Month: September 2021

Shadab on Metasoftware: Building Blocks for Legal Technology

Houman B. Shadab (New York Law School) has posted “Metasoftware: Building Blocks for Legal Technology” on SSRN. Here is the abstract:

This Article develops a novel concept in information technology called metasoftware. It then applies the concept of metasoftware to developing legal technology.

Metasoftware enables users to create the software of their choosing and stands in sharp contrast to traditional, functional software that is intended for a particular purpose or a defined range of tasks. Functional software is the default type of software that is currently produced and includes word processing, email, social networking, enterprise resource management, online marketplaces, and video game software. Metasoftware, by contrast, is not functional. Metasoftware presents the user with a blank slate upon which to build functional software.

I argue that software is metasoftware to that extent that (1) it enables users to build user interface elements, workflow logic, and perform database operations, (2) provides connectivity with external data and software systems, and (3) is able to be stored and run independently from the platform that is used to build the software. In its purest form, metasoftware enables its users to build any functional software (given the existing state of technology), integrate with all open software platforms, and be hosted and run in the environment of the user’s choosing without being bound to a particular vendor or other proprietary software platform.

My identification of metasoftware contributes to the academic literature on information systems (and technology). Metasoftware is a hitherto unrecognized category of software for analysis in terms of several foundational lines of information technology research including user acceptance and usage, diffusion within an organization, and impact on organizational innovation and success (e.g., business performance).

I analyze three types of metasoftware platforms to determine how metasoftware characteristics are implemented in each and important inherent tradeoffs. These platforms are those closely tied to major producers of cloud-based software platforms, standalone proprietary “no code” software builder platforms, and open source visual development platforms.

This Article also describes how metasoftware platforms can be used to build functional legal technology and analyzes how the tradeoffs between different types of metasoftware platforms turn impact how each type of platform should be approached as building blocks for legaltech software. I focus on four major categories of legaltech as illustrative of the potential for metasoftware to build functional software: legal research, legal matter management, contract automation, and a variety of applications of artificial intelligence.

Fernández-Villaverde on Has Machine Learning Rendered Simple Rules Obsolete?

Jesús Fernández-Villaverde (U Penn – Depart of Econ; NBER) has posted “Has Machine Learning Rendered Simple Rules Obsolete?” on SSRN. Here is the abstract:

Epstein (1995) defended the superiority of simple legal rules over complex, human-designed regulations. Has Epstein’s case for simple rules become obsolete with the arrival of artificial intelligence, and in particular machine learning (ML)? Can ML deliver better algorithmic rules than traditional simple legal rules? This paper argues that the answer to these question is “no.” I will build an argument based on three increasingly more serious barriers that ML faces to develop legal (or quasi-legal) algorithmic rules: data availability, the Lucas’ critique, and incentive compatibility in eliciting information. Thus, the case for simple legal rules is still sound even in a world with ML.

Recommended.

Bambauer & Risch on Worse Than Human?

Derek E. Bambauer (University of Arizona – James E. Rogers College of Law) and Michael Risch (Villanova University Charles Widger School of Law) have posted “Worse Than Human?” (Arizona State Law Journal, Forthcoming) on SSRN. Here is the abstract:

The rise of algorithm-driven decisionmaking enabled by Big Data has generated widespread concern among legal scholars. However, few critics have considered data on people’s existing preferences about the role of algorithms in decision systems. This Article uses empirical analysis of a novel, large dataset of consumer surveys to elucidate those preferences. The surveys explore whether people prefer to have an algorithm or a human determine an outcome affecting their welfare in a range of representative scenarios with varying stakes. The Article examines how preferences change when one type of decisionmaker produces results that are more accurate, faster, cheaper, or that incorporate private personal information. And it analyzes anchoring effects from the initial assignment of a decisionmaker, along with interactions among these variables, to test how malleable views about algorithms are.

The study’s empirical results call the conventional wisdom sharply into question. People often preferred to have an algorithm decide, especially when the mathematical models offered benefits relative to humans. In particular, consumer preferences are highly sensitive to the relative costs or benefits of the two decisionmakers—even more so than to relative accuracy. The stickiness of default settings demonstrates that preferences are often path-dependent, emphasizing the importance of sound policy choices for algorithmic governance. The Article concludes by elaborating the policy implications of its empirical findings. It contends that consumer preferences deserve greater weight in regulatory choices; that transparency efforts should concentrate on the benefits or costs of algorithms to consumers; and that policy should treat high-stakes decisions differently from less weighty ones. And its data-driven findings can help shape reforms that are both effective for and acceptable to consumers.

Frankenreiter on The Missing ‘California Effect’ in Data Privacy Law

Jens Frankenreiter (Washington University in St. Louis – School of Law) has posted “The Missing ‘California Effect’ in Data Privacy Law” (Yale Journal on Regulation, Forthcoming) on SSRN. Here is the abstract:

The “California Effect” is a recurring trope in discussions about regulatory interdependence. This effect predicts that businesses active in multiple jurisdictions sometimes adopt the strictest standards that they face in any jurisdiction globally, even if the law does not require global compliance. There is a substantial literature that assumes the existence of California Effects both at the interstate level in the United States and the international level. However, empirical evidence documenting their existence and strength is scarce.

This paper investigates the existence of California Effects in data privacy law, a field in which these effects have been said to be particularly influential. Its main goal is to understand the extent to which EU law (which is usually described as comparably stringent) influences transactions between U.S. online services and consumers. Using a range of computational and traditional quantitative techniques, the paper tracks changes in almost 700 webpages’ privacy policies. The analysis covers two years starting in November 2017, a period that saw the enactment of a new, sweeping data privacy law in the EU. Contrary to what many assume, the analysis reveals that most U.S. online services treat U.S. consumers and EU consumers differently, with EU consumers enjoying higher levels of protection. This result indicates that the impact of EU law on the operations of U.S. online services is limited. Moreover, it suggests that California Effects driven by costs of differentiation might be less important than is commonly assumed, at least in data privacy law. The paper also discusses the implications of these findings for researchers and policymakers.

Recommended.

Alston, Law, Murtazashvili & Weiss on Blockchain Networks as Constitutional and Competitive Polycentric Orders

Eric Alston (Finance Division, University of Colorado Boulder), Wilson Law (Baylor University),
Ilia Murtazashvili (University of Pittsburgh – Graduate School of Public and International Affairs), and Martin B. H. Weiss (University of Pittsburgh – School of Computing and Information) have posted “Blockchain Networks as Constitutional and Competitive Polycentric Orders” on SSRN. Here is the abstract:

Permissionless blockchains have been described as a novel institutional building block for voluntary economic exchange, with unique protocol features such as automated contract execution, high levels of network and process transparency, and uniquely distributed governance. We argue that conventional institutional economics analysis of blockchain networks is incomplete absent a more robust application of descriptive polycentric analysis. Though the distributed governance that permissionless blockchain protocols provide is novel, these networks nonetheless require ongoing coordination between stakeholders and are subject to competitive pressures much like other private organizations pursuing similar goals for a set of users who can choose among providers. We characterize change on blockchain networks as resulting from internal sources and external sources. These internal sources include constitutional (protocol) design and the related need for collective choice processes to update protocols. In addition to law and regulation, competitive pressure is itself a critical external source of governance. Predominantly through analysis of two leading cryptocurrency networks, Bitcoin and Ethereum, we illustrate how conceptualizing of blockchain as a polycentric enterprise enhances our predictive and descriptive understanding of these networks.

Bhagwat on Platform Editorial Rights

Ashutosh Avinash Bhagwat (UC Davis – School of Law) has posted “Do Platforms Have Editorial Rights?” (1 Journal of Free Speech Law 97 (2021)) on SSRN. Here is the abstract:

Social media today plays a central, albeit vexing and divisive role in our social and political culture. In response to the alleged failures of social media, a vast array of regulatory proposals have been advanced, and in some cases legislatively enacted, that would restrict the ways in which social media platform owners may moderate content on their platforms. These proposals include, among other things, imposing common carrier status on platforms (an approach endorsed by Justice Thomas in a recent separate opinion), requiring viewpoint-neutral content moderation policies, and restricting or conditioning platforms’ Section 230 immunities in various ways. What all of these proposals have in common is that they seek to impose legal restrictions on how social media platforms control the content that they host, refuse to host, display, and prioritize.

These proposals are in deep tension with the idea that platforms themselves have First Amendment rights to control what content is available or visible on their platforms—what I call editorial rights. This article considers whether, and to what extent, social media platforms enjoy First Amendment editorial rights, and the implications of those rights for assorted regulatory initiatives.

I begin by defining First Amendment editorial rights, and distinguishing between different kinds of editorial rights. I then examine how, and to what extent, the courts have extended editorial rights to new communications technologies. I next turn to the specific question of internet platform editorial rights, concluding that social media platforms should indeed enjoy substantial editorial rights, though probably fewer than prototypical holders of editorial rights such as print newspapers. I conclude by considering whether current regulatory proposals are consistent with these editorial rights.

Kröger, Lutz & Ullrich on The Myth of Individual Control Over Privacy

Jacob Leon Kröger (Technische Universität Berlin; Weizenbaum Institute), Otto Hans-Martin Lutz (Weizenbaum Institute), and Stefan Ullrich (Weizenbaum Institute) have posted “The Myth of Individual Control: Mapping the Limitations of Privacy Self-management” on SSRN. Here is the abstract:

Despite years of heavy criticism, privacy self-management (i.e., the principle that people individually manage their privacy via notice and choice) remains the standard of privacy protection throughout the Western world. Building on previous research, this article provides an overview and classification of the manifold obstacles that render privacy self-management largely useless in practice. People’s privacy choices are typically irrational, involuntary and/or circumventable due to human limitations, corporate tricks, legal loopholes and the complexities of modern data processing. Moreover, the self-management approach ignores the consequences that individual privacy choices have on other people and society at large. Regarding future research, we argue that the focus should not be on whether privacy self-management can be fixed by making it more user-friendly or efficient – it cannot. The concept is based on fundamentally wrong assumptions. To meaningfully address the potentials and dangers of personal data processing in the 21st century, a shift away from relying purely on individual control is inevitable. We discuss potential ways forward, stressing the need for government intervention to regulate the social impact of personal data processing.

Verstraete & Zarsky on Cybersecurity Spillovers

Mark Verstraete (UCLA School of Law) & Tal Zarsky (University of Haifa – Faculty of Law) have posted “Cybersecurity Spillovers” (Brigham Young University Law Review, Forthcoming) on SSRN. Here is the abstract:

This Article identifies and analyzes a previously unrecognized source of positive externalities within cybersecurity, which we term “cybersecurity spillovers.” Most commentators have focused on negative externalities and market failures, leading to a pervasive pessimism about the possibility of adequate cybersecurity protections. In response, this Article demonstrates that unique dynamics from cloud computing—most notably, indivisibility—may force cloud service firms to generate spillovers. These spillovers are additional security protections provided to the common cloud users; clients who may have not been willing or able to acquire these security services otherwise. Furthermore, this additional source of security offsets some of the most pernicious effects of negative externalities and market failure which commonly plague the cybersecurity ecosystem.

Alongside its descriptive analysis of cybersecurity spillovers, this Article alerts policymakers about potential analytical tools which can be used to identify the most beneficial spillovers. Moreover, it offers recommendations for specific interventions that will promote spillovers and improve the state of cybersecurity generally. In particular, this Article explains that policymakers could promote indivisibility and strengthen spillovers by tailoring liability rules. Such enhanced liability might incentivize premium cloud service clients to demand robust protections across the entire platform. In addition, the Article addresses the relationship between market concentration and spillovers. It provides recommendations for preserving spillovers even without concentration in the market for cloud storage. And finally, the Article suggests how the government’s cloud services procurement and tender processes can be utilized to amplify the beneficial effects of spillovers.

Chander & Sun on Sovereignty 2.0

Anupam Chander (Georgetown University Law Center) & Haochen Sun (The University of Hong Kong – Faculty of Law) have posted “Sovereignty 2.0” on SSRN. Here is the abstract:

Digital sovereignty—the exercise of control over the internet—is the ambition of the world’s leaders, from Australia to Zimbabwe, a bulwark against both foreign state and foreign corporation. Governments have resoundingly answered first-generation internet law questions of who if anyone should regulate the internet—they all will. We now confront second generation questions—not whether, but how to regulate the internet. We argue that digital sovereignty is simultaneously a necessary incident of democratic governance and democracy’s dreaded antagonist. As international law scholar Louis Henkin taught us, sovereignty can insulate a government’s worst ills from foreign intrusion. Assertions of digital sovereignty, in particular, are often double-edged—useful both to protect citizens and to control them. Digital sovereignty can magnify the government’s powers by making legible behaviors that were previously invisible to the state. Thus, the same rule can be used to safeguard or repress–a feature that legislators across the Global North and South should anticipate by careful checks and balances.

Sain Jones on A Practical Approach to CryptoReg

Lindsay Sain Jones (Terry College of Business, University of Georgia) has posted “Beyond the Hype: A Practical Approach to CryptoReg” (Virginia Journal of Law and Technology, Vol. 25, 2021) on SSRN. Here is the abstract:

Most regulatory action related to cryptocurrencies is primarily aimed at preventing scams, illicit uses, and market manipulation. Although the technology that underlies cryptocurrencies is groundbreaking, these regulatory concerns are not. Nonetheless, regulators have struggled to fit cryptocurrencies into their preexisting legal frameworks. For a time, it seemed that cryptocurrencies would be classified by the Commodity Futures Trading Commission (CFTC) as a commodity, by the Financial Crimes Enforcement Network (FinCEN) as a form of money, and by the Internal Revenue Services (IRS) as property. Meanwhile, the Securities and Exchange Commission (SEC) had determined that the two most well-known cryptocurrencies, Bitcoin and Ether, were not securities. In December of 2020, however, the SEC filed an enforcement action against Ripple Labs for issuing XRP, a cryptocurrency that the SEC deemed a security. Although the future of the Ripple lawsuit is uncertain, the SEC’s unexpected action reveals the need for regulatory clarity for cryptocurrency markets. The time has come to develop a regulatory plan for cryptocurrencies that will not only provide clarity and address legitimate concerns but also allow for the continued development of cryptocurrencies. This Article proposes to minimize the SEC’s oversight of cryptocurrencies and suggests statutory amendments that would 1) strengthen the authority of the CFTC and FinCEN to effectively oversee cryptocurrency markets and 2) modernize tax policy to enable the development of cryptocurrencies as a viable payment method.