A Fresh Start: Surveillance Tech and the Modern Law Firm

By: Titus R. Willis The legal community is rapidly evolving: firms are more beholden to clients than ever, associates are growing more competitive with one another, and younger firm employees are more willing than ever to subject themselves to surveillance from their employers. These evolutions come alongside a boom in surveillance technology. Tech companies now provide services that can track every keystroke a lawyer makes on a company computer, analyze the content of their computer screens, or even develop algorithms to measure employee productivity. How does the modern law firm respond to these new technologies? How do they weigh their obligations to clients with the privacy considerations of their employees? This Note examines these key questions and makes a comment about the honor of the legal profession along the way. Download Full Article (PDF) Cite: 19 Duke L. & Tech. Rev. 75

Consumers Beware: How Are Your Favorite “Free” Investment Apps Regulated?

By: Siqi Wang The proliferation of free or low-cost investment apps has disrupted the financial industry in recent years. Major brokerage firms have been pressured to go to zero fees due to intense competition from their fintech counterparts. While these apps have extended their products and services to those underserved by traditional brokers, some of their practices raise consumer protection concerns. Namely, the practice of “payment for order flow,” which helps fintech startups sustain a zero-commission model, could lead to subordinating customers’ best interest to market makers who acquire their retail orders from these fintech startups. Further, “cash management accounts,” newly popular among fintech startups with an ambition to compete with chartered banks raise questions about the use of idle customer assets and the protections afforded to these accounts in case of liquidation. This Note considers the products and services of these investment apps in the context of existing U.S. regulations and regulators for broker-dealers, investment advisors, and chartered banks. To illustrate this, this Note analyzes the potential consumer financial protection issues arising out of these fintech-based investment platforms’ distinctive business models and the services they provide. Download Full Article (PDF) Cite: 19 Duke L. & Tech. Rev. 43

Cyber and TRIA: Expanding the Definition of An “Act of Terrorism” to Include Cyber Attacks

By: Nehal Patel The 9/11 terrorist attacks brought on financial losses that caused insurers and Congress to reevaluate how the United States approaches terrorism risk coverage. Congress quelled concerns of insurers evading coverage of future terrorist attacks by enacting the Terrorism Risk Insurance Act in 2002. This Note considers the difficulties presented by the out-of-date language employed by Congress in 2002 and proposes amendments so that the Act more clearly covers acts of cyberterrorism, which are ever-growing in their destructive potential. Download Full Article (PDF) Cite: 19 Duke L. & Tech. Rev. 23

Any Safe Harbor in a Storm: SESTA-FOSTA and the Future of § 230 of the Communications Decency Act

By: Charles Matula Section 230 of the Communications Decency Act not only allows the internet to flourish by shielding web platforms from liability for user-created content but also lets these companies off the hook for facilitating crime. SESTA-FOSTA, designed by legislators to target internet sex traffickers, attempts to chip away at this liability shield in order to maintain some form of accountability. This Note discusses this law, its motivations, and its implications for freedom of speech on the internet. Download Full Article (PDF) Cite: 18 Duke L. & Tech. Rev. 353

Autonomous Systems as Legal Agents: Directly by the Recognition of Personhood or Indirectly by the Alchemy of Algorithmic Entities

By: Dalton Powell At its core, agency law governs fiduciary relationships between two distinct parties (the principal and agent) in interactions with third parties. The three separate relationships within agency (principal-agent, agent-third party, and principal-third party) create binding legal rights and obligations. To be a principal or agent, one must be a person. The Restatement (Third) of Agency’s definition of person attempts to distinguish legally recognized persons from purely organizational entities and mere instrumentalities. The emergence of AI computing, and the ongoing development of truly autonomous computer systems, will test traditional agency law with questions like who or what can be a person. At present, the Restatement views computer programs as mere instrumentalities of the using person and thus not a separate person capable of being a principal or agent. This Note will analyze the tension created within agency law’s definition of personhood by the existence of autonomous systems. Download Full Article (PDF) Cite: 18 Duke L. & Tech. Rev. 306

Opting Out: Biometric Information Privacy and Standing

By: Michelle Jackson Biometric technology promises to reshape the modern economy. With the increased prevalence of biometric technology comes a heightened risk of data breaches and identity theft. To protect consumers, state legislatures have enacted biometric privacy laws. As more state legislatures define the intangible harm of data misuse, some federal courts have restricted what constitutes an injury sufficient to create Article III standing. This analysis misapplies Spokeo and undermines legislative efforts to protect individual privacy. Because of the important interests at stake with biometric information privacy, federal courts should follow the Ninth Circuit and recognize the misuse of that data as a sufficient injury to constitute standing. Consumers usually cannot opt out of new biometric technologies implemented at airport gates, shopping centers, and workplaces. The federal courts also should not use standing doctrines to opt out of the intangible harms characterizing the information age. Download Full Article (PDF) Cite: 18 Duke L. & Tech. Rev. 293