NewYorkUniversity
LawReview

Issues

Topic

Technology

Results

Safe Sharing Sites

Lisa M. Austin, David Lie

In this Article we argue that data sharing is an activity that sits at the crossroads of privacy concerns and the broader challenges of data governance surrounding access and use. Using the Sidewalk Toronto “smart city” proposal as a starting point for discussion, we outline these concerns to include resistance to data monopolies, public control over data collected through the use of public infrastructure, public benefit from the generation of intellectual property, the desire to broadly share data for innovation in the public interest, social—rather than individual— surveillance and harms, and that data use be held to standards of fairness, justice, and accountability. Data sharing is sometimes the practice that generates these concerns and sometimes the practice that is involved in the solution to these concerns.

Our safe sharing site approach to data sharing focuses on resolving key risks associated with data sharing, including protecting the privacy and security of data subjects, but aims to do so in a manner that is independent of the various legal contexts of regulation and governance. Instead, we propose that safe sharing sites connect with these different contexts through a legal interface consisting of a registry that provides transparency in relation to key information that supports different forms of regulation. Safe sharing sites could also offer assurances and auditability regarding the data sharing, further supporting a range of regulatory interventions. It is therefore not an alternative to these interventions but an important tool that can enable effective regulation.

A central feature of a safe sharing site is that it offers an alternative to the strategy of de-identifying data and then releasing it, whether within an “open data” context or in a more controlled environment. In a safe sharing site, computations may be performed on the data in a secure and privacy-protective manner without releasing the raw data, and all data sharing is transparent and auditable. Transparency does not mean that all data sharing becomes a matter of “public” view, but rather that there is the ability to make these activities visible to organizations and regulators in appropriate circumstances while recognizing the potential confidentiality interests in data uses.

In this way, safe sharing sites facilitate data sharing in a manner that manages the complexities of sharing while reducing the risks and enabling a variety of forms of governance and regulation. As such, the safe sharing site offers a flexible and modular piece of legal-technical infrastructure for the new economy.

Machines as the New Oompa-Loompas: Trade Secrecy, the Cloud, Machine Learning, and Automation

Jeanne C. Fromer

In previous work, I wrote about how trade secrecy drives the plot of Roald Dahl’s novel Charlie and the Chocolate Factory, explaining how the Oompa-Loompas are the ideal solution to Willy Wonka’s competitive problems. Since publishing that piece I have been struck by the proliferating Oompa-Loompas in contemporary life: computing machines filled with software and fed on data. These computers, software, and data might not look like Oompa-Loompas, but they function as Wonka’s tribe does: holding their secrets tightly and internally for the businesses for which these machines are deployed.

Computing machines were not always such effective secret-keeping Oompa Loompas. As this Article describes, at least three recent shifts in the computing industry—cloud computing, the increasing primacy of data and machine learning, and automation—have turned these machines into the new Oompa-Loompas. While new technologies enabled this shift, trade secret law has played an important role here as well. Like other intellectual property rights, trade secret law has a body of built-in limitations to ensure that the incentives offered by the law’s protection do not become so great that they harm follow-on innovation—new innovation that builds on existing innovation—and competition. This Article argues that, in light of the technological shifts in computing, the incentives that trade secret law currently provides to develop these contemporary Oompa-Loompas are excessive in relation to their worrisome effects on follow-on innovation and competition by others. These technological shifts allow businesses to circumvent trade secret law’s central limitations, thereby overfortifying trade secrecy protection. The Article then addresses how trade secret law might be changed—by removing or diminishing its protection—to restore balance for the good of both competition and innovation.

Data Standardization

Michal S. Gal, Daniel L. Rubinfeld

With data rapidly becoming the lifeblood of the global economy, the ability to improve its use significantly affects both social and private welfare. Data standardization is key to facilitating and improving the use of data when data portability and interoperability are needed. Absent data standardization, a “Tower of Babel” of different databases may be created, limiting synergetic knowledge production. Based on interviews with data scientists, this Article identifies three main technological obstacles to data portability and interoperability: metadata uncertainties, data transfer obstacles, and missing data. It then explains how data standardization can remove at least some of these obstacles and lead to smoother data flows and better machine learning. The Article then identifies and analyzes additional effects of data standardization. As shown, data standardization has the potential to support a competitive and distributed data collection ecosystem and lead to easier policing in cases where rights are infringed or unjustified harms are created by data-fed algorithms. At the same time, increasing the scale and scope of data analysis can create negative externalities in the form of better profiling, increased harms to privacy, and cybersecurity harms. Standardization also has implications for investment and innovation, especially if lock-in to an inefficient standard occurs. The Article then explores whether market-led standardization initiatives can be relied upon to increase welfare, and the role governmental-facilitated data standardization should play, if at all.

License to Hack

Dyane L. O’Leary

Legal hackathons are exploding in popularity. “Hacking” is a term often associated with illegal behavior, but a hackathon is something different. At a hackathon, lawyers, technologists, data scientists, public interest organizations, law students, and just about anyone who is interested converge in a friendly, time-pressured competition aimed at solving some defined problem. For more than a decade, different industries have looked to hackathons as a source of new ideas. Today, the legal industry uses hackathons to spark creation of innovative tools to chip away at the access to justice crisis and improve the delivery of legal services.

But often lost in the excitement is a key piece to hackathon success: treatment of the intellectual property. For example, who owns the copyright in software created at a hackathon? What about a new business method? What about the rights to trademark a new design? Most hackathons have some form of a participant agreement, but many outright ignore the “who owns it” question or fail to address it in a purposeful manner.This is a problem in need of a solution—or at least some concrete guidance.

This Article explores intellectual property rights in the context of legal hackathons. How intellectual property is approached at the start can impact the success (or not) of creations at the end. Taking rights away from participants risks alienating them and interfering with the collaborative and fun spirit most hackathons embody. Yet giving participants all the marbles may not be preferable either, especially if it disincentivizes organizers to support future development and help a tool survive beyond the hackathondoors. In circumstances where one size doesn’t fit all, this Article discusses pros and cons of varying approaches to intellectual property in hackathon participant agreements. Embodying the hackathon resolve to create something tangible and useful for others, the Article connects readers to an online repository of sample agreements as well as a participant agreement template.