chevron-down Created with Sketch Beta.

The Business Lawyer

Winter 2023/2024 | Volume 79, Issue 1

Survey of the Law of Cyberspace: An Introduction

Jon Meredith Garon


  • This Survey provides nine law review articles intended to offer a useful summary of the cutting-edge issues influencing the intersection of law and technology, selected for their relevance to The Business Lawyer.
  • The authors include new voices as well as frequent contributors to law reviews, bar journals, and ABA publications.
Survey of the Law of Cyberspace: An Introduction

Jump to:

The Survey of the Law of Cyberspace (Survey) has been published continuously for a quarter of a century. The Business Law Section started the publication in response to the explosive growth of the internet in the late 1990s. Today, as we move into the second quarter century, technology’s influence is greater than ever, but the nature of that impact has changed. The business and legal landscape is being shaped by artificial intelligence, increasingly conducted in the metaverse, and occasionally financed through cryptocurrencies. In contrast to the dominance of federal law in the 1990s, much of the legislative action is coming from state legislatures or extraterritorial application of foreign laws. Yet for all that has changed, much has remained the same. Privacy and data security continue to be at the forefront of firms’ legal requirements, compliance with regulatory requirements at the state, federal, and international level grow increasingly complex, and an attorney’s ethical duties to remain competent when utilizing and advising on technology must keep pace with the technological marketplace.

This Survey provides nine law review articles intended to offer a useful summary of the cutting-edge issues influencing the intersection of law and technology, selected for their relevance to The Business Lawyer. The authors include new voices as well as frequent contributors to law reviews, bar journals, and ABA publications.

The Survey begins with two articles on artificial intelligence. In the first, Roland Trope and Candace Jones address how business enterprises undergo the process of adopting new technologies, given that “most new technologies are also honeycombed with flaws, limitations, deficiencies, and vulnerabilities (“faults”).” The article includes essential practical advice for all lawyers who advise businesses by suggesting how enterprises can better understand how to adopt technologies with known faults, and how to implement “policies and procedures for using the digital tool or its output in ways that would avert or mitigate the faults and reduce the risks of personnel misusing the tool or of threat actors maliciously exploiting it.”

The second article on artificial intelligence focuses on generative AI. Here Michael Simon and Andrew Perry offer an introduction to the unique challenges of generative AI. The article highlights that the adoption of AI business integration has grown quickly but comes fraught with concerns over intellectual property infringement, promulgation of misinformation (or hallucinations), and workforce disruptions. The article addresses the various efforts to provide meaningful regulation on the adoption and integration of the new technology.

Richik Sarkar and Brian Schultz focus on another aspect of artificial intelligence, emphasizing the efforts of the Federal Trade Commission (FTC) and other agencies to address the adoption of these technologies on public threats that have been traditionally under the purview of its regulatory authority. As the authors explain, “[w]hile AI and data collection are FTC priorities, a particular focus has been (and continues to be) their possible discriminatory effect and the potential disclosure of sensitive personal information.” Completing the focus on artificial intelligence is my own article on the importance of adherence to the best ethical practices for attorneys dealing with legal competence and ethics when dealing with the use of artificial intelligence, as well as the use of all other technologies now ubiquitous to the practice of law.

The remaining articles provide a comprehensive overview of the year’s developments across the cyberspace fields of privacy, social media, fintech, and government contracting. Among this collection, Lakshmi Gopal leads off with a discussion of the eight new state privacy laws passed in 2023, as well as the growth of municipal privacy law. Meg Strickler provides insights to the evolution of privacy protection through her focus on the Video Privacy Protection Act, a law first enacted during the videotape rental boom ushered in by Blockbuster. As Strickler explains, more than one hundred complaints have been filed under the law to address “companies that employ web cookies that track and harvest user data for analytics and advertising … [using] tracking technologies, such as Meta Pixel and Google Analytics...”

The growth of litigation under the Video Privacy Protection Act stems at least in part from the continued limitations of liability provided by Section 230 of the Communications Decency Act (CDA). Chase Edwards and Brent Baker provide an update on litigation involving the CDA, noting that: “Given the wide-ranging application of Section 230’s immunity clause to companies that constitute a significant portion of the economy, business lawyers should monitor its current applications and its potential future.”

The continued legal activity involving privacy and advertising has been matched or exceeded by the activity in the fintech space. Steven Middlebrook, Sarah Jane Hughes, and Tom Kierner explain the “significant amount of legislative and regulatory developments devoted to electronic payments and financial services, but a near absence of clearly articulated policy goals or enforcement priorities.” They highlight the regulatory efforts involving “earned wage access” services, and also address the implications of fintech services use of artificial intelligence.

The concluding article, by Joy Momin, provides a helpful perspective on the expansive role that the federal government plays in its capacity of contracting partner within the realm of cyberspace and the influence the government can wield on the enterprises with which it does business. This update highlights the government’s expanded “control over the use and disclosure of technical information.” The update also provides a reminder regarding the prohibition of TikTok on devices used by government employees and contractors. It illustrates that there is no issue too large or too small to be outside the contractual provisions of the federal government.

The authors and editors of this survey are deeply indebted to the efforts of the team responsible for its editing and publication. This includes Garylene (Gage) Javier, who served as the 2023 Survey editor and her predecessor, Professor John A. Rothchild, who served as editor for the preceding eight years.

A special thanks goes to Professor Sarah Jane Hughes. A founding member of the Cyberspace Law Committee, Professor Hughes has been instrumental in the development of commercial law. Professor Hughes served as Reporter for the Uniform Regulation of Virtual Currency Business Act for the Uniform Law Commission (2017) as well as for the Uniform Law Commission's Uniform Supplemental Commercial Law Act for the Uniform Regulation of Virtual-Currency Businesses Act (2018). A prolific scholar and author, Professor Hughes served as a transitional editor of the Survey, assisting many of the authors with insights and feedback on their drafts. As she has done throughout her long history with the Business Law Section, Professor Hughes has also mentored new authors and committee members, helping expand the impact of the Cyberspace Law Committee and the broader Business Law Section. Professor Hughes has contributed to seventeen of these surveys over the past twenty-five years as author and contributed as editor and mentor in ways too numerous to count.