Copyright (c) 2009 All rights reserved. http://works.bepress.com/danielle_citron Recent documents in Danielle Keats Citron en-us Sat, 24 Oct 2009 23:16:39 PDT 3600 http://works.bepress.com/danielle_citron/17 http://works.bepress.com/danielle_citron/17 Fri, 23 Oct 2009 05:55:39 PDT Danielle Keats Citron Cyberspace Law http://works.bepress.com/danielle_citron/16 http://works.bepress.com/danielle_citron/16 Fri, 23 Oct 2009 05:55:00 PDT The public can now "friend" the White House and scores of agencies on social networks, virtual worlds, and video-sharing sites. The Obama Administration sees this trend as crucial to enhancing governmental transparency, public participation, and collaboration. As the President has underscored, government needs to tap into the public's expertise because it doesn't have all of the answers. To be sure, Government 2.0 might improve civic engagement. But it also might produce privacy vulnerabilities because agencies often gain access to individuals' social network profiles, photographs, videos, and contact lists when interacting with individuals online. Little would prevent agencies from using and sharing individuals' social media data for more than policymaking, including law enforcement, immigration, tax, and benefits matters. Although people may be prepared to share their views on health care and the environment with agencies and executive departments, they may be dismayed to learn that such policy collaborations carry a risk of government surveillance. This Essay argues that government should refrain from accessing individuals' social media data on Government 2.0 sites. Agencies should treat these sites as one-way mirrors, where individuals can see government's activities and engage in policy discussions but where government cannot use, collect, or distribute individuals' social media information. A "one-way mirror" policy would facilitate democratic discourse, enhance government accountability, and protect privacy. Danielle Keats Citron Administrative Law Cyberspace Law http://works.bepress.com/danielle_citron/15 http://works.bepress.com/danielle_citron/15 Tue, 19 May 2009 08:28:58 PDT The online harassment of women exemplifies twenty-first century behavior that profoundly harms women yet too often remains overlooked and even trivialized. This harassment includes rape threats, doctored photographs portraying women being strangled, postings of women's home addresses alongside suggestions that they should be sexually assaulted and technological attacks that shut down blogs and websites. It impedes women's full participation in online life, often driving them offline, and undermines their autonomy, identity, dignity, and well-being. But the public and law enforcement routinely marginalize women's experience, deeming it harmless teasing that women should expect, and tolerate, given the Internet's Wild West norms of behavior. The trivialization of phenomena that profoundly impact women's basic freedoms is nothing new. No term even existed to describe sexual harassment of women in the workplace until the 1970s. The refusal to recognize harms uniquely impacting women has an important social meaning - it conveys the message that abusive behavior towards women is acceptable and should be tolerated. Grappling with the trivialization of cyber gender harassment is a crucial step to understanding and combating the harm that it inflicts. My previous work Cyber Civil Rights explored law's role in deterring and punishing online abuse. This Essay emphasizes what may be law's more important role: its ability to condemn cyber gender harassment and change the norms of acceptable online behavior. Recognizing cyber harassment for what it is--gender discrimination--is crucial to educate the public about its gendered harms, to ensure that women's complaints are heard, to convince perpetrators to stop their bigoted online attacks, and ultimately to change online subcultures of misogyny to that of equality. Danielle Keats Citron Cyberspace Law Information Privacy Law http://works.bepress.com/danielle_citron/14 http://works.bepress.com/danielle_citron/14 Thu, 05 Mar 2009 09:32:58 PST Social networking sites and blogs have increasingly become breeding grounds for anonymous online groups that attack women, people of color, and members of other traditionally disadvantaged groups. These destructive groups target individuals with defamation, threats of violence, and technology-based attacks that silence victims and concomitantly destroy their privacy. Victims go offline or assume pseudonyms to prevent future attacks, impoverishing online dialogue and depriving victims of the social and economic opportunities associated with a vibrant online presence. Attackers manipulate search engines to reproduce their lies and threats for employers and clients to see, creating digital "scarlet letters" that ruin reputations. Today's cyber attack groups update a history of anonymous mobs coming together to victimize and subjugate vulnerable people. The social science literature identifies conditions that magnify dangerous group behavior and those that tend to defuse it. Unfortunately, Web 2.0 technologies accelerate mob behavior. With little reason to expect self-correction of this intimidation of vulnerable individuals, the law must respond.General criminal statutes and tort law proscribe much of the mobs' destructive behavior, but the harm they inflict also ought to be understood and addressed as civil rights violations. Civil rights suits reach the societal harm that would otherwise go unaddressed and would play a crucial expressive role. Acting against these attacks does not offend First Amendment principles when they consist of defamation, true threats, intentional infliction of emotional distress, technological sabotage, and bias-motivated abuse aimed to interfere with a victim's employment opportunities. To the contrary, it helps preserve vibrant online dialogue and promote a culture of political, social, and economic equality. Danielle Keats Citron Cyberspace Law Information Privacy Law http://works.bepress.com/danielle_citron/12 http://works.bepress.com/danielle_citron/12 Thu, 18 Dec 2008 06:38:36 PST Social networking sites and blogs have increasingly become breeding grounds for anonymous online groups that attack women, people of color, and members of other traditionally disadvantaged groups. These destructive groups target individuals with defamation, threats of violence, and technology-based attacks that silence victims and concomitantly destroy their privacy. Victims go offline or assume pseudonyms to prevent future attacks, impoverishing online dialogue and depriving victims of the social and economic opportunities associated with a vibrant online presence. Attackers manipulate search engines to reproduce their lies and threats for employers and clients to see, creating digital "scarlet letters" that ruin reputations. Today's cyber attack groups update a history of anonymous mobs coming together to victimize and subjugate vulnerable people. The social science literature identifies conditions that magnify dangerous group behavior and those that tend to defuse it. Unfortunately, Web 2.0 technologies accelerate mob behavior. With little reason to expect self-correction of this intimidation of vulnerable individuals, the law must respond.General criminal statutes and tort law proscribe much of the mobs' destructive behavior, but the harm they inflict also ought to be understood and addressed as civil rights violations. Civil rights suits reach the societal harm that would otherwise go unaddressed and would play a crucial expressive role. Acting against these attacks does not offend First Amendment principles when they consist of defamation, true threats, intentional infliction of emotional distress, technological sabotage, and bias-motivated abuse aimed to interfere with a victim's employment opportunities. To the contrary, it helps preserve vibrant online dialogue and promote a culture of political, social, and economic equality. Danielle Keats Citron Cyberspace Law http://works.bepress.com/danielle_citron/11 http://works.bepress.com/danielle_citron/11 Thu, 30 Oct 2008 11:44:06 PDT Automated information systems offer an opportunity to improve the democratic legitimacy of the administrative state. Today, agencies transfer crucial responsibilities to computer systems. Computers gather and interpret important information. For instance, electronic machines record and calculate votes. Automated systems execute policy and render decisions about important individual rights, such as a person's eligibility for public benefits. Computer systems store sensitive personal information. These systems' closed architecture, however, shields vital agency decisions from view. No one can see how a system operates without a software program's source code. Closed code hides programming errors that disenfranchise voters, under-count communities for the census, and distort policy embedded in automated public benefits systems. Neither senior officials nor the public can provide feedback on agency decisions embedded in code. Interested programmers have no opportunity to collaborate on a system's design or security. In short, these systems' closed architecture impairs the administrative state's accountability, denies the public the opportunity to participate in its policymaking, and ignores the availability of valuable expertise. This Essay proposes opening up these black boxes to democratize agencies' automated decision-making. In revealing the programmer's instructions to the computer, open code shines light on important regulatory choices currently hidden from both elected policy-makers and the public at large. It creates new opportunities for participation by a broad network of programmers, who can contribute to the development of accurate and secure systems. Such feedback would exert pressure on agencies to fix problems at the margins that agencies might be inclined to ignore. Open code makes programming and system design expertise relevant and available to the administrative state. In short, open code governance provides a means to make agency decisions bound up in information systems more transparent, democratic, and legitimate. Danielle Keats Citron Cyberspace Law http://works.bepress.com/danielle_citron/10 http://works.bepress.com/danielle_citron/10 Tue, 28 Oct 2008 17:34:12 PDT Danielle Keats Citron Cyberspace Law http://works.bepress.com/danielle_citron/6 http://works.bepress.com/danielle_citron/6 Fri, 01 Aug 2008 10:33:02 PDT Distinct and complementary procedures for adjudications and rulemaking lie at the heart of twentieth-century administrative law. Due process required agencies to provide individuals notice and an opportunity to be heard. Agencies could foreclose policy issues that individuals might otherwise raise in adjudications through public rulemaking. One system allowed focused advocacy; the other featured broad participation. Each procedural regime compensated for the normative limits of the other. Both depended on clear statements of reason. The dichotomy between these procedural regimes has become outmoded. This century's automated decision-making systems collapse individual adjudications into rulemaking while adhering to the procedural safeguards of neither. Automated systems jeopardize due process norms. Their lack of meaningful notice, and a hearing officer's tendency to presume a computer system's infallibility, devalue hearings. Standard Mathews v. Eldridge cost-benefit analysis is ill-equipped to compare the high fixed cost of deciphering a computer system's logic with the accumulating marginal benefit of correcting myriad inaccurate decisions. Automation also defeats participatory rulemaking. Code, not rules, determines the outcomes of adjudications. Programmers inevitably alter established rules when embedding them into code in ways the public, elected officials and the courts cannot review. Last century's procedures cannot repair these accountability deficits. A new concept of technological due process is essential to vindicate the norms underlying last century's procedural protections. This Article shows how a carefully structured inquisitorial model of quality control can partially replace aspects of adversarial justice that automation renders ineffectual. It also provides a framework of mechanisms capable of enhancing the transparency, accountability, and accuracy of rules embedded in automated decision-making systems. Danielle Keats Citron Administrative Law Cyberspace Law http://works.bepress.com/danielle_citron/5 http://works.bepress.com/danielle_citron/5 Fri, 16 May 2008 11:53:09 PDT This conference explores the role of crowds in establishing online reputations. My talk will address the malevolent side of that story--how online crowds can destroy the privacy and reputations of individuals, particularly women. Social networking sites and blogs have recently become breeding grounds for anonymous groups that attack women with lies, threats of sexual violence, and damaging photographs. In response, some women have gone offline or assumed gender-neutral pseudonyms. Because search engines reproduce the attacks, the online reputations of targeted women are repeatedly battered.These destructive groups update a pattern from the past. From the anti-immigrant mobs of the nineteenth century to the Ku Klux Klan, anonymous groups have come together to inflict harm. According to social psychology literature, several conditions accelerate dangerous group behavior while other conditions defuse the dangerousness of crowds. Unfortunately, Web 2.0 technologies provide all of the accelerants of mob behavior but very few of its inhibitors. For instance, social networking sites, message boards, and chat rooms foster a feeling of closeness among people with shared negative views. Group members' views, in turn, tend to polarize, leading to greater hostility and more aggressive behavior. Individuals who feel anonymous do and say things online that they would never seriously entertain doing and saying offline because they sense that their conduct will have no consequences. A site operator's decision to keep up damaging posts encourages destructive group behavior. Online mobs also have little reason to fear that their victims will retaliate against them. The factors that slow down mobs are largely absent on the Web. Studies show that group leaders and authority figures play a critical role in controlling a group's destructive behavior. But site operators, often viewed as wielding authority, have little incentive to discourage hostility because they enjoy statutory immunity for others' postings. Posters may not fear getting caught if they have hidden their identity with pseudonyms or anonymizing technologies. Because cyberspace has a way of making us feel that people are "informational artifacts," destructive groups will not view their victims as persons with whom they should empathize or whom they need. And online groups face little problems organizing due to the Internet's efficiency in gathering together individuals.It is true that the mobs of prior centuries inflicted physical harm whereas the harm here is primarily economic and emotional. But in an age when identity and reputation are bound up in the Internet, the harm to online reputation and privacy is potent. Employers review Google results in making interviewing and hiring decisions. Threats, lies, and the disclosure of private facts discourage women from blogging in their own names. Women lose opportunities to establish online identities that would enhance their careers and attract clients. Destructive online groups prevent the Web from becoming an inclusive environment. Disappointingly, this phenomenon throws us back to the nineteenth century, when women wrote under gender-neutral pseudonyms to avoid discrimination. Our inclination to make abusive private collaborations a public policy concern implicitly depends on whether private mechanisms will rein in the abuses of these groups. The social psychological literature, however, gives us little reason to expect self-correction of this serious problem. Danielle Keats Citron Cyberspace Law http://works.bepress.com/danielle_citron/4 http://works.bepress.com/danielle_citron/4 Fri, 16 May 2008 11:53:06 PDT A defining problem at the dawn of the Information Age will be securing computer databases of ultra-sensitive personal information. These reservoirs of data fuel our Internet economy but endanger individuals when their information escapes into the hands of cyber-criminals. This juxtaposition of opportunities for rapid economic growth and novel dangers recalls similar challenges society and law faced at the outset of the Industrial Age. Then, reservoirs collected water to power textile mills: the water was harmless in repose but wrought havoc when it escaped. After initially resisting Rylands v. Fletcher's strict liability standard as undermining economic development, American courts and scholars embraced it once the economy matured and catastrophes such as the Johnstown Flood made those hazards impossible to ignore.Public choice analysis suggests that a meaningful public law response to insecure databases is as unlikely now as it was in the early Industrial Age. The Industrial Age's experience can, however, help guide us to an appropriate private law remedy for the new risks and new types of harm of the early Information Age. Just as the Industrial Revolution's maturation tipped the balance in favor of early tort theorists arguing that America needed, and could afford, a Rylands solution, so too the Information Revolution's deep roots in American society and many strains of contemporary tort theory support strict liability for bursting cyber-reservoirs of personal data instead of a negligence regime overmatched by fast-changing technology. More broadly, the early Industrial Age offers valuable lessons for addressing other important Information Age problems. Danielle K. Citron Administrative Law Cyberspace Law