Day: August 25, 2021

Langvardt on Platform Speech Governance and the First Amendment: A User-Centered Approach

Kyle Langvardt (University of Nebraska at Lincoln – College of Law) has posted “Platform Speech Governance and the First Amendment: A User-Centered Approach” (Lawfare’s Digital Social Contract Paper Series 2020) on SSRN. Here is the abstract:

How should the First Amendment apply to laws that tell giant platforms like Facebook or Twitter how to police third-party content? On one view, content moderation is a form of constitutionally protected “speech” in itself, much as a newspaper’s editorial choices are speech. But this view leads to an absurd result in which the First Amendment’s free speech guarantee becomes a mandate for a small number of corporate heads to rule public discourse. This paper therefore offers an alternative: When a law regulates the dominant platforms’ content policies, the law’s downstream effects on the speech of users should determine whether it violates the First Amendment.

This kind of analysis will require significant legal innovation. The dominant platforms today host virality-driven environments whose internal dynamics undermine First Amendment law’s traditional understanding that public discourse can mostly regulate itself. The First Amendment’s high-level purposes will have to translate differently to these spaces, with doctrinal details that often bear little resemblance to the black-letter law that applies in more traditional settings.

At worst, we may find ourselves faced with the question of how much the First Amendment’s traditional guarantees must be watered down to account for the new and dangerous physics of ad-driven viral discourse. But more optimistically, the First Amendment could become a spur for regulators to develop and implement new content-neutral measures for mitigating speech-related harm. These measures might create a new, slower model of online speech—one that is less prone to manipulation and frenzy, less needful of censorship, and therefore more hospitable to the true freedom of speech.

Chawla on Pegasus Spyware – ‘A Privacy Killer’

Ajay Chawla (Delhi High Court) has posted “Pegasus Spyware – ‘A Privacy Killer'” on SSRN. Here is the abstract:

The recent Pegasus Project revelations of about half a lakh people across the world, including several in India, being targeted for cyber surveillance has firmly brought the spotlight on the Pegasus spyware, which is widely understood to be the most sophisticated smartphone attack tool. The revelations also mark the first time that a malicious remote jailbreak exploit had been detected within an iPhone.

Pegasus is a spyware (Trojan/Script) that can be installed remotely on devices running on Apple’s iOS & Google’s Android operating systems. It is developed and marketed by the Israeli technology firm NSO Group. NSO Group sells Pegasus to “vetted governments” for “lawful interception”, which is understood to mean combating terrorism and organized crime, as the firm claims, but suspicions exist that it is availed for other purposes.

Pegasus is a modular malware that can initiate total surveillance on the targeted device, as per a report by digital security company Kaspersky. It installs the necessary modules to read the user’s messages and mail, listen to calls, send back the browser history and more, which basically means taking control of nearly all aspects of your digital life. It can even listen in to encrypted audio and text files on your device that makes all the data on your device up for grabs.

Since Pegasus hacks into the operating system, every activity within the phone can be monitored when the phone is switched on. It’s as if someone is monitoring your phone activity over your shoulders. Pegasus operators can remotely record audio and video from your phone, extract phone messages, use GPS for location tracking, and recover passwords and authentication keys without the user even noticing. It’s only when a device is sent for forensic screening, and experts look into the transfer of data to and from the phone, is when a potential attack can be confirmed. The dooming fact of it all is that since Pegasus exploits zero-day vulnerabilities, there is nothing that can be done regarding such breaches unless operating system developers proactively ship out an update to your phone, aimed to protect you from hi-tech malware like Pegasus.