policies to better comply with the relevant laws. To comply with COPPA and FERPA, Zoom has a privacy policy specifically for users of the Zoom Education service. This privacy policy, Zoom for K-12/Primary and Secondary Schools Privacy Statement (“K-12 Privacy Policy”), declares compliance with COPPA and FERPA by enumerating privacy protections for users of the education service that are distinct from the protections listed in the general privacy policy.
Zoom’s COPPA Compliance
As for compliance with COPPA, the K-12 Privacy Policy lists the data the company collects from student users, including “customer content” uploaded to the platform, which can contain information such as files shared by users, meeting transcripts, and chat messages. In addition, Zoom automatically collects information concerning student users’ use of Zoom, including “type and frequency of actions taken, number of logs in or meeting entries, date and time, duration, quantity, quality, network connectivity, other platform performance metrics, and feature usage information, including use of video and screen sharing” and “information about a user’s device, network, and internet connection, such as IP address(es), MAC address, other device ID, device type, operating system type and version, type of camera, microphone and speaker, and client version.”
Pursuant to the COPPA requirement that website operators disclose how data collected from students is used, Zoom states that this information is only used to deliver the functionality of the Zoom platform, to operate the business, and as directed by school subscribers. The student data, according to the K-12 Privacy Policy, is not shared with companies, organizations, or individuals outside of Zoom without consent. Furthermore, Zoom does not permit students, including children under the age of 13, to create K-12 accounts. Instead, school subscribers must provide their students with accounts after obtaining the required parental consent. Lastly, Zoom will share the personal information it collects with individuals when directed to do so by school subscribers, thus creating a method for parents to obtain information collected from their children.
Zoom’s FERPA Compliance
Concerning FERPA, Zoom operates as a “school official” and collects and maintains student PII “on behalf of, and at the direction of, the School Subscriber.” In other words, schools are the owners of the information Zoom collects. Zoom places the onus on the school subscriber to determine how personal information is processed and maintained by requiring the school subscriber to decide which features to utilize in a Zoom meeting (i.e., the recording or chat features—both of which may contain PII) and to decide if the information should be saved in the Zoom Cloud. Additionally, the K-12 Privacy Policy states that this information is only accessed by Zoom upon the documented request of a school subscriber, when required by law, or to improve the platform. If parents wish to access these records or have them deleted, which are their rights according to FERPA, they must go through their child’s school.
Allegations of Noncompliance
Despite asserting compliance with COPPA and FERPA, authorities and school districts have raised concerns in the past several months stating that Zoom is either not complying with these laws or that there are potential security concerns in using the platform. One concern is that Zoom provides a free service which is not subject to the company’s K-12 Privacy Policy. While Zoom’s Privacy Policy claims that the company does not knowingly allow children under the age of 16 to create accounts, the company recently lifted the forty-minute time limit ordinarily placed on its free accounts for K-12 schools that have been closed due to the pandemic. This may encourage schools to utilize the free service, instead of the education service, which will consequently deny students the heightened protections contained in the K-12 Privacy Policy. This fear is not unfounded, because until recently Zoom shared user data that it collected from its free service with third parties, including advertisers. While it is unclear if this data included information collected from minors, if it did, Zoom possibly violated COPPA and FERPA.
Others have raised questions regarding the security of Zoom’s platform, which is of concern since Zoom stores student data and since COPPA requires website operators that serve children to “establish and maintain reasonable procedures to protect the confidentiality, security, and integrity” of the information collected from children. Some instances of security breaches and weaknesses include:
• hackers obtaining and selling 500,000 Zoom passwords; Zoom—for a time—misleadingly reporting that it offers “end-to-end encryption” while in reality only offering “transport encryption”;
• Zoom leaking personal information, including email addresses and photos, to other users on the platform;
• Zoom’s iOS App sending data to Facebook; and, finally,
• trolls hijacking educational sessions and posting hateful messages.
While none of these instances necessarily equate to a violation of COPPA or FERPA, they raise valid concerns over how secure Zoom is as a platform and whether the company is taking reasonable procedures to protect the information it collects from children.
Conclusion
In sum, in this new age of education, Zoom has seen a rapid increase in users which has exposed several flaws in the platform’s privacy policies and practices. But regardless of this sudden increase, Zoom has an obligation to comply with COPPA and FERPA and to protect the information it gathers from students. While the company’s privacy policies proclaim compliance with these laws, it is vital that government officials continue to police the platform to ensure that children’s privacy and education records are safeguarded, as required by COPPA and FERPA.
Steve Komorek is a second-year law student at Northwestern Pritzker School of Law.
From the moment you wake up and check social media to the moment you end your day by streaming the latest binge-worthy TV show, chances are high that an algorithm is hard at work to help curate your “best life.” But the stakes are changing. Instead of simply recommending certain articles to read or movies to watch, algorithms are now increasingly being utilized to make much more impactful decisions in areas such as criminal justice or healthcare.
As a result, implementing a public policy that focuses on algorithmic accountability is becoming progressively more important. Ideally, such a policy would regulate the actions of both the private and public sectors with full and open transparency. By adopting a framework of public disclosure in a way that is similar to how the Securities and Exchange Commission currently regulates the financial markets, thoughtful leaders may be able to draft better legislation to achieve algorithmic accountability.
The 2019 Algorithmic Accountability Act (the Act) is the first national attempt at regulating algorithms, but as first attempts go, the Act produced more lessons learned and questions than actionable law. So far, critics have pointed out a need to reframe the issues as a means to better define what types of algorithms legislation should cover. For example, the size of a company may have little to do with the impact of an algorithm-assisted decision regarding the benefits of thousands, yet the size of a company is factored heavily in the Act. Others want to start from a broader perspective, suggesting legislators should begin by developing an algorithmic bill of rights. However, there is a serious issue with transparency in the Act that warrants at least as much attention as any other issue.
In the Act, the issue of transparency boils down to the optional nature of disclosing impact assessments of algorithms, or “automated decision systems,” to the public. For example, according to DataInnovation.org, impact assessments may help “evaluate how an automated system is designed and used—including the training data it relies on, the risks a system poses to privacy or security, and various other factors.” But ultimately, accountability takes a tumble because the Act allows impact assessments to be “made public by the covered entity at its sole discretion.” In other words, if a company deploys an automated decision system (ADS) that has serious privacy and security concerns, the public may never know about it. When considering that we live in a time where public scrutiny often tips the scales, the optional nature of disclosure hardly seems adequate.
To address issues of transparency, the Securities and Exchange Commission (SEC) may provide a model framework. In the U.S., the SEC is an agency that regulates how and what financial information companies must disclose to the public. However, the SEC does not determine whether any given company is good or bad. Instead, the responsibility of checking financial performance is ultimately shouldered by experts in the market. Similarly, for algorithms, regulators should consider enforcing a policy of mandatory disclosure while leveraging the power of the markets to collectively achieve accountability.
Public Sector Issues with Algorithms
Although both governments and companies have well-documented issues in deploying ADS, the 2019 Algorithmic Accountability Act curiously does not appear to cover government actions. However, if algorithms are deployed to help manage public benefits, omitting governments from regulatory oversight is a mistake that undercuts the premise of transparency.
The case study of Barry v. Lyon, 834 F.3d 706 (6th Cir. 2016), serves as just one example of why government actions must be regulated for algorithmic accountability. As profiled by the Litigating Algorithms 2019 US Report, the Michigan Department of Health and Human Services (MDHHS) deployed an algorithm to “automatically disqualify individuals from food assistance based on outstanding felony warrants.” However, the algorithm failed at technical, business, and legal levels.
The MDHHS algorithm demonstrated technical failure as it “improperly matched more than 19,000 Michigan residents, and automatically disqualified them from food assistance benefits with a vague notice.” Moreover, the algorithm failed a basic business logic test when Michigan projected it would cost $345,000 but produce “virtually no state savings.” From a legal perspective, courts eventually ruled that Michigan’s practices violated Federal statutes, the Supremacy Clause, and Constitutional due process requirements.
In the end, the state government paid for an algorithm that did not work and reversed decisions on benefits, while also paying out $3,120 to each class member who was unlawfully disqualified. Most importantly, real people suffered through years of lost benefits.
What if, instead, government agencies were subject to information disclosure requirements when deploying ADS in the same way that private sector companies must disclose their financial information to the SEC? Perhaps public scrutiny or the anticipation of such scrutiny could help other governments from becoming a MDHHS case study in the future.
Private Sector Issues with Algorithms
The government is not alone in failing to deploy an algorithm successfully. Private sector juggernauts, such as IBM and Microsoft, have also failed with their own ventures.
Joy Buolamwini’s research revealed that Microsoft and IBM released facial recognition algorithms that could detect the faces of men with light skin tones quite well but erred when detecting the faces of women with dark skin tones. In fact, in order to be recognized by cameras that used the facial recognition algorithms, Buolamwini had to put on a white mask. Aside from the obvious issues, a central problem with this case is that when Microsoft and IBM released these algorithms to the public without any disclosures, the algorithmic bias was unknowingly perpetuated.
How would things be different if Microsoft and IBM publicly disclosed benchmarks about their algorithms before external researchers exposed their biases? While it is difficult to speculate about the past, a public disclosure policy might have impacted Microsoft and IBM in a manner that is similar to how product liability currently works for consumer goods. Consider how one could apply product liability laws, which impose certain duties on producers, to the regulation of AI. For example, companies might have a duty to warn and subsequently a duty to test and disclose issues with their algorithms. Under this hypothetical framework, perhaps Microsoft and IBM could have avoided a public relations issue and released a better product. Further, researchers like Buolamwini, and camera manufacturers who implemented the algorithm in their products, would have had the opportunity to make a more informed decision about whether to use or improve the algorithms.
Conceivably, product-liability-inspired policy that follows the structure of the SEC disclosure regime could be the solution. Such public disclosure for tech companies is not new. Under the banner of protecting investors, companies like Microsoft and IBM submit financial disclosures to the SEC at least every quarter, and emerging companies go through extensive disclosure protocols when they go public in IPOs. Why can’t we protect consumers from harmful algorithms in the same way?
Regulating for Algorithmic Accountability
To regulate for algorithmic accountability, a future act should incorporate a policy of mandatory public disclosure in combination with the concept of product liability as a means to achieve algorithmic accountability. Such a policy would cover both public and private sector entities and require them to disclose how their algorithms are trained, what the intended uses are, and their associated performance benchmarks. Moreover, as algorithms learn and evolve from processing data, we should expect publicly available and understandable updates on how algorithms make or recommend decisions.
Challenges with a Disclosure Framework
Despite the potential advantages of pursuing a policy of public disclosure, there are a number of additional problems to consider. From the Great Depression to the Great Recession, information disclosure and regulation regimes have had a history of spectacular failures. However, we should see the following as a list of challenges to overcome rather than a list of excuses not to pursue the disclosure framework.
• Irrational Markets: People do not always behave rationally, and information disclosure may not prevent misuse—how do we manage bad actors and unintended outcomes?
• Privacy Concerns: Mandating information disclosure does not have to be mutually exclusive with privacy—how do we balance the two?
• Cost of Accountability: Registering securities in the United States is currently an expensive and resource-intensive endeavor—how can we make algorithmic registration an efficient process?
• Exemptions: Part of the complexity in securities regulation is understanding how to perfect an exemption—how can we determine what entities and what types of algorithmic decision-making systems to cover?
• Intellectual Property Rights: Companies like Coca-Cola have patents, trade secrets, copyrights, and trademarks, yet they still participate in the disclosure process for securities regulation—how can we protect intellectual property rights with a disclosure system?
• Product Liability: Laws governing product liability are existing examples of information disclosure that may apply to algorithmic accountability—how do efforts to regulate algorithms cross over?
Conclusion
Over the past decade, algorithms have permeated nearly every aspect of our lives. Since this article was first drafted in early 2020, the novel coronavirus (COVID-19) emerged to drastically change the world. Since then, COVID-19 has ushered in a new level of acceptance and even demand for more intrusive and sophisticated algorithms to help with tasks such as contact tracing. While there are presently more pressing issues concerning the larger economy and the health and wellness of frontline workers, there has also never been a more pressing need for algorithmic accountability. As legislators continue to explore different regulatory schemes, they should consider incorporating a policy of public information disclosure that promotes transparency as a pillar to ensure algorithmic accountability in both the public and private sectors.
Justin Chae is a Master of Science in Law student at Northwestern Pritzker School of Law.
Alyson Carrel is a Clinical Associate Professor at Northwestern Pritzker School of Law.[1]
Over the past four decades, scholars have debated the impact of private settlement on the broader public good.[2] However, advancing technology in multi-party computation (MPC) presents an option to reimagine how society settles disputes, transforming it from a debate mired in the choice between public or private to a system of pluralistic options, each of which offers parties the choice to settle with varying degrees of both private and public elements. This article uses the cases against Harvey Weinstein and the recent revelations of non-disclosure agreements (NDAs) concealing rampant sexual harassment to demonstrate how a settlement mechanism built on MPC could present a set of pluralistic options that no longer result in the unfortunate choice between prioritizing the interests of individuals versus the needs of society.[3]
The debate about the impact of private settlement is not new. In 1976, Professor Frank Sander spoke at the second Global Pound Conference and advanced the argument that courts moved too slowly, cost too much, and were at times inaccessible to the litigants that needed it most.[4] He described the need for courts to adopt a multi-door approach providing multiple avenues for resolving disputes, including arbitration, mediation, and facilitation.[5] Proponents of these alternative processes argue that not only would it alleviate backlog on court dockets, but that private settlement provides significant social justice benefits.[6] These benefits include i) individual autonomy and self-determination over the outcome of their case,[7] ii) confidentiality to speak freely during settlement discussions and protect individuals from potential reputational harm,[8] iii) creativity and freedom from the limitations of legal remedies,[9] iv) the potential to improve relationships,[10] and v) the ability to have a voice, especially for those that may not have the financial resources to utilize the court system effectively.[11] However, this push for alternatives outside traditional adjudication sparked criticism that expanding the use of private settlement would unnecessarily harm society because it denied the courts its role as protector and reflector of the broader public good.[12] Removing cases from the public court system and placing them in the confines of private settlement distorted society’s understanding of society’s ills, and more generally, placed too much emphasis on the individual resolution and not enough on the society and the systemic impact inherent in a dispute. The resulting debate essentially became one about whose interests to prioritize: the parties, or the broader public good affected by structural harm that the matter represented.[13]
The recent revelations of sexual harassment and assault concealed by Harvey Weinstein and other famous individuals, through private settlement and non-disclosure agreements (NDAs), pointedly demonstrate this debate. Women publicly began to describe previously clandestine incidents of sexual harassment and assault, starting with the Ronan Farrow article in the New Yorker;[14] they named the perpetrators and demanded accountability (of both the perpetrator and the organizations and industries supporting them). This was the first time these women had spoken publicly about the harassment; some women had never reported the harassment in the first place, and others had reported it but agreed to a private settlement that effectively concealed the harassment behind an NDA.[15] The predictions of private settlement’s critics proved prescient: private settlement had prevented individual accountability, failed to change behavior nor protect others from suffering the same harm, and hindered a societal understanding of the larger systemic issues and prevalence of sexual harassment in society. Without formal reporting and knowledge of the perpetrator’s actions, the court could not perform its duty as protector nor reflect and enforce the social and moral norms of society.[16] In this new context, critics once again argued against private settlement and advocated for states and organizations to prohibit the use of NDAs in sexual harassment disputes.[17] They argued that, given these recent revelations, states should prioritize the societal interests of protecting the broader public good over allowing individuals to pursue private settlement, and prohibit the use of NDAs in sexual harassment disputes.[18] They wanted to ensure perpetrators could no longer conceal their harmful behavior from others and protect future third parties from suffering the same harm.[19] Accordingly, California passed such a law prohibiting NDAs.[20] Other states, including Maryland, have passed laws making NDAs in sexual harassment disputes unenforceable, null, or void.[21] Some businesses and employers such as Conde Nast decided to voluntarily declare they would not use NDAs in sexual harassment disputes.[22] Although these new laws and policies limited an individual’s right to choose a private settlement, they did so to ensure bad actors could no longer conceal their behavior.
However well-intentioned, these prohibitions of NDAs disadvantage survivors. As discussed in the debate, there are social justice benefits to private settlement[23]. For some individuals, it is imperative to have the autonomy to settle a claim without going through the costs and perils of going to court. Survivors of sexual harassment often want to deal with the matter quickly and move on. They do not want this experience to follow them in their career and potentially ruin their professional or personal reputation. They often use confidentiality as leverage during settlement negotiations as a bargaining chip with perpetrators who need privacy as well. There is a cruel irony when protecting potential future victims by prohibiting NDAs unintentionally harms the survivors. States recognizing this irony limited the prohibition to the perpetrators by carving out an exception allowing NDAs if the request for the NDA originates with the victim.[24]
Many sexual harassment victims do not report the behavior.[25] They may be afraid they will not be believed or that they will face retaliation if they report. Because of this, some women have relied on more informal and extra-legal mechanisms for reporting sexual harassment and assault, such as the “traditional whisper network,”[26] where they share information among colleagues without ever filing a formal complaint. New mechanisms have developed as well, such as public online forums where individuals post about their experience anonymously (some naming the perpetrator while others do not), and private forums, whether online or offline, where individuals post without anonymity but with the protection of a forum closed to the general public.[27] These extra-legal mechanisms, however, come with limitations. Because they are unofficial, they may not lead to perpetrator accountability. If the identity of the accuser becomes public, the accused may threaten to sue the reporting individual for slander or libel, which may re-victimize the victim regardless of the outcome. Further, individuals accused of sexual harassment in these extra-legal mechanisms voice concern about the injustice inherent in such unregulated sites and the lack of process through which they can defend themselves or ensure their reputation is not unnecessarily damaged.[28]
None of the solutions mentioned above, legal and extra-legal, allow victims to both maintain their privacy while ensuring the public is sufficiently informed about the harm. But the harm is real and so are the calls for solutions that not only protect individuals, but also protect and inform society. The described attempts to develop new mechanisms addressing the need to ensure that NDAs are not concealing ongoing sexual harassment and assault demonstrate a need for a system with pluralistic options that allows individuals who require privacy to feel comfortable reporting while keeping the society informed of the harms. Advancing technology in multi-party computation (MPC) presents the possibility to design such a set of pluralistic options and reimagine settlement.
MPC is a method by which parties can evaluate encrypted secret information to compute results without ever knowing or revealing the underlying data.[29] Owners of the data never relinquish control of their information even though it is used in the computation.[30] MPC scholars often explain the concept using a simple example called Yao’s millionaires’ problem.[31]In this example, two millionaires want to know which one of them has more wealth than the other, while neither of them discloses their wealth. Using MPC, a machine can compute the encrypted data and reveal who has more, without ever revealing, or “knowing” the amount of either millionaire’s wealth. The machine accesses a set of encrypted data, ensuring privacy is maintained while still informing an outcome. Of course, this is an over-simplified example to demonstrate how MPC works. It is not the computation that is remarkable, but the ability to keep the underlying information secure. A trusted third-party could be utilized to house and compute this information, but such information would be susceptible to data breaches or leaks. Because MPC utilizes encrypted data, it is far more reliable in protecting private information. In the sexual harassment context, the question Yao asked – “who has more wealth?” – might become “has this person settled a sexual harassment claim before, and if yes, how many times?” MPC opens up the possibility that parties can settle privately and feel confident their settlement is confidential, while still allowing courts, states, organizations, or society to use that data to compute specific information that could protect the broader public good.
A modified version of MPC has been used on college campuses to provide sexual assault survivors a reporting mechanism for allegations that maintains their privacy unless a subsequent victim alleges an assault by the same perpetrator.[32] This mechanism allows survivors to report the harm without being subjected to the potential for disbelief, retaliation, or reputational damage that might come with publicly reporting an accusation. It also provides a sense of solidarity when a subsequent act is reported and decreases the likelihood that the survivor will be disbelieved. This matching function provides a layer of protection for survivors wary of publicly reporting the harm by allowing them to report it privately as an initial step until they have an ally with which to bring it public. Scholars have proposed a similar step-wise approach to civil sexual harassment settlements that allow individuals to enter into private settlements, with NDAs, if those settlements are “deposited in an information escrow that would be released for investigation by the EEOC if another complaint is received against the same perpetrator.”[33] In other words, individuals maintain their autonomy to choose a private reporting mechanism that only prioritizes the broader public good once there is an indication the perpetrator is a repeat offender. While these proposed systems for sexual harassment cases improve upon the traditional “public” or “private” dichotomy, they still remain problematic. Ian Ayers points out these systems can create a “first-mover advantage,” essentially giving perpetrators a free pass.[34] They also focus exclusively on repeat offenders. Limiting reporting to repeat offenders reinforces the problematic notion that to believe a sexual harassment or assault survivor, there must be multiple allegations. This system does little to inform society about the extent to which sexual harassment and assault is occurring because it is only limited to repeat accounts instead of all accounts.
MPC presents the possibility of creating a much broader reporting system for private settlements not just limited to computing perpetrator matches. A policy could be adopted requiring all private settlements to be maintained and encrypted for computational analysis that opens up the opportunity to leverage the answers to new questions such as: “has this organization settled a sexual harassment claim before, and if yes, how many times?” Or, “how many private settlements dealt with sexual harassment last year?” Or “how many sexual harassment disputes involved an alleged assault?” The possibilities are endless. In her paper “Beyond #MeToo,” Professor Deborah Tuerkheimer argued that survivors need a “wider array of pathways” for reporting sexual harassment.[35] MPC presents the opportunity to develop this array of pathways because it can utilize more than just private settlements and compute more than just information matching.
For instance, instead of prohibiting NDAs, parties could include encrypted information about their private settlement in an MPC mechanism for a court to enforce the private settlement, including any agreed to NDA. This maintains the parties’ autonomy and right to choose settlement but ensures that society can, to varying degrees, evaluate those settlements to ensure the broader public good is protected. Innovations present more questions than answers, and a settlement system built on MPC is no different. Could the parties decide which of the settlement elements to report or would policy dictate the entire settlement be included? Will employers view a reporting system built on MPC as an enhancement over recent laws prohibiting NDAs? How can this system reflect those private settlements in which a court would have never ruled against the employer, but where the company wanted to save money by settling? What will be the appropriate reporting threshold to prevent people from using the mechanism to spread formalized rumors? Will survivors lose settlement leverage if employers know the final settlement must be included in this system and some element of it will be potentially made public? Do parties have to sue before accessing results from the MPC system? Could a settlement system built on MPC change the way society views sexual harassment? The list could go on and on. This article does not have all the answers but simply wants to point out that the technology exists, today, to reimagine settlement.
It is beyond the scope of this short article to identify the entire array available, but here is a brief list of some broad utilizations of MPC. In each example, survivors retain the autonomy to address the harm however they choose, including private settlement, without concealing the impact of these harms from society.
1. Information Escrow for repeat offenders
As already described, MPC is a form of information escrow, in which parties may settle privately unless a subsequent victim files a settlement with the same perpetrator. MPC can provide notice to plaintiff in a subsequent settlement that the defendant has settled a similar claim previously, without disclosing the name of the accuser or precise details of the prior settlement. This example protects the privacy of the individual while still informing future third parties of the settlement and thus the offensive behavior.
2. Information Escrow for repeat organizations defending offenders (even if a single act)
MPC can also be a form of information escrow that informs a plaintiff in a subsequent settlement that the workplace or organization in which the harassment occurred has settled a claim for similar behavior, even if with a different perpetrator. This use of MPC systems expands the value of the information escrow by no longer limiting it to situations in which there is a repeat actor and including situations in which an organization may be harboring or concealing the behavior.
3. Reporting totality of acts in their aggregate
A settlement system built on MPC could also capture information that educates society about this behavior, whether or not the behavior is from a repeat offender. Instead of computing for matches, the system could look at the data in its aggregate to determine the extent of the problem in society and its potential impact on the broader public good. MPC can allow for automatic, cross-jurisdiction aggregations that provide higher-level information about trends in industries. In this way, there is not only accountability for repeat offenders but also anonymized data that can inform the public and raise awareness of widespread behavior, revealing no underlying data about the accuser or the accused. This reporting system mirrors the impact of the informal reporting systems while ensuring the privacy of the individuals.
The recent revelation of individuals using NDAs to conceal rampant sexual harassment and assault demonstrates the importance of the ongoing debate about the impact of private settlement on the broader public good. Current unsatisfactory solutions are limited to a trade-off between whether to prioritize an individual’s interest in privacy over the public’s need for information. MPC presents an opportunity to reimagine settlement, moving away from the old dichotomy of either public or private, to a new set of pluralistic options that allow for both public and private: not only because MPC presents an opportunity to address the use and abuse of NDAs in the sexual harassment setting, but because it presents an opportunity to reimagine how the law interacts with settlement. As critics of private settlement have identified, any dispute between individuals may represent a systemic problem that society has an interest in understanding and protecting future third parties from experiencing. This need cannot come at the expense of the individual’s potential interest in privacy. MPC might allow us to collect data about many cases and run analytics to ensure society has a more accurate understanding of the extent to which certain behaviors are harming the broader public good. With advancing technology like MPC, the law must reexamine the assumptions on which it is based and begin reimagining what is possible, because it is.
[1] I am grateful to Lynn Cohn, Leonard Riskin, Daniel Gandert, Annalise Buth, Deborah Tuerkheimer, Xiao Wang, and Peter Chan for their support and insightful comments on earlier drafts. I am indebted to Noam Ebner for his leadership in the field and collaboration with me exploring the role of technology in dispute resolution. An earlier version of this article was presented at the Northwestern CS + Law Faculty talk series, organized by Professors Daniel Linna and Kristian Hammond, and the University of Oregon’s Experimental ADR conference, organized and hosted by Professor Jen Reynolds, and I thank all the participants for their comments and suggestions. [back]
[2] See generally,Owen M. Fiss, Against Settlement, 93 The Yale L.J. 1073 (1984); see generally, Carrie Menkel-Meadow, Whose Dispute Is It Anyway? A Philosophical and Democratic Defense of Settlement (In Some Cases), 83 Geo L.J. 2663 (1995). [back]
[3] This article approaches the problem from a survivor-centered point of view, but recognizes that settlement is only effective if defendants in civil sexual harassment cases find value in settlement too. [back]
[4] Frank E.A. Sander, Varieties of Dispute Processing, Address Delivered at the National Conference on the Causes of Popular Dissatisfaction with the Administration of Justice, 70 F.R.D. 79, 111 (1976). For a history of the Global Pound Conferences, see Traum, Lara and Farkas, Brian, The History and Legacy of the Pound Conferences, 18 Cardozo J. Conf. Resol 677 (2017). [back]
[5] Id. (This is commonly referred to as the “multi-door courthouse”). [back]
[6] Menkel-Meadow, supra note 2, at 2669-70. [back]
[7] See, e.g., Nancy Welsh, The Thinning Vision of Self-Determination in Court-Connected Mediation: The Inevitable Price of Institutionalization? 6 Harv. Negot. L. Rev. 1, 15-16 (2001). But see, e.g., Nancy Welsh, Do You Believe in Magic?: Self-Determination and Procedural Justice Meet Inequality in Court-Connected Mediation, 70 SMU L. Rev. 721, 721(2017). [back]
[8] Confidentiality is now protected to varying degrees by various court rules and law. See, e.g.,Unif. Mediation Act § 8 (2001). But see, e.g.,Christopher Honeyman, Confidential, More or Less: The Reality, and Importance, of Confidentiality is Often Oversold by Mediators and the Profession, Disp. Resol. Mag., Winter 1998, at 12. [back]
[9] See, e.g., Carrie Menkel-Meadow, Aha? Is Creativity Possible in Legal Problem Solving and Teachable in Legal Education?, 6 Harv. Negot. L. Rev. 97, 97-144 (2001). [back]
[10] See, e.g., Deborah Thompson Eisenberg, What We Know and Need to Know About Court- Annexed Dispute Resolution, 67 S.C. L. Rev. 245, 248 (2016). [back]
[11] See, e.g., Nancy A. Welsh, Making Deals in Court‑Connected Mediation: What’s Justice Got To Do With It?, 79 Wash. U. L.Q. 787, 791 (2001); see generally, Nancy A. Welsh, Stepping Back Through the Looking Glass: Real Conversations with Real Disputants About Institutionalized Mediation and Its Value, 19 Ohio St. J. on Disp. Resol. 573 (2004). [back]
[12] See, e.g., Fiss, supra note 2, at 1075; Laura Nader, Commentary, in THE POUND CONFERENCE: PERSPECTIVES ON JUSTICE IN THE FUTURE 114, 115-19 (A. Leo Levin & Russell R. Wheeler eds., 1979); Harry T. Edwards, Alternative Dispute Resolution: Panacea or Anathema?, 99 Harv. L. Rev. 668, 668-69 (1986); Trina Grillo, The Mediation Alternative: Process Dangers for Women, 100 Yale L.J. 1545, 1561 (1991); David Luban, Settlements and the Erosion of the Public Realm, 83 Geo. L.J. 2619, 2622-26 (1995). [back]
[13] See generally, Menkel-Meadow, supra note 2, at 2663-71. [back]
[14] Ronan Farrow, From Aggressive Overtures to Sexual Assault: Harvey Weinstein’s Accusers Tell Their Stories, The New Yorker (Oct. 10, 2017), https://www.newyorker.com/news/news-desk/from-aggressive-overtures-to-sexual-assault-harvey-weinsteins-accusers-tell-their-stories. [back]
[16] See Fiss, supra note 2, at 1085-87; Luban, supra note 12. [back]
[17] See Prasad Vasundhara, If Anyone Is Listening, #Metoo: Breaking the Culture of Silence Around Sexual Abuse Through Regulating Non-Disclosure Agreements and Secret Settlements, 59 B.C. L. Rev. 2507, 2520-23 (2018). [back]
[20] S.B. 820, Cal. 2017-2018 Reg. Sess., 2017 CA S.B. 820(NS), ch.953 (Cal. 2018), https://leginfo.legislature.ca.gov/faces/billNavClient.xhtml?bill_id=201720180SB820. [back]
[21] H.B. 1596, 2018 Reg. Sess. ch.738 (Md. 2018). [back]
[22] Katie Robertson, Condé Nast to Limit the Use of NDAs, The New York Times (Feb. 21, 2020), https://www.nytimes.com/2020/02/21/business/media/conde-nast-nda.html. [back]
[23] See generally, Menkel-Meadow, supra note 2. [back]
[24] See, e.g., Or. Rev. Stat. § 659A.370 (2019). [back]
[25] Select Task Force on the Study of Harassment in the Workplace: Report of Co-Chairs Chai R. Feldblum & Victoria A. Lipnic, U.S. Equal Emp. Opportunity Comm’n (Jun. 2016), https://www.eeoc.gov/eeoc/task_force/harassment/report.cfm. [back]
[26] Deborah Tuerkheimer, Beyond #MeToo, 94 N.Y.U. L. Rev. 1146, 1168-74 (2019) (describing a new taxonomy for unofficial reporting in sexual harassment). [back]
[27] See Tuerkheimer, supra note 26, at 1167-74. [back]
[28] See Tuerkheimer, supra note 26, at 1188-91. [back]
[29] Xiao Wang et al., Revisiting Square-Root ORAM, 2016 IEEE Symposium on Security and Privacy, https://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=7546504. [back]
[31] Andrew Yao, Protocols for Secure Computations, in Conference Proceedings of the 23th IEEE Symposium on Foundations of Computer Science 160, 160-64 (1982). [back]
[32] Anjana Rajan et al., Callisto: A Cryptographic Approach to Detect Serial Predators of Sexual Misconduct, Callisto 1, 1 (Nov. 14, 2018), https://www.projectcallisto.org/callisto-cryptographic-approach.pdf. [back]
[33] Ian Ayres, Targeting Repeat Offender NDAs, Stanford L. Rev. Online (2018), https://review.law.stanford.edu/wp-content/uploads/sites/3/2018/06/71-Stan.-L.-Rev.-Online-Ayres-1.pdf. [back]
[35] See Tuerkheimer, supra note 26, at 1193. [back]
Alyson Carrel, Reimagining Settlement with Multi-Party Computation, JTIP B
Innovation is a process that can be learned, practiced, and mastered. Applying Everette Rogers’s Diffusion of Innovations Theory to solve problems in the American legal industry may hold the key to addressing critical issues such as access to justice and overwhelming legal complexity. This post explores diffusion theory from a student’s perspective and through an interview with Professor Bill Henderson conducted in November 2019.
The Legal Innovator’s Dilemma
Change is notoriously hard. From an early age, most people learn to fear the idea of “going out on a limb,” and organizations often cling to the safety of the pack. Yet despite a societal preference to resist change, good ideas eventually take root and become widely adopted. Moreover, the pace of change differs widely between industries.
Today, the medical and tech industries seem to deliver cutting edge breakthroughs every other day, while others such as the legal industry seem to lag far behind. Why is change so hard, and what makes the legal industry especially challenging? Further, what lessons can we learn from studying how different sectors respond to change? According to some, the answer to the legal innovator’s dilemma is hybrid seed corn.
Connecting Hybrid Seed Corn to Artificial Intelligence
What does a study on hybrid seed corn from the 1960s have to do with the proliferation of artificial intelligence in the legal industry in 2020? As it turns out, maybe a lot.
In the mid-20th century, farmers across the United States resisted an innovation – the hybrid seed corn. Although the innovation appeared to work as promised, researchers such as Everette M. Rogers discovered that the adoption of hybrid seed was more a function of a social system rather than technology alone.
In other words, the fact that hybrid seed produced superior crops was relatively unimportant. Instead, Rogers delivered an insight that mass adoption rested on the willingness of a few influential farmers to take a chance on buying hybrid seeds. With agriculture today, it seems obvious, but at the time in the 1950’s, buying seeds instead of planting your own was a radical idea. Once influential farmers bought into the concept, others followed. Rogers delivered his insights with the Diffusion of Innovations (DOI), quickly becoming one of the most widely cited works in social science.
Applying Diffusion Theory to the Law
Professor Bill Henderson, who teaches the course “How Innovation Diffuses in the Legal Industry” at Northwestern Pritzker School of Law, discovered Rogers’ theory after learning lessons the hard way as an entrepreneur with a legal tech startup. After realizing that Rogers’s work explained why his journey in legal tech was so arduous, Professor Henderson launched Legal Evolution to help entrepreneurs overcome the type of massive passive resistance that has become a hallmark of the American legal industry.
If influential farmers were the key to unlocking hybrid seed adoption, then the ability of an entrepreneur to identify influential decision-makers in the legal market could prove to be the difference between a successful business or another failed startup. Armed with this theory, entrepreneurs might be able to focus their resources on customers who are more willing to accept and spread innovations, rather than simply those with the most money.
A Case Study in Decision Making
Bob Meltzer’s experience with founding VisaNow, an innovative online immigration legal services platform, in 1999, provides an excellent example of the theory in action. VisaNow initially sold to enterprise customers but became bogged down in the sales cycle. With enterprise customers, VisaNow was spending its time trying to sell to risk-averse and consensus-based decision-makers.
However, Bob realized if he backed off and went to a smaller customer – where there was a single owner or manager who had the power to make fast buy decisions – he could overwhelm a niche market. His sales increased dramatically. He was selling to smaller customers, but the high volume enabled VisaNow to grow 100% year over year for three years. In a way, the successful adoption by small, yet influential customers made VisaNow’s sales to larger, more sophisticated customers easier, especially as innovation adoption continued to spread.
The Diffusion Theory Framework
Sounds great, but what is it?
As Professor Henderson explains in detail on the Legal Evolution blog, we can adopt Rogers’s regression model to understand how to reach mass adoption for a given innovation in the legal market.
The core model has five factors (known as the relative advantages) that account for between 49% and 87% of the variance in the rate of adoption. The five factors that should be analyzed include:
- Perceived Attributes of Innovation
- Type of Innovation Decision
- Communication Channels
- Nature of the Social System
- Efforts of Change Agents
By learning how to evaluate the market with these five factors, the legal entrepreneur can identify which areas require attention and how to effectively approach issues.
For example, the Nature of the Social System factor requires an analysis of how to measure success. First consider who is in your system: Is the social system of your legal innovation comprised of the Am Law 100 firms, or is it each of the law librarians at every intellectual property firm on the North Side of Chicago? In one case the unit of measure for success might be adoption of your innovation by a firm. In the other case, the unit of measure might be the use of your innovation by each department head. Knowing the difference can help focus a business strategy and make efficient use of limited resources.
More case studies on innovation diffusion as it relates to the legal industry can be found at Legal Evolution.
Predictions on the Future of Legal Evolution
When pushed to make predictions about the legal market, Professor Henderson focuses his answers on culture, people, and processes more than any specific type of tech.
Technology, after all, is simply the application of scientific knowledge for practical purposes. If Oxford’s definition is true, then the development and implementation of a management technique is as much a technological innovation as the latest in-cloud tool.
Embracing Allied Professionals
In no particular order, Professor Henderson’s list of predictions starts with a change in culture, what he calls the “softening of the kind of the culture of law to embrace allied professionals.”
When explaining the concept, he says, “I think that we’re beginning to see the benefits of . . . opening up the social system to external intelligence. I mean, it makes us [lawyers] smarter to talk to accountants, it makes us smarter to talk to data scientists and software engineers.”
Management Techniques for Attorneys
A second prediction involves improved management techniques for attorneys. For example, consider CEO and founder of InCloudCounsel Ben Levi’s story. InCloudCounsel connects attorneys with clients through a novel cloud-based platform. To an outsider, the technology might resemble what Uber does for drivers and riders if they were executing hundreds of private equity contracts.
But the innovation is not about the software or a machine learning algorithm; instead, it’s the idea of implementing new management techniques. This primarily involved Levi’s use of net promoter scores (NPS) to evaluate attorneys. In some industries, NPS has become a popular tool to measure factors such as customer satisfaction and customer relationships. Though, is not often used in the legal industry, where tracking billable hours and revenue per lawyer is the main focus. Levi is taking a different approach.
Professor Henderson notes InCloudCounsel as one example of a legal company “bringing enlightened management to the law.”
Law Firms Will Win
Although the theory seems to suggest that large firms are slow and lumbering, in actuality, there are cases where large firms have the advantage in the innovation game. In addition to having a sheer strength in capital resources, large firms have all the units of measure that matter: the lawyers and other key influencers that determine outcomes in a social system.
To make the case, Professor Henderson recalls the case study on Clifford Chance Applied Solutions with CEO Jeroen Plink. As part of the case study, Jeroen guest lectured students about how he led an effort to develop in-house legal software solutions that are designed to increase efficiency and become profitable. Professor Henderson believes “Clifford Chance [and other law firms that invest in similar channels] will eventually get to a point where their tech business is perceived as more valuable than their services business.”
Professor Henderson stresses that “the tech business permits you to make money while you sleep” and could prove to be the more profitable business in the long run.
Impressed with the case, he went on to say, “I left that class with the conclusion that the law firms are going to win. And what I mean by that is, that they just have such overwhelming advantages. Number one, they’ve got deep enduring relationships with powerful customers. And number two, if they’re willing to set aside 1% or 2% to feed into it… they have an overwhelming advantage of basically being able to develop products with access to partners.”
For firms willing to invest, the idea that a traditional firm can win with relatively small investments is good news.
But for small startups, the big firm’s advantage also represents an opportunity. Firms still have to make an investment decision in the first place. Exploiting that decision space could be critical.
The observation that small innovators can win by paying attention to their users and acting on feedback is an important one. Despite their size, those talented enough and disciplined enough to develop innovations with the right product-market fit can still win. As Professor Henderson added, “you don’t need to be a Biglaw firm to pull this off.”
Justin Chae is a Master of Science in Law student at Northwestern Pritzker School of Law.
Every school day, millions of parents wave goodbye as their kids get on a bus or into a carpool to head to school. Now fast-forward 20 years and replace the driver with an autonomous driving system. Will parents be comfortable letting their kids get in that vehicle? Should a 15-year-old be able to order a ride in an autonomous vehicle (AV) without parental consent? How about a 9-year-old?
Increasing mobility for those unable to drive is an important benefit of AVs. Experts and academics are exploring how to design AVs to be kid-friendly (and parent approved) given the technical and non-technical issues that can emerge when a child rides solo. Proposed features include two-way audio communication, seatbelt checks, and the ability to monitor the vehicle remotely. However, each new feature also raises a myriad of new questions or concerns around cybersecurity, authorizing access, overriding decisions, emergency interventions, and more.
While protecting riders’ and other road users’ physical safety is the foremost concern, AV riders’ privacy, and especially minors’ privacy, also deserves attention. The FTC’s recent $170 million settlement with YouTube for violation of the Children’s Online Privacy Protection Act (COPPA,15 U.S.C. §§ 6501–6505) highlighted concerns about minors’ online privacy and content access. COPPA protects those under 13 years of age from “unfair or deceptive acts or practices in connection with the collection, use, and/or disclosure of personal information from and about children on the Internet.”
At first glance, AVs seem outside the scope of COPPA. However, the law defines “online service” broadly. AVs are similar to other examples of online services in the FTC’s guidance such as internet-enabled location-based services and Internet of Things devices. Furthermore, AV companies should recognize the wealth of personally identifiable information that these vehicles collect on their riders, which will include children under the age of 13 and categories of information covered by COPPA:
- User Information: e.g., name, addresses, contact details.
- Geolocation Data: e.g., start/end point, route, and time travelled.
- Voice/Facial Recognition, Imaging, and Biometrics: e.g., verifying compliance with company policies (ex: cleanliness) and monitoring wellness.
- Passive tracking: e.g., browsing data from devices using on-board Wi-Fi.
- Financial/Payment Information: e.g., credit card numbers
Most uses of this information by AV companies comply with COPPA and seem in line with societal expectations of privacy, for example rider authorization and customizing the vehicle to its user’s preferences (temperature, radio station, and seat position).
However, AV companies might be tempted to make the same mistake as YouTube by marketing the information it has on its riders, knowing that some of its riders are protected by COPPA. For example, an AV company that infers a child’s favorite pizza restaurant based on analysis of his family’s past trips could sell this data to the restaurant or accept payment to intentionally take routes that passes by the restaurant. These applications may violate COPPA’s protections on disclosure of a minor’s identifiable information to third parties for any purpose.
AV companies interested in the “collection, use, and/or disclosure of personal information from children” for allowable ends under COPPA require verifiable parental consent. However, meeting the requirements of COPPA raises additional challenges:
- How is age verified?
- How and when is verifiable parental consent obtained?
- Is consent needed each time a minor under age 13 enters an AV, or just once?
- Does an adult’s consent to monitoring apply if he or she is riding with a minor?
- If AVs are fleet-based, does consent in one vehicle apply to the whole fleet?
- While there are broad exceptions in the rule for contextual advertising and user safety, what is the extent of these for riders in AVs?
These challenges will be compounded by state-level privacy rules, most notably the California Consumer Privacy Act (CCPA), which can require actual knowledge of a user’s age or place greater restrictions on the collection and use of data.
Even with parental consent, how data from AVs is managed and analyzed merits further consideration. For example, the Supreme Court’s decisions in US v. Jones andUS v. Carpenter (and other cases at lower levels) highlighted how location data can reveal or be used to infer one’s most intimate and sensitive personal information. Even anonymized and aggregated location data disassociated from the rider, regardless of age, is re-identifiable at high levels of accuracy when combined with other data sets. Therefore, an AV company required to share data with a city or state government (as is increasingly required and allowed under COPPA) that then makes this data publicly available could rightfully be concerned that their users’ identities can be determined.
Without additional clarity, AV operators may find it easier to place age restrictions on ridership, limiting these vehicles’ social utility. Unfortunately, these restrictions may also incentivize cheating or lying. For example, Uber and Lyft’s policies say that passengers under the age of 18 must be accompanied by an adult, yet enforcement is loose. Furthermore, future design concepts see vehicles becoming platforms for third-party application integrations and partnerships, similar to the app store on cellphones, some of which would target minors.
Therefore, to unlock the medium and long-term benefits of AVs for minors, lawyers and policymakers must recognize AVs are not just vehicles; AVs are directly connected to a broader ecosystem of technologies and policy areas. Especially as new regulations around privacy and the internet are considered, lawyers and regulators must recognize and account for the new era of connected products, like AVs, that will be affected.
Doug Lavey is a third-year student at Northwestern Pritzker School of Law.