About | HeinOnline Law Journal Library | HeinOnline Law Journal Library | HeinOnline

34 Berkeley Tech. L.J. 449 (2019)
Legally Cognizable Manipulation

handle is hein.journals/berktech34 and id is 491 raw text is: 


                                     Ido I/ovaOit


    Swaths of personal and nonpersonal information collected online about Internet users
are increasingly being used in sophisticated ways for online political manipulation. This
represents a new trend in the exploitation of data, where instead of pursuing direct financial
gain based on the face value of the data, actors engage in data analytics using advanced artificial
intelligence technologies that allow them to more easily access individuals' cognition and
future behavior. Although in recent years the concept of online manipulation has received
some academic and policy attention, the desirable relationship between cybersecurity law and
online manipulation is not yet fully explored. In other words, regulators and courts have yet
to realize the importance of linking cybersecurity law to individual autonomy, privacy, and
    This Article provides an account of the desirable relationship between cybersecurity law
and other values, such as autonomy, privacy, and democracy, by looking at the phenomenon
of online manipulation achieved through psychographic profiling. It argues that the volume,
efficacy, and sophistication of present online manipulation techniques pose a considerable and
immediate danger to autonomy, privacy, and democracy. Intemet actors, political entities, and
foreign adversaries carefully study the personality traits and vulnerabilities of Internet users
and, increasingly, target each such user with an individually tailored stream of information or
misinformation with the intent of exploiting the weaknesses of these individuals. This Article
makes a broader argument about cybersecurity law and its narrow focus on identity theft and
financial fraud. Primarily, this Article looks at data-breach notification law, a subset of
cybersecurity law, as reflective of that limited scope. It argues that data-breach notification law
could provide a much-needed backdrop for the challenges presented by online manipulation,
while alleviating the sense of lawlessness engulfing current misuses of personal and
nonpersonal data. At the heart of this Article is an inquiry into the expansion of dated notions
of cybersecurity law.

         DOI: https://doi.org/10.15779/Z38T727G4R
         © 2019 Ido Kilovaty.
      t Frederic Dorwart Endowed Assistant Professor of Law, University of Tulsa, College
 of Law; Cybersecurity Policy Fellow, New America; Visiting Faculty Fellow, Center for Global
 Legal Challenges, Yale Law School; Affiliated Fellow, Information Society Project, Yale Law
 School. I wish to personally thank Claudia Haupt, Andrea Matwyshyn, and Robert Spoo for
 their guidance and support, the members of the Berkeley Technology Law Journal for their
 meticulous and thorough work on this Article, the organizers and participants of the 2018
 Northeast Privacy Workshop and Ohio State University Center for Ethics and Human Values
 COMPAS Conference on Targeting with Big Data for their helpful feedback. I'm indebted to
 the College of Law at the University of Tulsa for its generous summer research stipend to
 support this project.

What Is HeinOnline?

HeinOnline is a subscription-based resource containing thousands of academic and legal journals from inception; complete coverage of government documents such as U.S. Statutes at Large, U.S. Code, Federal Register, Code of Federal Regulations, U.S. Reports, and much more. Documents are image-based, fully searchable PDFs with the authority of print combined with the accessibility of a user-friendly and powerful database. For more information, request a quote or trial for your organization below.

Short-term subscription options include 24 hours, 48 hours, or 1 week to HeinOnline.

Contact us for annual subscription options:

Already a HeinOnline Subscriber?

profiles profiles most