By: Daniel Betancourt, YLS ‘22

In the forum’s fourth session, Nathaniel Gleicher was asked to briefly respond to Applebaum and Pomerantsev’s article in The Atlantic arguing that Facebook’s business model and commercial interests provided powerful, overwhelming incentives against making a “nicer” internet which could encourage civil conversation and discourage misinformation. “If you want to build a social media platform where people are going to engage,” he said, “you need to create a space that they’re going to want to be part of, that they’re going to want to come back to, that they’re going to want to spend time on.” Gleicher suggested that Facebook (and by extension, platforms like it) was strongly economically motivated to producing a better experience for users. After all, if users consistently have unpleasant experiences stemming from an abundance of clickbait and hate speech, they will presumably migrate to new platforms that offer superior experiences (or just abandon social media altogether and sleep like angels). As Gleicher put it, if the platform wishes to create sustained engagement, “Facebook’s incentive is pretty strongly aligned with tackling this problem.” Unfortunately, there is a countervailing incentive. Facebook and its fellow platforms, while in pursuit of sustained engagement, are motivated to use many mechanisms which fail to improve or which even harm user experiences. Their reliance on targeted ads and data collection, far from creating a nicer internet, drives them to preserve its most negative features which malicious actors, both foreign and domestic, will take advantage of and which our cyber leadership forum as well as Gleicher are so dedicated to stopping.

By: Scott Graber, YLS ‘23

The US Department of Defense published its then-new Defend Forward strategy as part of its Cyber Strategy in 2018. Dr. Erica Borghard notes that the Cyberspace Solarium Commission, in considering Defend Forward, addressed a question presented by the strategy: “[h]ow can the U.S. positively change adversary behavior in cyberspace?” Defend Forward, itself an answer to this question, is defined by the Commission (according to Borghard) as “the proactive observing, pursuing, and countering of adversary operations and imposing costs in day-to-day competition to disrupt and defeat ongoing malicious adversary cyber campaigns, deter future campaigns, and reinforce favorable international norms of behavior, using all the instruments of national power.”

By: Roman Leal, YLS ‘22

A recent decision from Israeli High Court of Justice highlights how the newly created Facebook Oversight Board might empower governments to censor speech while avoiding accountability. The High Court’s decision, handed down on April 12th, considered the legality of a practice by the Cyber Unit of the Israel State Attorney’s Office. When the Cyber Unit identifies social media content it considers illegal under Israeli law, it sends a takedown request to the platform. Content is usually referred to the Cyber Unit by Israeli intelligence agencies and platforms comply with most Cyber Unit requests. Civil rights groups brought a challenge to the takedown requests, claiming that they infringe the constitutional right of free expression. In rejecting the Civil rights groups’ claim, the High Court emphasized that the decision to remove content was ultimately made by the platforms themselves. The Court also suggested that the Facebook Oversight Board was an alternative forum to bring the claim. It noted, “the ability to appeal takedowns before the board provides a remedy for rights infringements that might have occurred.” But by issuing its decision, the Court not only closed its doors to the claim—it also likely precluded the Oversight Board’s review of the matter. The Oversight Board is barred from reviewing content takedowns required by local law. Because the Oversight Board does not have the power to authoritatively determine when local law requires content to be removed, governments may shape the Board’s docket in pernicious and invisible way.

By: Aasha Shaik, YLS ‘23

Deepfakes are increasingly present across the internet, with Sensity AI finding that the number of fake videos online has roughly doubled every six months since 2018. While there has been discussion of the danger of deepfake technology to politics, disinformation, and democracy, deepfakes are also a critical matter of women’s rights and gender based violence. In 2019, AI firm Deeptrace found that 96% of deepfake videos were pornographic — nearly all of which manipulated images of women. While deepfakes began as editing celebrities into pornography, the technology is increasingly accessible, and therefore has also become a means of “revenge porn,” also known as image-based sexual abuse, for so-called regular people. While women are often unjustly blamed for revenge pornography — “we should say to...kids in kindergarten really, be careful when transmitting photos,” as Nancy Pelosi put it — deepfakes pose a new threat. Not only can people spread sexually explicit photos of women in ways unintended by the woman, but now, people can do the same using completely PG photos from anyone’s social media.

By: Rebecca Lewis, YLS ‘21

The 2021 Yale Cyber Leadership Forum addressed a wide range of topics, but one consistent theme was the increasing complexity and importance of cyber policy, and cyber security in particular. In many ways this is an obvious point; the frequency of consumer data breaches, fears over the security of the 2020 U.S. Presidential election, and recent cases of espionage such as the hacking of Solar Winds have made issues of cyber security impossible to ignore. But recognizing the importance of an issue and responding well to its complexities are two different things. Once one has recognized the importance of cyber security, what is the business leader, employee, or ordinary consumer supposed to do? Deep expertise is necessary to truly understand the problems that might arise and how to address them, and few of us are experts in cyber security.

By: Josh Lefkow, YLS ‘23

Thirty years ago, joining your local white nationalist chapter presented something of a logistical challenge. The reticence of many white nationalists to publicly out themselves meant that such groups were not necessarily easy to find, and their membership was restricted to those who actually WERE white—or at least white-passing enough to blend into a clique hyper-obsessed with racial purity. As the internet has removed traditional entry barriers to hate groups, however, they have frequently been investigated and targeted by a host of private citizens who would never have been able to do so in the pre-digital age. The very technologies that have enabled pasty malcontents and would-be jihadists to easily find their ideological ilk online have created a parallel cohort of anti-racist activists who have used their newfound access to these spaces to expose and disrupt them. This internet vigilantism, well-intentioned as it may be, raises a host of ethical questions about the propriety of such actions.

By: David Hopen, YLS ‘23

World War II catalyzed an international effort to ground human rights in “dignity.” The Universal Declaration of Human Rights opens with a “recognition of the inherent dignity” of all “members of the human family.” Both Protocol 13 of the European Convention on Human Rights and Article 3 of the Geneva Conventions feature similar provisions. More than 160 countries highlight “dignity” in their constitutions, while the U.S. Supreme Court has invoked the term over four-hundred times since 1946. Yet these relentless appeals to dignity, as Ruth Macklin maintained nearly two decades ago, offer little more than “vague restatements” and “mere slogans.” One generation after Arendt’s famous call for dignity to be enshrined as “a new law on earth,” dignity’s oversaturation diminishes its utility.

By: Seth Cole, YSOM ‘23

Last October, The Bahamas launched the world’s first fully-fledged central bank digital currency (CBDC). The Sand Dollar, and more generally CBDCs, represent a fundamental shift in central bank monetary policy. Currently, central banks offer two forms of central bank money. The first of these is simple—cash, which can be used by the general public for everyday transactions. The second is more complex and powers the Real Time Gross Settlement systems (RTGS) operated by central banks and used by financial institutions for interbank settlements. In RTGS systems, financial institutions hold accounts directly with the central bank and transfer a form of legal tender that represents central bank claims with other financial institutions.

By: Jimmy Byrn, YLS ‘23 / YSOM ‘23

During the Second World War the United States greatly benefited from its geostrategic position. The United States mainland and its private sector industrial capacity remained largely untouched throughout the conflict. Today it is difficult to imagine a similar scenario playing out in a war between great powers like the United States and China.

By: Sruthi Venkatachalam, YLS ‘23

On Oct. 12, 2020, Mumbai, India’s financial capital, was hit with one of its worst blackouts in decades, leaving millions across the city without power for hours. The stock exchange and airports were able to function, but businesses were shut down and trains were delayed. Striking during the COVID-19 pandemic, the nearly 9,000 patients in 78 hospitals were a concern, but thankfully, all key hospitals were equipped with backup generators earlier that year. At the time, some officials stated that the outage occurred due to issues with “incoming supply to the main grid,” while others suspected sabotage from the Chinese government. A 2021 study by Recorded Future, a company that studies internet usage of state actors, corroborated the latter theory by piecing together the flow of malware and suggested that the Chinese government had been quietly placing malware in the Indian infrastructure following another stand-off between India and China in the Himalayas a few months prior. The study also found that most of the malware had never been activated.

By: Aaron X. Sobel, YLS ‘23

On February 8th, 2021, a hacker attempted to poison a Florida city’s water supply. Luckily, an operator was present at the time of the hack and witnessed the water’s sodium hydroxide level multiply a hundred times, and manually reduced it back to normal. But had the operator been less vigilant, consequences for the city of Oldsmar could have been catastrophic.

By: Amir Perk, YLS ‘23

Introduction

Cryptocurrency has become impossible to ignore. Bitcoin’s market capitalization is over $1 trillion and Ethereum’s is nearly $250 billion. On a given day, $100 billion worth of Bitcoin and $60 billion worth of Ethereum change hands, and these are just two of the most popular cryptocurrencies. Meanwhile, an artist sold a non-fungible token (NFT)—a unique file that lives on a blockchain—for $69 million, Kevin Rose sold an NFT of his NY Times article about NFTs for $560,000, and a Top Shot moment—a virtual NBA trading card based on NFT technology—depicting a Lebron James dunk sold for nearly $400,000. And, besides these recent trends, blockchain, the technology behind crypto, has been reshaping industries with diverse use cases across the economy. This is the future. Our regulators cannot and should not hide from it.

By: Lauren Lin, YLS ‘23

In the last couple years TikTok has been accused of censorship and providing data to the Chinese government, failed to close various deals, and gotten outright banned. Many argue that there are legitimate cybersecurity concerns regarding TikTok given its lack of transparency in how it collects and uses its data, as well as how it manages its content delivery—how big an influence the Chinese government has on TikTok and its parent company ByteDance are uncertain. In considering whether to institute a ban on TikTok, it is important to consider the security, political, and commercial concerns involved.

By: Caroline Lawrence, JD / YLS ‘21

One thing is clear from the recent Solar Winds attack: in at least some instances, cybercriminals do not discriminate among the public and the private in choosing targets. Victims of the Solar Winds breach included large firms such as Microsoft, Intel, and Cisco, as well as numerous government agencies, including the Departments of Commerce, Defense, Energy, Homeland Security, State, Health, and the Treasury.

By: Lara Markey, YLS ’22

Facebook’s recently formed Oversight Board has been thrust into the spotlight in recent months because of its consideration of the company’s decision to remove President Trump from the platform in January 2021. After nearly four months and over 9,000 comments from the public regarding the case, the Board announced on May 5, 2021 that Facebook’s decision to restrict President Trump’s account was proper. However, the Board determined that his indefinite suspension was inappropriate and went against the company’s terms and content policies. The fate of former President Trump’s Facebook account was not the only finding from this case; Facebook also asked the Board to provide new guidance on how posts from political leaders should be addressed on the platform. Although the recommendations made by the Board are not binding on the organization, Facebook has a history of implementing Board recommendations with care, and these new proposals may influence the use of the online platform by political leaders.

By: Olympia Karageorgiou, YLS ‘21

In Spring 2020, the coronavirus (COVID-19) pandemic suddenly necessitated institutions, public and private, to transform the ways in which they manage operations, and where applicable, provide services. Undoubtedly, the increasing accessibility of the internet in the United States has been a linchpin in facilitating this unprecedented transition.

By: Margaret House, YLS ‘22

On September 11, 2020, a woman in Germany (referred to here as Patient X) died from an aortic aneurysm while being transported the approximately 20 miles from Düsseldorf to a hospital in Wuppertal. While patients passing away during transit is not usually a newsworthy occurrence, her death is of particular significance; though widely debated, Patient X is thought to be the first person whose death could possibly be attributed to a ransomware attack.

By: Max Jesse Goldberg, YLS ‘22

Introduction

As individuals and organizations grow increasingly conscious of cybersecurity, an ecosystem of security researchers has emerged to find and address cyber risks. Although security researchers have become vital to protecting our cybersecurity, their work is being frustrated by an unexpected problem: copyright law.

By: Bella Gianani YLS ‘23

The data marketplace has become one of the largest and most profitable in the United States, complete with databases on billions of facets on the lives of U.S. consumers. While the datafication of the human experience has been largely accepted as a reality, the personal information of children has been determined to warrant heightened legal protection. Student data, in particular, is seen as particularly sensitive, as ‘information deriving from pursuit of an education should not be exploited without restraint.’ Current federal policy, in the form of COPPA, has failed to adequately protect the privacy rights of children, especially within the nation’s schools.

By: Preston Lim, YLS ‘21

In the past several years, the Chinese government has successfully expanded its national cyber program. Harvard University’s Belfer National Cyber Power Index ranked China as the second most comprehensive cyber power in the world, behind the United States and ahead of both the United Kingdom and Russia. While the United States has maintained an edge in several competencies, Chinese cyber capabilities far outstrip those of the United States’ allies in the Indo-Pacific. Countries like Taiwan, India, and South Korea are increasingly vulnerable to Chinese cyber attacks. While many commentators have focused on the scope of China’s cyber capabilities, few have focused on how China has directed and abetted the proliferation of offensive cyber capabilities (“OCC”) and on the dangers this proliferation poses.