cybersecurity | Duke Law & Technology Review

The Myth of Sufficient Technological Barriers: Reevaluating the “Gates-Up-or-Down” Analogy in Data Scraping

April 9, 2026 hj172@duke.edu Current Volume, Cybersecurity, Recent Publications, Science & Technology Leave a comment

By: Yucen Zhong In Van Buren v. United States, the Supreme Court adopted a “gates-up-or-down” analogy from physical trespass law to define “authorization” under the Computer Fraud and Abuse Act (CFAA). Despite historical shifts in judicial interpretation, courts have recently relied on this binary framework to interpret authorization as it applies to online trespass. But courts have struggled to apply this binary inquiry while still accounting for complications in modern authentication technologies. When pursuing a code-based inquiry based on the gates-up-or-down analogy, courts risk oversimplifying the dynamic nature of online trespass. Such an approach fails to account for how modern authentication measures—such as CAPTCHAs, unsearchable URLs, and compromised passwords—blur the line between public and private information. This Note argues that the gates-up-or-down framework is inadequate in defining authorization in online trespass and calls for a more balanced approach that looks beyond a code-based inquiry. Download Full Article (PDF) Cite: 26 Duke L. & Tech. Rev. 87

Continue

Playing to Win: The Use of Export Controls to Address Non-military Strategic Competition

April 4, 2025 xc196@duke.edu Artificial Intelligence, Current Volume, Cybersecurity, Featured Articles, International, Recent Publications, Science & Technology Leave a comment

By: Joshua Angelo Technology and national security have been intimately related throughout American history. Over the past eighty-five years, the United States has increasingly made use of export controls to prevent adversarial countries from using the fruits of its technological advancement to strengthen their militaries and harm American interests. Today, strategic competition with the People’s Republic of China involves a myriad of technologies which present risks outside of, as well as within, the military context. Chinese exports of technologies, including artificial intelligence, quantum computing, and 5G communications, can promote the country’s authoritarian model abroad, enable economic coercion, and help to enrich the regime. The Belt and Road and “Made in China 2025” initiatives illustrate China’s use of novel technologies to further its global ambitions. Export controls may help to confront these threats. This note asks whether the Bureau of Industry and Security (a government body tasked with implementing export controls) can regulate exports of novel technologies for purposes of non-military strategic competition. Through examination of the statutes authorizing export controls and of the deference traditionally afforded to the Executive in administrative and foreign affairs matters, this note concludes that such export controls are authorized. Download Full Article (PDF) Cite: 25

Continue

The Lack of Responsibility of Higher Education Institutions in Addressing Phishing Emails and Data Breaches

March 30, 2024 mw511@duke.edu Cybersecurity, Data Governance, Notes, Science & Technology Leave a comment

By: Muxuan (Muriel) Wang Higher education institutions (HEIs) are highly susceptible to cyberattacks, particularly those facilitated through phishing, due to the substantial volume of confidential student and staff data and valuable research information they hold. Despite federal legislations focusing on bolstering cybersecurity for critical institutions handling medical and financial data, HEIs have not received similar attention. This Note examines the minimal obligations imposed on HEIs by existing federal and state statutes concerning data breaches, the absence of requirements for HEIs to educate employees and students about phishing attacks, and potential strategies to improve student protection against data breaches. Download Full Article (PDF) Cite: 23 Duke L. & Tech. Rev. 35

Continue