Robert Sloan co-authors law book on cybersecurity
Robert Sloan co-authors law book on Cybersecurity
Professor and Department Head Robert Sloan co-authored a book that arms future business lawyers with the fundamentals of computers, networks, cybersecurity law, and data.
The book, Basic Cybersecurity Law for the Business Environment, was authored by Sloan, Edward C. Carter, the former chief of the special prosecution’s bureau for the Illinois Attorney General’s Office, and Richard Warner, a law professor at Chicago-Kent College of Law. The trio used a caselaw-based approach to address three central themes in their book: liability for failure to prevent access to a computer or network, liability for accessing a computer or network, and rights protecting against the seizure of data by the government.
In addition to providing examples from specific cases, Sloan and his co-authors include notes on the relevant technological facts and issues, an in-depth examination of the Computer Fraud and Abuse Act, and a discussion of the Fourth and Fifth amendments, which are central to cases where the government seeks to obtain data without consent.
The authors were motivated by the need and demand for a case-centered understanding of basic cybersecurity law, and the technical knowledge of how computers, networks, and cybersecurity work. They hope to provide a foundation for attorneys involved in cybersecurity cases and who may ultimately want to become experts in laws governing this technology.
Sloan said cybersecurity issues are so prevalent that nearly every general business lawyer will likely face one throughout their career.
“It could be that a company is facing a lawsuit over a data breach, or a client has just received a warrant demanding access to their phones,” Sloan said. “Or perhaps they’re trying to stop a competitor from scraping their website. Sometimes it’s as unexpected as a client’s child being charged with hacking into a computer system. What makes our casebook distinctive is that it’s the first to take a traditional law school approach to this material—primarily using edited judicial opinions, supplemented by explanatory notes.”
The definition of what a computer or network is and what counts as accessing one has expanded and is central to cybersecurity law. In the Computer Fraud and Abuse Act, as well as in criminal statues in some states, items beyond your laptop, smartphone, or gaming consoles are included, such as smart appliances, televisions, and even apps. Protecting the security of users of these devices, the methods for doing so, and legal obligations to safeguard data are all necessary for future or current lawyers involved in technology cases, a quickly expanding field.
Sloan noted that his contribution to the book was atypical for a law school casebook, but well-suited to the subject matter.
“My co-authors—both legal experts—selected the cases and wrote the commentary and questions. My role was to write the technology notes that accompany many of the cases,” Soan said. “I focused on explaining the relevant tech in each case clearly and accessibly, keeping in mind that law students often come from non-technical backgrounds like political science, philosophy, or psychology.”
The book was published this year by Aspen Publishing.