Blog

Can Vehicles be Criminal Voyeurs?

mdecrow@maine.edu Article, Blog , , ,

Can Vehicles be Criminal Voyeurs?

Rebecca Hatt

 

New vehicles come equipped with cameras and microphones that surveil the exterior, and often the interior, of the car in the name of safety and interactivity.[1] Some cameras only help with parking, however, many go much further than that.[2] For instance, Tesla’s exterior cameras surveil the outside of the car in Sentry mode, on the lookout for vandals or collisions, and the interior cabin cameras are known to record on impact and to monitor for attentiveness while using supervised features.[3] The theory is that these cameras help protect against damage, theft, and unsupervised use.[4] While these are laudable goals, the theoretical intention and the opt-in model of data sharing isn’t enough to escape state voyeurism laws in states like Maine.[5] In Maine, a person is guilty of violation of privacy if that person intentionally installs or uses in a “private place without the consent of the person or persons entitled to privacy in that place, any device for observing, photographing, recording, amplifying or broadcasting sounds or events in that place.”[6] When these vehicles, or those equipped with after-market dashcams, are parked in private garages, or used for private purposes in such a way that activity in them would normally be private, the recording conflicts with a person’s reasonable expectations of privacy, and with this criminal statute. An opt-in from the driver is not sufficient to allow the vehicle to breach the privacy of others under the law, and even if the driver sought to obtain consent from every passenger or passerby, some people are not able to give legal consent. Despite the impossibility, car makers like Tesla include disclaimers that “[i]t is your sole responsibility to consult and comply with all local regulations and property restrictions regarding the use of cameras.”[7] So when a child is changing at the back of the car using towels or a Car Cabana to provide privacy, who’s watching, how do we know, and who does the law protect?[8]

Continue reading

Challenges with Adopting Blockchain Technology in the Wine Industry

mdecrow@maine.edu Article, Blog ,

Challenges with Adopting Blockchain Technology in the Wine Industry

Amanda Violette

 

I. Introduction

A bottle of wine encapsulates a complex narrative shaped by geography, craftsmanship, logistics, and market dynamics, and, more recently, climate change.[1] Traditionally, much of this narrative has remained opaque, especially to American consumers.[2] While French wines have been highly regulated since the early 20th century with the intent of preventing fraudulent products from damaging the wine industry, American wines became regulated by the Alcohol and Tobacco Tax and Trade Bureau (TTB) later using American Viticultural Area regulation to provide warnings about the dangers of alcohol on the label.[3] However, now, with American wines, only information about the grape origin is required, leaving the consumer to question whether the wine lived up to its intended character and authenticity.[4]

Continue reading

No Harm, No Court: An International Approach to Data Privacy Harms and Article III Standing

mdecrow@maine.edu Article, Blog , ,

No Harm, No Court: An International Approach to Data Privacy Harms and Article III Standing

Emily Fowler

 

In the United States, cases brought regarding privacy violations are being dismissed early in the litigation process because U.S. law remains tied to historical analysis of injuries, whereas other legal systems around the world are taking a more forward-thinking approach to these issues. Trends in recent cases show that claims for privacy violations, such as the capture of individual interactions with websites through session-replay technology, are being dismissed for lack of standing.[1] Article III standing is a concept based in Constitutional Law. Under Article III, federal courts’ authority is limited so that they may only hear “Cases” and “Controversies”.[2] To bring a case or controversy before a federal court, plaintiffs must have standing (a “personal stake” in the case).[3] Three elements must be met to have standing: (1) there is “an ‘injury in fact’ that is both ‘concrete and particularized’ and ‘actual or imminent’”; (2) “the injury is ‘fairly traceable’ to the challenged conduct”; and (3) the injury likely “‘will be redressed by a favorable decision.’”[4]

Continue reading

When Design Becomes Harmful: Why Social Media Addiction Harms Trials Could Have Lasting Impacts on Privacy Harm Remediation

mdecrow@maine.edu Article, Blog , ,

When Design Becomes Harmful: Why Social Media Addiction Harms Trials Could Have Lasting Impacts on Privacy Harm Remediation

Alex Logan

 

I. Introduction

In late January 2026, a landmark trial kicked off in California via a proceeding led by an unnamed plaintiff, “K.G.M.”. The plaintiff alleges that social media companies/platforms such as TikTok, Snapchat, YouTube, and Meta have intentionally designed platforms so as to addict children and keep them hooked on said platforms through mindless scrolling, auto-play features, other engagement techniques, and suggested or tailored content specific to their individual behaviors.[1] This is just one of several similar lawsuits which are all making their way through the courts.[2] The plaintiffs allege that the addictive design of these platforms has led to long-term mental health issues, such as depression, anxiety, tendencies toward self-harm, and even suicidal thoughts and actions.[3] The social media companies are relying heavily on Section 230 protections and publisher immunity in their defense.[4] These cases collectively could be a major step toward remediating more conceptual harms that plaintiffs have long struggled to prove in similar cases due in large part to Section 230 of the Communications Decency Act.[5] Successful plaintiff outcomes in these cases could potentially help pave the way for corporate accountability when addressing similarly squishy or conceptual privacy harms through resulting reconceptualization and generation of harm.

Continue reading

AI, a Watchful Eye: The Less than Stellar Performance of AI Security and the Consequences Thereof

mdecrow@maine.edu Article, Blog , , ,

AI, a Watchful Eye: The Less than Stellar Performance of AI Security and the Consequences Thereof

James Hotham

 

The use and abuse of widespread camera surveillance is not a novel fear. For decades, media has explored this concept. However, a new threat has arisen in a new form. It has not taken the form of an oppressive government, a terrorist group, or a supreme artificial intelligence. Rather, it comes from private party security providers. Several security providers have begun to work AI into their  security cameras for the use of threat detection.[1] However, the success of these threat detection models is dubious. Just this year in late October, one of these systems placed in a Baltimore school, detected an individual carrying a firearm.[2] Police arrived and identified the suspect as sixteen-year-old Taki Allen.[3] However, after the police drew their weapons and handcuffed young Allen, they discovered the “firearm” was actually just an empty bag of Doritos.[4]

Despite the fact that AI technology of this level of sophistication is relatively new, it has sprouted into a multimillion-dollar industry in just a few years. But despite years of development, mishaps like these still occur. This article will explore how these systems work, why they malfunction, ways consumers can avoid these malfunctions, and potential liability for when they malfunction.

Continue reading

The Collapse of Capability Theory: Ambriz, Popa, and the Future of Article III Standing in AI Privacy Cases

mdecrow@maine.edu Article, Blog , , , , ,

The Collapse of Capability Theory: Ambriz, Popa, and the Future of Article III Standing in AI Privacy Cases

Caroline Aiello

 

Introduction

In February 2025, the Northern District of California denied Google’s motion to dismiss in a class action lawsuit that claimed Google’s artificial intelligence (“AI”) tools violated the California Invasion of Privacy Act (“CIPA”) by transcribing phone calls of users.[1] The court in this case, Ambriz v. Google, ruled that Google’s technical “capability” to use customer call data to train its AI models was enough to state a claim under California’s Invasion of Privacy Act, regardless of whether or not Google actually exploited that data.[2] Six months later, the Ninth Circuit took the opposite approach. The later ruling in Popa v. Microsoft held that routine website tracking did not constitute actual harm and the claims were dismissed for lack of Article III standing before reaching the merits.[3]

These two decisions present privacy law with incompatible standards. Ambriz asks what a technology could do with personal data and finds liability in that potential. Popa demands proof of what a technology actually did and requires concrete injury beyond the action itself. The collision between the two theories is inevitable. When a plaintiff sues an AI company under Ambriz’s capability theory, alleging that the defendant’s system has the technical ability to misuse data, and the defendant responds with a Popa-based standing challenge, the courts will face an impossible choice. The capability to cause harm is not the same as harm itself, and if capability cannot satisfy Article III’s concrete injury requirement, then Ambriz’s approach becomes constitutionally unenforceable in federal court. While Popa has not technically overruled Ambriz, the Ninth Circuit will inevitably need to choose which standard to adopt. 

Continue reading

Spoiled for Choice: AI Regulation Possibilities

mdecrow@maine.edu Blog , , ,

Spoiled for Choice: AI Regulation Possibilities

William O’Reilly

 

I. Introduction

Americans want innovation and they believe advancing AI benefits everyone.[1] One solution to encourage this is to roll back regulations.[2] Unfortunately, part and parcel with the innovations are several harms that are likely to result from the inappropriate use of personal and proprietary data and AI decision-making.[3]  There is an option to ignore this potential harm and halt regulations to encourage the spread of personal information.[4] This option is not in the best interest of the country because the U.S. is already losing the innovation race in some respects. Innovation can still occur despite heavy regulations. Virginia is the latest state to pursue the “no regulation” strategy, and it provides a good microcosm to highlight the challenges and advantages of this approach.[5] Virginia’s absence of regulation falls on a spectrum of legislation that demonstrates options for states to protect rights and innovation. As this article discusses further, curbing AI regulation on companies will not advance innovation enough to justify the civil rights violations perpetuated by current AI use.

Continue reading

Privacy and Free Speech in the Age of the Ever-Present Border

mdecrow@maine.edu Blog , , ,

Privacy and Free Speech in the Age of the Ever-Present Border

Viv Daniel

 

I. Introduction and Legal Background

On his first day in office, President Trump signed Executive Order 1461 (EO 1461), titled “Protecting the United States from Foreign Terrorists and Other National Security and Public Safety Threats.”[1] The Order, as the name might suggest, directs executive agencies to coordinate to enhance screening for foreign nationals coming to, or living within, the United States.[2] The Order instructs these agencies to ensure that non-citizens “are vetted and screened to the maximum degree possible.”[3]

To enforce the provisions of the Order, U.S. Citizenship and Immigration Services (USCIS) has put forward a proposed rule, with comments open until May 5th, to require non-citizens to disclose all of their social media usernames when filling out forms to access immigration benefits.[4] USCIS says it will then use this information to enhance identity verification, vet and screen for national security, and conduct generalized immigration inspections under its purview.[5]

This is not the first time something like this has happened. In 2019 under the previous Trump administration, Visa applicants were required to register all recent social media accounts with the government as part of the application,[6] a rule which was upheld when a District Judge for the District of Columbia dismissed a case challenging it.[7]

President Trump vests EO 1461 in his executive authority under the Immigration and Nationality Act (INA).[8] The Act, passed in 1952, was heavily amended in 1996 by the Illegal Immigration Reform and Immigrant Responsibility Act (IIRIRA) to retroactively make harsher the immigration consequences of certain conduct.[9] Although terrorism as-such was not implicated in the act, the update to the INA was partially motivated by a need to respond to the 1993 World Trade Center Bombings, and violent and conspiratorial conduct which could constitute terrorism was covered by the act.[10]

Although IIRIRA drastically expanded the number of deportable immigrants in the U.S. overnight, subjecting many non-citizens to removal proceedings over minor infractions committed decades ago,[11] the act did not go so far as to explicitly punish noncitizens for their free speech.[12] The executive authority now claimed under the Act to monitor social media, however, aligns with a troubling trend which may change this norm.

Continue reading

LAWS Need Laws: Distinction and Proportionality in the Age of Autonomy

mdecrow@maine.edu Blog , , , , , , ,

LAWS Need Laws: Distinction and Proportionality in the Age of Autonomy

Steve Hammerton

 

I. Introduction

There’s a lethal autonomous elephant in the room, and it’s only minimally regulated by DoD Directive 3000.09 (“DODD 3000.09”).[1] Under that directive, lethal autonomous weapon systems (LAWS) are said to be “weapon system[s] that, once activated, can select and engage targets without further intervention by an operator.”[2] In contrast to other nations who have called for an outright ban on such systems, the United States has resisted.[3] Instead, the Department of Defense (“DoD”) has required that LAWS, like all other weapons systems, “be designed to allow commanders and operators to exercise appropriate levels of human judgment over the use of force.”[4] A quick read of this policy would suggest that it requires a human-in-the-loop. However, a more exacting analysis of the language reveals that it only requires “human judgment over the use of force” which only seems to refer to broad themes of lethality like when and where it will be deployed, but not against whom. The directive also refers to an inchoate review process that does not spell out a clear framework for assessing the efficacy and safety of LAWS.[5] Without a clearer statement on the “appropriate levels of human judgment,” the lack of distinction in targeting conflicts with the two core jus in bello principles, distinction and proportionality.[6]

At the same time, LAWS may offer a comparative advantage over human trigger pullers. Canadian think-tank Centre for International Governance Innovation suggests that LAWS “may be able to assess a target’s legitimacy and make decisions faster and with more accuracy and objectivity than fallible human actors could.”[7] Simply put, LAWS could reduce unintended errors or deliberate unlawful killings. Indeed, technology-assisted precision weapons have already reduced collateral damage in armed conflicts.[8] Recent conflicts have been marked by an increased use of autonomous and AI-assisted weaponry, though it is too early to say whether the use of these weapons has identifiably reduced unintended civilian casualties.[9] With the increasing shift to LAWS and other AI-assisted weapons, it seems unrealistic to expect an outright ban. Consequently, the United States and its international partners should seek to preserve distinction and proportionality through a meaningful and complex review, such as a risk-benefit analysis, that recognizes the inherent dangers of using LAWS but appreciates the potential for harm reduction.

Continue reading

The Growing Dependency on AI in Academia

mdecrow@maine.edu Blog , , , , , ,

The Growing Dependency on AI in Academia

By: Raaid Bakridi CIPP/US

I. Introduction

In the 21st century, Artificial Intelligence (“AI”) has become an integral part of daily life. From virtual assistants like Siri and Alexa to machine learning algorithms powering recommendation systems,[1] AI is undeniably everywhere;[2] increasingly, it is becoming normalized in daily life.  As U.S. Vice President JD Vance puts it, AI presents an “extraordinary prospect of a new industrial revolution, one on par with the invention of the steam engine.”[3]

AI has also made significant strides in education and academia, offering tools that assist students with research, outlining, essay writing, and even solving complex mathematical and technical problems.[4] However, this convenience comes at a cost. An analysis of AI tutors highlights their potential to enhance education while also raising concerns about overreliance on technology.[5] Rather than using AI as a supplement, many students rely on it to complete their work for them while still receiving credit, which poses challenges to academic integrity and the role of AI in learning.[6] This growing dependence raises concerns about its impact on creativity, critical thinking, overall academic performance, and long-term career prospects. Students are becoming more dependent on AI for their schoolwork, and the potential dangers of this dependency raises significant concerns and implications for their future.[7] If students continue to let AI think for them, the future of our nation will face extreme challenges.

Continue reading