Associate Professor Mark Grabowski, JD, an award-winning contributor to the Washington Examiner, launched his book on cyberlaw and ethics this month. His leading insights on ransomware, fake news and online social media attacks are a must-read for tackling today’s biggest challenges in cyberspace.
Our internet-connected world has brought us Google, Twitter, Facebook and other social media platforms we love. At the same time, it has given us cybercriminals, cyberbreaches and cybergiants who control our access to information.
To help us make sense of complicated issues like these, Mark Grabowski, JD, Adelphi associate professor of communications and a lawyer, has written Cyber Law and Ethics: Regulation of the Connected World. Released this month by Routledge, and co-written by University of South Carolina journalism professor Eric P. Robinson, JD, PhD, it covers controversial topics like artificial intelligence, social media, doxing, online privacy and ransomware.
We asked Grabowski—who is a contributor to the Washington Examiner and other publications, as well as the author of the 2019 book Cryptocurrencies: A Primer on Digital Money (Routledge)—about where he stands on some of the most difficult cyber issues of the day. Here’s what he had to say.
Should social media be regulated by the government?
Mark Grabowski: It’s a tricky issue because these are private platforms. But you could make an argument that these are essentially public utilities. We have regulated phone companies and railroads in the interest of the common good in the past under this sort of common carrier principle. Perhaps we should be doing that with social media and the internet. There’s also an antitrust component to this. An argument people will make is, “Well, if you don’t like what Twitter and Facebook are doing, start your own platform.” That’s a disingenuous argument. Social media competitors like Parler have been blocked by Apple and Google, who wouldn’t make the app available to the public. These companies are too big to compete with and they control access to the social media world.
Is it wrong for social media companies to ban users?
MG: I think it’s dangerous to have companies regulating speech. The internet has become a modern-day public square where we have our discussions and debates. Facebook and Twitter’s banishment of Donald Trump is obviously the most notable action taken by social media companies. I understand that many people think Trump’s comments are dangerous and that they played a role in the January 6 insurrection. But these targeted decisions need to be left up to the government, to democratically elected leaders.
Is there any chance of protecting our privacy online, or has that ship sailed?
MG: Well, we would need a major overhaul of our privacy laws. The Electronic Communications Privacy Act, which covers electronic communications, hasn’t changed substantially since 1986. The only networking Mark Zuckerburg was doing then—he was like two years old—was on playdates. Cellphones were the size of bricks and the only drones that existed were bees. Law struggles to keep up with technology, but our privacy laws are so out-of-date that they don’t meet basic human rights norms. Did you know in about half of all states it’s not illegal for employers to demand their employees [give them their social] passwords? Congress had a chance to pass a federal law years ago that would have changed that. And they failed.
Why are our laws so outdated? Why is the government hesitant to step in and referee the cyberworld?
MG: First Amendment protections are part of it. We have robust laws that prevent the government from restricting free speech, so that limits the privacy protections we can enact. The European Union has much stronger online privacy protection laws than we do, but it would be difficult to replicate their laws in the United States because of our First Amendment protections. Also, our lawmakers and judges are not tech savvy. The Supreme Court, especially, has been reluctant to make broad proclamations about cases involving technology, if they even hear them. I think it’s because justices have lifetime appointments and are not up on the latest technology. And Congress has had the opportunity to take action, but they haven’t. For example, the issue of net neutrality keeps going back and forth, and that’s a pretty basic issue.
Ransomware is becoming a national security risk as cybercriminals target key parts of our country’s infrastructure. What can we do to stop it?
MG: That’s a tricky issue. One of the discussions that’s been brought up is, “We’ll just ban cryptocurrency.” The thinking is that if there’s no cryptocurrency, people will have to demand payments via credit card or PayPal. But the internet is a global, borderless thing, so even if we ban Bitcoin or cryptocurrency in the United States, it’s still going to exist in other countries.
Should the government regulate the IT systems that companies have in place to protect themselves from ransomware attacks?
MG: That is something that we could certainly look at. The government requires all kinds of other standards, like workplace safety. Cyber safety could be part of that. There’s the argument that more regulation would be more bureaucratic red tape, that we could leave this to the market or social norms to fix. Say, if you’re a consumer of a company that has a huge breach, then you could take your business elsewhere. But at that point, it’s too late, because everything right down to your social security number is in the wrong hands.
What’s the single biggest factor that makes managing cyber issues difficult?
MG: There are no boundaries to the internet. China and India have far more internet users than the United States does, so our laws have limits. It’s this borderless, international media that no one controls. What’s legal in one country is illegal in another. There’s no internet cop that can enforce rules in all nations. There are no universal internet laws, and there probably won’t ever be any, because there are something like 200 countries trying to manage the internet.