Articles by mjlst

A New Sheriff in the Wild West: How the Cryptocurrency Industry’s Failure to Neutralize Hacking Threats Has Rendered Federal Regulation a Necessity

Dan O’Dea, MJLST Staffer

In today’s financial world, few things are more captivating than the rapidly evolving cryptocurrency space. It has been a wild twelve months for the cryptocurrency industry, and specifically for Bitcoin owners. Bitcoin doubled its value in 2021 and peaked at just over $68,000/coin, only to erase nearly all of those gains when the crypto market crashed in January 2022. The crash was largely prompted by fears that the Federal Reserve would withdraw stimulus from the market by raising interest rates. In the process, the crypto market lost over $1 trillion in market value, and an asset class that many have called a “hedge opportunity” for investors against inflation crashed down with the stock market as a whole.

But extreme market volatility is not the only risk investing in cryptocurrency poses for its some 300 million investors. Hackers and thieves have been wreaking havoc on the Decentralized Finance (De-Fi) industry, with their latest exploit coming in the form of a $320 million theft of Ethereum from Wormhole, one of the most popular bridges linking the blockchains of the popular Ethereum and Solana coins. These blockchains are of great use, as they are capable of developing “smart contracts” to replace banks and lawyers in certain business transactions. Blockchain “bridges” like Wormhole are important facilitators for these contracts. Unfortunately, in the process, bridges like Wormhole have become a target for cyberattacks due to fundamental limits on their security as they house hundreds of millions of dollars of assets in escrow. This latest theft on Wormhole is not even the largest in the De-Fi crypto space’s history, where a $600 million theft from a platform called Poly Network takes the cake. Interestingly, the hacker’s goal in that theft was simply to open a dialogue with the platform about security issues on the blockchain, and ultimately all funds were returned. Attacks have not been limited to the platform level, as smaller-time thieves have turned to phishing scams and SIM Swap schemes (in which an individual misrepresents their identity to your cell phone provider in an effort to intercept dual-factor authentication messages and gain access to your crypto accounts) to steal from individual investors. Unfortunately, victims of the vast majority of cryptocurrency thefts are extremely unlikely to recoup their funds once they have been stolen, due to the anonymity afforded to wallet holders on the blockchain, who in some cases can reveal no identifiable details about themselves while transacting cryptocurrency.

It is important to note that when a cryptocurrency platform loses money, it is not the platform alone that incurs a loss. Rather, the clients whose accounts were pillaged by hackers bear the entire loss, or, if the platform collapses from the theft and liquidators are appointed, every user on the platform will bear the loss to some degree. So what recourse do the victims of cryptocurrency theft have? While Cryptocurrency platforms such as Coinbase attempt to educate users about the types of scams they may encounter, if a theft occurs, victims are usually on their own. While state prosecutor’s offices and federal enforcement agencies like the FBI will investigate and prosecute identifiable criminals, and individual plaintiffs can bring private civil actions against them, the largest challenge faced by victims of cryptocurrency theft is identifying the thieves in the first place. In an effort to identify perpetrators, both the FBI and private parties with deep pockets have begun to contract with private tech firms specializing in tracking down stolen crypto, such as CipherTrace. While working with a crypto-tracking firm gives an aggrieved individual the best chance of tracking down their thieves, it is still unlikely that the parties will ever be identified and funds ever recouped.

Security requirements are far from standardized across the crypto industry—true to its nickname, the “Decentralized Finance” (De-Fi) industry, operates essentially free from regulatory constraints in the United States. The Financial Industry Regulatory Authority (FINRA) has cautioned investors of the risks posed by cryptocurrency investments relating to hacking and volatility, but because the space is not subject to federal securities regulation requirements, investors often enter the world of cryptocurrency investing underinformed as to its true risks. The U.S. Securities and Exchange Commission (SEC) has begun to wade into the fray of regulating cryptocurrency platforms, most recently with the introduction of a proposal that some are calling a “trojan horse” regulatory tool to be wielded against the crypto industry. The proposal contains an expansive definition of the term “treasury platforms” that would likely allow the SEC to issue protocols for cryptocurrency and De-Fi platforms. The trojan horse notwithstanding, the SEC has been vocal about its plans to introduce formal regulatory guidelines and procedures for the cryptocurrency industry in the long term. Even the White House has waded into the crypto regulatory waters, with the Biden administration set to release an executive order designed to create a government-wide strategy to regulate the cryptocurrency industry that could release as soon as mid-February, 2022. The proposal comes on the heels of the FTC’s release of data showing cryptocurrency scams have skyrocketed, and as concern levels over crypto money laundering schemes rise.

While many have scoffed at the idea that the decentralized finance industry should be regulated, it is likely that the prospect of federal regulation actually represents a good thing for a cryptocurrency market that has been referred to as “The Wild West,” and that has drawn comparisons to the late 2000s subprime mortgage market. Federal regulation of the cryptocurrency industry will prompt new protocols for its platforms designed to enhance risk disclosures made to prospective crypto investors and strengthen the security measures protecting investments. Further, regulation is likely to prompt registration and reporting requirements that will make it easier to catch crypto thieves by providing greater information to law enforcement agencies. The crypto industry continues to prove it cannot protect itself from the threat of hacking, and investors are largely bearing the costs of these failures. Just as the SEC stepped in to protect investors from being burned by highly speculative and worthless securities in the 1930s, aiding its regulatory hand to the cryptocurrency industry in a non-burdensome manner should again provide investors with a new set of protections in 2022.


Legal Personhood and Cocaine Hippos: Animals as “Interested Persons” and Their Rights in Court

Douglas Harman, MJLST Staffer

On October 15, 2021, a federal magistrate judge ruled that a group of hippos in Colombia can be recognized as “interested persons” per federal statute for the purposes of deposing two Ohio Wildlife experts. These hippos are the descendants of hippos illegally imported to Colombia by drug kingpin Pablo Escobar. When Escobar was killed, the hippos were not relocated and were left to their own devices in Colombia. Since then, the hippos have multiplied and present significant environmental challenges. The issue in the US arose from litigation in Colombia concerning the fate of the hippos, which resulted in a request to depose the two Ohio experts. These hippos will be referred to as the “cocaine hippos” because that seems to be the term most commonly associated with them (and, quite frankly, it’s amusing).

This decision, though hailed by animal rights groups as groundbreaking, is likely more a technicality than a guiding precedent. Specifically, the ruling comes because Colombia treats animals as “sentient beings” with certain rights. Because the suit by the hippos is permitted in Colombia, US law treats the hippos as “interested persons” for the purposes of deposing US experts on ethical sterilization methods. Regardless of the breadth or technicality of the decision in question, it nonetheless represents a significant step to affix the title of “person” to a non-homosapien, and it has not happened in a US court before, despite repeated efforts by animal rights organizations. However, other countries do recognize various degrees of animal sentience.

The Legal Concept of Non-Human “Personhood”

The issue of whether animals should be considered “persons” has a variety of scientific, psychological, and philosophical elements. This blog post is not here to debate whether animals should be considered persons in terms of political theory or philosophy; plenty of ink has been spent in that pursuit elsewhere. This discussion focuses on how non-persons may receive limited rights to sue in court and perform certain legal functions as if they were persons, like the deposition of experts in the matter of the cocaine hippos.

 The implications of animal consciousness are relevant because growing understanding of animal cognition and consciousness has informed a discussion of whether animals, and other non-humans like trees or natural areas, should be allowed to have their own rights vindicated in court. That is to say, there are a number of ongoing legal discussions about obligations owed to non-humans that governments are obligated to respect, and how those rights are allowed to be vindicated in court. It is this narrower, legal version of non-human “personhood” that was granted to Colombia’s cocaine hippos in the present action.

History of Non-Human “Personhood” Debate in the US

Although the court ruling in the cocaine hippos matter is the first time a US court has attached “person” status to an animal, it is not the first time the issue has been discussed. Attempts to give animals legal status and treat them as “persons” in certain legal areas developed from the animal rights movement, which has a long history in the US and Great Britain. In the last several years, several courts have referred to animal legal rights in the context of personhood, albeit rather obliquely at times. One of the biggest ongoing debates concerns the rights of Happy the Elephant; animal rights activists are pursuing a writ of habeas corpus for Happy, arguing she deserves to be treated as a person in the eyes of the law.

Non-human personhood is not without precedent. Courts have allowed corporations to be considered “artificial persons” in limited circumstances in court since the 1600s. Jurisprudence has since developed in the United States towards increasing “personhood” of corporations, referring to a railroad as a person for the purposes of the 14th amendment in 1886. Today corporations have near-total personhood, including the right to make religious objections to laws and practice free speech.

There is also some precedent for inanimate objects holding “personhood” status under the law. Every law student (and a great many other Americans, it is to be imagined) have discussed or at least heard of the Tree that Owns Itself (while it almost certainly does not own itself as a technical matter, it certainly does in the public mind and in the official statements of the local government). Additionally, Justice William O. Douglas in his dissent in Sierra Club v. Morton argued that standing doctrine should be amended to allow organizations to sue on behalf of inanimate things, including land, rivers, trees, etc. This opinion essentially lays out an idea of legal personhood for inanimate objects, and would presumably also extend with relative ease to animals.

As a factual matter, the reality of non-human personhood, while remarkably developed for corporations in the United States, has relatively little real applications to animals today. This is one of the main reasons that the attachment of the “interested persons” label to the Colombian hippos felt significant to many in the animal rights movement.

Recognition of Non-Human “Personhood” in Other Countries

While animals have not commonly been granted legal rights in the United States, they do in many other countries. Spain recognized animals as “sentient beings” and have greater standing than inanimate objects. In doing so, it joined about 32 other countries that do the same, including France, the U.K., the Netherlands, Sweden, New Zealand, and Tanzania. South Korea is doing something similar in granting animals legal status.

South America is also moving on the front on non-human rights. In 2014, a court in Argentina recognized the basic rights of Sandra the Orangutan, and agreed that she was being detained illegally in the Buenos Aires Zoo. Additionally, Colombia, the state in which the cocaine hippos case originates, has vested portions of the Amazon Rainforest with legal rights, and, as mentioned, recognizes animal sentience and limited legal rights.

What This Means for Colombia’s Cocaine Hippos (and Other Animals)

In the immediate term, the magistrate judge’s recognition of the cocaine hippos as “interested persons” has allowed for the expert deposition sought by the Colombian lawyers advocating on the hippos’ behalf. Effort is now under way to chemically sterilize the hippos, rather than cull or surgically castrate them.

More broadly, there appears to be more references to the inherent rights of animals in American jurisprudence, rather than simply their function as property. The act of classifying the hippos as “interested persons” did not rock the legal boat (in fact, the magistrate judge remains quite well regarded by her colleagues). Those interested in animal rights will doubtless be heartened by increased use of personhood and rights language used with respect to animals. Hopefully, the treatment of Pablo Escobar’s rogue cocaine hippos in US court is indicative of progressive trend in the law’s treatment of animals.


The Mysterious Disappearance of Deference: What Is the Supreme Court’s Current Relationship to Federal Agencies?

Carly Michaud, MJLST Staffer

The Supreme Court has had no shortage of administrative law cases in the (possibly) final sessions of one of the Court’s administrative law scholars, Justice Stephen Breyer. Yet, Breyer has found himself and his ideological compatriots in the opposition on the topic in which he situates his expertise. In the recent case regarding OSHA’s ability to require COVID-19 vaccines, Breyer’s dissent repeated discusses the proper deference an agency’s determination should be given by the Supreme Court.

Notably absent from the case is any mention of the previous key to the relationship between the courts and federal agencies: Chevron deference. In fact, Chevron U.S.A., Inc. v. National Resources Defense Council, was, (as of a 2014 analysis in the Yale Journal on Regulation) the “Most Cited Supreme Court Administrative Law decision”. While previously considered a niche area, administrative law is now so ubiquitous in practice that as of July 2021, 55 law schools require students take a course in administrative law or one of its mainstays: legislation or statutory interpretation.

In spite of this, Chevron appears nowhere in the discussion of OSHA’s vaccine mandate, nor in the court’s earlier revocation of the CDC’s eviction moratorium. This absence suggests that perhaps this Court has become a body of health experts, relying on their own understanding of COVID-19 to determine whether these agency-created regulations are effective in their mission. Both cases center on whether an agency action to prevent the spread of COVID-19 is within the purview of their empowering statute, and, despite the broad statutory authorities of these agencies to protect the health of Americans, both actions were deemed beyond that authority.

But back to Chevron, has it been abandoned as a standard? Not yet, although there was some discussion of this proposition during the oral argument of American Hospital Association v. Becerra last November. The Court has not released an opinion yet on this case, however the Court of Appeals had previously upheld HHS’s ability to set reembursement rates, per its statutory authority.

In a final thrust of irony, the death knell for Chevron deference may come from a case challenging the very statute and the very agency whose decision-making was at issue in Chevron: the EPA and the Clean Air Act. This is particularly ironic as the EPA administrator whose decision-making was being challenged in Chevron was Anne Gorsuch, the mother of Supreme Court justice and noted antagonist of agency authority: Neil Gorsuch. Yes, in a tale mirroring Hamlet, Neil Gorsuch seems determined to destroy the administrative state that had entangled his mother in various administrative scandals. The latest edition of this showdown between the Gorsuchs and EPA is scheduled for Monday February 28, which will see the Supreme Court hearing arguments in West Virginia v. EPA and its consolidated cases.

This behavior by the Court belies a grave concern both about the continued disempowerment of federal agencies—which have been empowered directly by Congress—at the hands of the unelected judiciary. Further, the most cynical of us may see this as a direct assault on the authority of agencies that some justices may politically disagree with, further disregarding the knowledge of learned experts to push their own political agendas.


The Uniform Domain Name Dispute Resolution Policy (“UDRP”): Not a Trademark Court but a Narrow Administrative Procedure Against Abusive Registrations

Thao Nguyen, MJLST Staffer

Anyone can register a domain name through one of the thousands of registrars on a first-come, first-serve basis at a low cost. The ease of entry has created so-called “cybersquatters,” who register for domain names that reflect trademarks before the true trademark owners are able to do so. Cybersquatters often aim to profit from cybersquatting activities, either by selling the domain names back to the trademark holders for a higher price, by generating confusion in order to take advantage of the trademark’s goodwill, or by diluting the trademark and disrupting the business of a competitor. A single cybersquatter can cybersquat on several thousand domain names that incorporate well-known trademarks.

Paragraph 4(a) of the UDRP provides that the complainant must successfully establish all three of the following of elements: (i) that the disputed domain name is identical or confusingly similar to a trademark or service mark in which the complainant has rights; (ii) that the registrant has no rights or legitimate interests in respect of the domain name; and (iii) that the registrant registered and is using the domain name in bad faith. Remedies for a successful complainant include cancellation or transfer to the complainant of the disputed domain name.

Although prized for being focused, expedient, and inexpensive, the UDRP is not without criticism, the bulk of which focuses on the issue of fairness. The frequent charge is that the UDRP is inherently biased in favor of trademark owners and against domain name holders, not all of whom are “cybersquatters.” This bias is indicated by statistics: 75% to 90% of URDP decisions each year are decided against the domain name owner.

Nonetheless, the asymmetry of outcomes, rather than being a sign of an unfair arbitration process, may simply reflect the reality that most UDRP complaints are brought when there is a clear case of abuse, and most respondents in the proceeding are true cybersquatters who knowingly and willfully violated the UDRP. Therefore, what may appear to be the UDRP’s shortcomings are in facts signs that the UDRP is fulfilling its primary purpose. Furthermore, to appreciate the UDRP proceeding and understand the asymmetry that might normally raise red flags in an adjudication, one must understand that the UDRP is not meant to resolve trademark dispute. A representative case where this purpose is addressed is Cameron & Company, Inc. v. Patrick Dudley, FA1811001818217 (FORUM Dec. 26, 2018), where the Panel wrote, “cases involving disputes regarding trademark rights and usage, trademark infringement, unfair competition, deceptive trade practices and related U.S. law issues are beyond the scope of the Panel’s limited jurisdiction under the Policy.” In other words, the UDRP’s scope is limited to detecting and reversing the damages of cybersquatting, and the administrative dispute-resolution procedure is streamlined for this purpose.[1]

That the UDRP is not a trademark court is evident in the UDRP’s refusal to handle cases where multiple legitimate complainants assert right to a single domain name registered by a cybersquatter. UDRP Rule 3(a) states: “Any person or entity may initiate an administrative proceeding by submitting a complaint.” The Forum’s Supplemental Rule 1(e) defines “The Party Initiating a Complaint Concerning a Domain Name Registration” as a “single person or entity claiming to have rights in the domain name, or multiple persons or entities who have a sufficient nexus who can each claim to have rights to all domain names listed in the Complaint.” UDRP cases with two or more complainants in a proceeding are possible only when the complainants are affiliated with each other as to share a single license to a trademark,[2] for example, when the complainant is assigned rights to a trademark registered by another entity,[3] or when the complainant has a subsidiary relationship with the trademark registrant.[4]

Since the UDRP does not resolve a good faith trademark dispute but intervenes only when there is clear abuse, the respondent’s bad faith is central: a domain name may be confusingly similar or even identical to a trademark, and yet a complainant cannot prevail if the respondent has rights and legitimate interests in the domain name and/or did not register and use the domain name in bad faith.[5] For this reason, the UDRP sets a high standard for the complainant to establish respondent’s bad faith. For example, UDRP provides a defense if the domain name registrant has made demonstrable preparations to use the domain name in a bona fide offering of goods or services. On the other hand, the Anticybersquatting Consumer Protection Act (“ACPA”) only provides a defense if there is prior good faith use of the domain name, not simply preparation to use. Another distinction between the UDRP and the ACPA is that the UDRP requires that complainant prove bad faith in both registration and use of the disputed domain to prevail, whereas the ACPA only requires complainant to prove bad faith in either registration or use.

Such a high standard for bad faith indicates that the UDRP is not equipped resolve issues where both parties dispute their respective rights in the trademark. In fact, when abuse is non-existent or not obvious, the UDRP Panel would refuse to transfer the disputed domain name from the respondent to the complainant.[6] Instead, the parties would need to resolve these claims in regular courts under either the ACPA or the Latham act. Limiting itself to addressing cybersquatting allows the UDRP to become extremely efficient in dealing with cybersquatting practices, a widespread and highly damaging abuse of the Internet age. This efficiency and ease of the UDRP process is appreciated by trademark-owning businesses and individuals, who prefer that disputes are handled promptly and economically. From the time of the UDRP’s creation until now, ICANN has not shown intention for reforming the Policy despite existing criticisms,[7] and for good reasons.

 

[Notes]

[1] Gerald M. Levine, Domain Name Arbitration: Trademarks, Domain Names, and Cybersquatting at 102 (2019).

[2] Tasty Baking, Co. & Tastykake Invs., Inc. v. Quality Hosting, FA 208854 (FORUM Dec. 28, 2003) (treating the two complainants as a single entity where both parties held rights in trademarks contained within the disputed domain names.)

[3] Golden Door Properties, LLC v. Golden Beauty / goldendoorsalon, FA 1668748 (FORUM May 7, 2016) (finding rights in the GOLDEN DOOR mark where Complainant provided evidence of assignment of the mark, naming Complainant as assignee); Remithome Corp v. Pupalla, FA 1124302 (FORUM Feb. 21, 2008) (finding the complainant held the trademark rights to the federally registered mark REMITHOME, by virtue of an assignment); Stevenson v. Crossley, FA 1028240 (FORUM Aug. 22, 2007) (“Per the annexed U.S.P.T.O. certificates of registration, assignments and license agreement executed on May 30, 1997, Complainants have shown that they have rights in the MOLD-IN GRAPHIC/MOLD-IN GRAPHICS trademarks, whether as trademark holder, or as a licensee. The Panel concludes that Complainants have established rights to the MOLD-IN GRAPHIC SYSTEMS mark pursuant to Policy ¶ 4(a)(i).”)

[4] Provide Commerce, Inc v Amador Holdings Corp / Alex Arrocha, FA 1529347 (FORUM Jan. 3, 2014) (finding that the complainant shared rights in a mark through its subsidiary relationship with the trademark holder); Toyota Motor Sales, U.S.A., Inc. v. Indian Springs Motor, FA 157289 (FORUM June 23, 2003) (“Complainant has established that it has rights in the TOYOTA and LEXUS marks through TMC’s registration with the USPTO and Complainant’s subsidiary relationship with TMC.”)

[5] Levine, supra note 1, at 99; see e.g., Dr. Alan Y. Chow, d/b/a Optobionics v. janez bobnik, FA2110001967817 (FORUM Nov. 23, 2021) (refusing to transfer the <optobionics.com> domain name despite its being identical to Complainant’s OPTOBIONICS mark and formerly owned by Complainant, since “[t]he Panel finds no evidence in the Complainant’s submissions . . . [that] the Respondent a) does not have a legitimate interest in the domain name and b) registered and used the domain name in bad faith.”).

[6] Swisher International, Inc. v. Hempire State Smoke Shop, FA2106001952939 (FORUM July 27, 2021).

[7] Id. at 359.


Holy Crap: The First Amendment, Septic Systems, and the Strict Scrutiny Standard in Land Use Law

Sarah Bauer, MJLST Staffer

In the Summer of 2021, the U.S. Supreme Court released a bevy of decisions favoring religious freedom. Among these was Mast v. City of Fillmore, a case about, well, septic systems and the First Amendment. But Mast is about so much more than that: it showcases the Court’s commitment to free exercise in a variety of contexts and Justice Gorsuch as a champion of Western sensibilities. It also demonstrates that moving forward, the government is going to need work harder to support that its compelling interest in land use regulation trumps an individual’s free exercise rights.

The Facts of Mast

To understand how septic systems and the First Amendment can even exist in the same sentence, it’s important to know the facts of Mast. In the state of Minnesota, the Pollution Control Agency (MPCA) is responsible for maintaining water quality. It promulgates regulations accordingly, then local governments adopt those regulations into ordinances. Among those are prescriptive regulations about wastewater treatment. At issue is one such ordinance adopted by Fillmore County, Minnesota, that requires most homes to have a modern septic system for the disposal of gray water.

The plaintiffs in the case are Swartzentruber Amish. They sought a religious exemption from the ordinance, saying that their religion forbade the use of that technology. The MPCA instead demanded the installation of the modern system under threat of criminal penalty, civil fines, and eviction from their farms. When the MPCA rejected a low-tech alternative offered by the plaintiffs, a mulch basin system not uncommon in other states, the Amish sought relief on grounds that the ordinance violated the Religious Land Use and Institutionalized Persons Act (RLUIPA). After losing the battle in state courts, the Mast plaintiffs took it to the Supreme Court, where the case was decided in their favor last summer.

The First Amendment and Strict Scrutiny

Mast’s issue is a land use remix of Fulton v. City of Philadelphia, another free exercise case from the same docket. Fulton, the more controversial and well-known of the two, involved the City of Philadelphia’s decision to discontinue contracts with Catholic Social Services (CSS) for placement of children in foster homes. The City said that CSS’s refusal to place children with same-sex couples violated a non-discrimination provision in both the contract and the non-discrimination requirements of the citywide Fair Practices Ordinance. The Supreme Court didn’t buy it, holding instead that the City’s policy impermissibly burdened CSS’s free exercise of religion.

The Fulton decision was important for refining the legal analysis and standards when a law burdens free exercise of religion. First, if a law incidentally burdens religion but is both 1) neutral and 2) generally applicable, then courts will not ordinarily apply a strict scrutiny standard on review. If one of those elements is not met, courts will apply strict scrutiny, and the government will need to show that the law 1) advances a compelling interest and 2) is narrowly tailored to achieve those interests. The trick to strict scrutiny is this: the government’s compelling interest in denying an exception needs to apply specifically to those requesting the religious exception. A law examined under strict scrutiny will not survive if the State only asserts that it has a compelling interest in enforcing its laws generally.

Strict Scrutiny, RLUIPA, and Mast

The Mast Plaintiffs sought relief under RLUIPA. RLUIPA isn’t just a contender for Congress’s “Most Difficult to Pronounce Acronym” Award. It’s a choice legal weapon for those claiming that a land use regulation restricts free exercise of religion. The strict scrutiny standard is built into RLUIPA, meaning that courts skip straight to the question of whether 1) the government had a compelling government interest, and 2) whether the rule was the least restrictive means of furthering that compelling government interest. And now, post-Fulton, that first inquiry involves looking at whether the government had a compelling interest in denying an exception specifically as it applies to plaintiffs.

So that is how we end up with septic systems and the First Amendment in the same case. The Amish sued under RLUIPA, the Court applied strict scrutiny, and the government failed to show that it had a compelling interest in denying the Amish an exception to the rule that they needed to install a septic system for their gray water. Particularly convincing at least from Coloradan Justice Gorsuch’s perspective, were the facts that 1) Minnesota law allowed exemptions to campers and outdoorsman, 2) other jurisdictions allowed for gray water disposal in the same alternative manner suggested by the plaintiffs, and 3) the government couldn’t show that the alternative method wouldn’t effectively filter the water.

So what does this ultimately mean for land use regulation? It means that in the niche area of RLUIPA litigation, religious groups have a stronger strict scrutiny standard to lean on, forcing governments to present more evidence justifying a refusal to extend religious exemptions. And government can’t bypass the standard by making regulations more “generally applicable,” for example by removing exemptions for campers. Strict scrutiny still applies under RLUIPA, and governments are stuck with it, resulting in a possible windfall of exceptions for the religious.


How the Biden Administration Has Made Offshore Wind a Priority

Max Meyer, MJLST Staffer

Since coming into office in January of 2021, the Biden Administration has made fighting climate change and reducing domestic greenhouse gas (GHG) emissions a priority. In particular, the Biden Administration set a goal of doubling the nation’s offshore wind capacity in Executive Order 14008. Reaching this goal would result in 30 Gigawatts (GW) of offshore wind capacity. Developing offshore wind energy will help states reach their clean and renewable energy goals as many sates on the coast do not have large wind energy resources on land. Since the issuance of Executive Order 14008, the Department of the Interior (DOI) has taken several steps towards reaching that goal.

Statutory Authority

Under the Outer Continental Shelf Lands Act (OCSLA) (codified at 43 U.S.C. ch. 29), passed in 1953, the Secretary of the Interior is charged with the administration of mineral exploration and development of the Outer Continental Shelf (OCS). The OCS is defined as “all submerged lands lying seaward of state coastal waters (3 miles offshore) which are under U.S. jurisdiction.”

In the Energy Policy Act of 2005 (EPAct), Congress created the OCS Renewable Energy Program to be administered by the DOI. Under this authority, the DOI in 2009 promulgated regulations for leases, easements, and rights-of-way for renewable energy development in the OCS. The Bureau of Ocean Energy Management (BOEM), under the DOI, is the agency tasked with overseeing the renewable energy development program.

Regulatory Authority

The BOEM renewable energy development program is broken into four steps: (1) planning, (2) leasing, (3), site assessment, and (4) construction and operations. During the first step, BOEM identifies Wind Energy Areas (WEAs) which are “locations that appear most suitable for wind energy development.” After WEAs have been identified, BOEM issues a public notice to gauge the interest in leasing land in the WEA. Depending on the interest received from BOEM, leasing is done through either a competitive or noncompetitive leasing process.

After leasing is completed, the lessee must submit a Site Assessment Plan (SAP) to BOEM. The purpose of the SAP is for the lessee to provide documentation so that BOEM can evaluate whether the project will comply with applicable regulations. The agency can either approve, approve with modification, or disapprove the SAP. Finally, the lessee must produce a Construction and Operations Plan (COP). As the name suggests, this submission includes a “detailed plan for the construction and operation of a wind energy project on the lease.” BOEM reviews the COP, including environmental review, and can either approve, approve with modification, or disapprove the COP.

Recent Offshore Wind Developments

In May 2021, the DOI approved the COP for the Vineyard Wind project located near Martha’s Vineyard and Nantucket. This is the first large-scale, offshore wind project in the United States. The project will have 800 Megawatt (MW) of energy capacity which is enough to power 400,000 homes and businesses. Construction of the project began in November 2021. One of the first steps in the construction process will be placing two transmission cables to transmit electricity from the Vineyard Wind project to the mainland.

Also in November 2021, the DOI approved the COP for the South Fork Wind making it the second large-scale, offshore wind project in the United States. This project off the coasts of New York and Rhode Island will have a capacity of 130 MW which is enough to power approximately 70,000 homes.

In addition to granting final approval of several projects, BOEM has also taken action in the earlier steps of the OCS renewable energy process. For the Carolina Long Bay WEA, located off the coast of the Carolinas, the BOEM began taking public comments on a proposed lease. In October, BOEM received the COP for the Mayflower Wind project. This project would also be located near Martha’s Vineyard and Nantucket and would have an energy capacity of more than 2 GW. If approved, the Mayflower Wind project would be one of the largest offshore wind projects in the United States. BOEM also published a Call for Information and Nominations to gauge commercial interest in wind energy development in the Gulf of Mexico.

BOEM has also taken steps to advance offshore wind in the Pacific Ocean in 2021. In July, BOEM published a Call for Information and Nominations to determine commercial interest in the Morro Bay Call Area East and West Extensions, a portion of the Morro Bay WEA. This WEA is located off the coast of Central California. Finally, BOEM designated the Humboldt WEA off the northern coast of California moving closer to the leasing process in this area.

Despite heavy support from the Biden Administration, offshore wind does face opposition. The commercial fishing industry has emerged as a strong opponent of these projects. The industry is concerned that the turbines will impact fish and hinder access to fishing grounds. The Biden Administration could face legal challenges to offshore wind development, particularly under the National Environmental Policy Act (NEPA), from the fishing industry. One such challenge in Fisheries Survival Fund v. Haaland, 858 F. App’x 371 (D.C. Cir. 2021) has proven unsuccessful for the fishing industry.

While the DOI and BOEM have taken many actions to further develop offshore wind in the United States, much more will have to be done to reach the Biden Administration’s goal of 30 MW of offshore wind capacity by 2030. Nonetheless, offshore wind is an important resource for coastal states looking to decarbonize their energy generation and for reaching the Biden Administration’s decarbonization goals.


Reconsidering Roe: Has the Line of Fetal Viability Moved?

Claire Colby, MJLST Staffer

After the Supreme Court heard arguments in Dobbs v. Jackson Women’s Health on December 1, legal commentatorsbegan to speculate the case could be a vehicle for overturning Roe v. Wade. The Mississippi statute at issue in Dobbs bans nearly all abortions after 15 weeks. In questioning Mississippi Solicitor General Scott Stewart, Justice Sonia Sotomayor asked about the “advancements in medicine” that have changed the lines of viability since the Court last considered a major challenge to Roe with Planned Parenthood v. Casey in 1992. “What has changed in science to show that the viability line is not a real line…?” she asked.

Roe v. Wade was a 1973 landmark decision in which the Supreme Court adopted a trimester framework for abortion. During the first trimester, the Court held that “the abortion decision and its effectuation must be left to the medical judgement of the pregnant woman’s attending physician.” The court held that states could adopt regulations “reasonably related to maternal health” for abortions after the first trimester, and held that in the third trimester, upon viability, states may “regulate, and even proscribe, abortion except where necessary, in appropriate medical judgement for the preservation of the life or health of the mother.” In 1992, the Court rejected this “rigid trimester” framework in Planned Parenthood v. Casey. In Casey, the Court turned to a viability framework and found that pre-viability, states may not prohibit abortion or impose “a substantial obstacle to the woman’s effective right to elect the procedure.” The Court adopted an “undue burden” standard to determine whether state regulations of pre-viability abortion are unconstitutional.

In Casey, the court defined viability as “the time at which there is a realistic possibility of maintaining and nourishing a life outside the womb.” So when do medical professionals consider a fetus viable? The threshold has moved to earlier in the gestation period since the 1970s, but experts disagree on where to draw the line. According to a journal articlepublished in 2018 in Women’s Health Issues, in 1971, fetal age of approximately 28 weeks was “widely used as the criterion of viability.” The article said that until recently, 24 weeks of gestation was the “widely accepted cutoff for viability in the highest acuity neonatal intensive care units.” According to the article, babies born as early as 22 weeks of gestation had an “overall survival rate of 23%” with “the most aggressive medical management available.” The article rebuked the idea of tying abortion restrictions to viability at all: “Tying abortion provisions to the word viability today is as misguided as it was to tie it to a specific trimester in 1973,” the article stated. “There was no true definition of viability then, and as long as medicine strives to treat every patient uniquely, there will never be one.”

A 2017 practice alert published in the official journal of the American College of Obstetricians and Gynecologists defined “periviable” births —births occurring “near the limit of viability” —as births occurring between 20 and 26 weeks gestation.

According to a 2020 New York Times article, determinations on the gestational age at which a baby is likely to survive outside of the womb are “in a complex moment of transition.” Though technology has improved, “even top academic institutions disagree about the right approach to treating 22- and 23-week babies.” The article reported that the University of California, San Francisco “a top-tier, high resource hospital,” is “transparent about its policy of offering only comfort care for babies that are born up to the first day of the 23rd week, down to the hour.”

In June 2020, a baby born at the Children’s Hospital and Clinics of Minnesota set the world record for the world’s most premature baby to survive, the Washington Post reported. He was born at 21 weeks and two days gestation.

Several medical developments help to explain this earlier period of viability.

According to a 2020 Nature article, “the biggest difference to survival came in the early 1990s with surfactant treatment.” Surfactant is a “slippery substance” that prevents airways from collapsing upon exhalation. According to Kaiser, premature babies with underdeveloped lungs often lack the substance. “When premature lungs are treated with surfactant after birth, the infant’s blood oxygen levels usually improve within minutes.”

A 2018 study published by the Journal of the American Medical Association, administering prenatal steroids to mothers between 22 and 25 weeks gestation prior to delivery led to a “significantly higher” survival rate, but “survival without major morbidities remains low at 22 and 23 weeks.”

The Dobbs ruling is not expected until this summer, when the Court tends to release its major decisions. Even if the Court maintains the viability standard set forth in Casey, recent medical advances may warrant more consideration about where to draw this line.


Build Back Better Act: A Request for Transparency of a Clearly Visible Issue

Sara Pistilli, MJLST Staffer

On November 19, 2021, the House of Representatives voted to pass the “Build Back Better Act” which includes several provisions aimed at ever-rising healthcare prices. In trying to combat this concern, Congress included mandatory reporting provisions for pharmacy benefit managers (PBM) who bill Medicare and Medicaid insurance programs. PBMs will be required to provide reports every six months that include data on copays, dispensed drugs, rebates, and total out of pocket spending for patients. Speaker Nancy Pelosi states these provisions are aimed at “providing transparency regarding drug costs in private health plans” but is transparency helpful or even necessary when the effects PBMs have on healthcare costs are well known?

What is a PBM?

PBMs are third-party administrators that manage prescription drug benefits on behalf of both private and public healthcare payers. They have significant power to manipulate the healthcare market by acting as middlemen between payers (insurance companies), drug manufacturers, and dispensers (pharmacies). Originally, PBMs were meant to lower healthcare costs by streamlining transactions and attempting to create fair payment systems for dispensing pharmacies.Instead, PBMs have secretly contributed to increasing healthcare costs by inflating drug costs while concurrently decreasing pharmacy reimbursement rates leading to huge windfall profits for PBMs at the patients’ expense.

How do PBMs make millions in profits each year?

While some patients pay cash for medications, most are covered by Medicare, Medicaid, or private insurers. PBMs are paid by these insurers to determine how much a healthcare plan pays for a medication and in turn, how much the pharmacy gets reimbursed for the dispensed medication. For example, Bob receives a new prescription from his doctor for drug A. The pharmacy buys a bottle of drug A for $7. When Bob comes to pick up his prescription for drug A, his health insurer’s PBM pays $8 to reimburse the pharmacy, allowing them to gain a profit of $1. Concurrently, the PBM bills the health insurer $18 for the price of drug A, allowing them to make $10 in profit on Bob’s prescription. This practice, called spread pricing, results in PBMs making millions of dollars in profits each year.

BBBPicture1

Picture: “The Secret Drug Pricing System Middlemen Use to Rake in Millions

How does PBM spread pricing increase healthcare costs for patients?

PBM spread pricing affects healthcare costs in two distinct ways: increased insurance premiums and decreased access to care. As PBMs continue to inflate the cost of prescription drugs, insurers are billed more and more by their PBMs. These expenses directly fall on the shoulders of the government and the healthcare companies, who represent the public and private payer sector. In turn, to keep up with increased billing, public and private payers turn to their beneficiaries to help them pay the PBMs via increased healthcare plan premiums, decreased coverage, and larger copays. Concurrently, as the PBMs reimburse pharmacies less and less for medication dispensing, pharmacies, especially independent ones, try to operate on thinner profit margins. Over time, the low reimbursement rates culminate in decreased clinical services or, in the worst case, pharmacies closing permanently.

What does the Build Back Better Act do to help?

Egregious billing practices by PBMs have been in the spotlight for several years now. In 2018, Ohio’s Department of Medicaid released a report showing that PBMs charged the state of Ohio $224 million in hidden spread pricing. The audit results led to Ohio terminating all PBM contracts with the Department of Medicaid and converting to a single-PBM system where spread pricing could be monitored better. Another report, this time in Utah, showed that PBM’s received $1.5 million from spread pricing in 2018. Similarly in 2019, a Kentucky report found that PBMs retained $123 million in spread pricing in that state. Several states have enacted laws targeting PBM spread pricing as the federal government continues to skirt around the issue. For example, Louisiana prohibits all PBMs from using spread pricing unless a PBM provides written notice of the practice to the health insurer and the policy holder. Louisiana also enacted a law stating that PBMs could not reimburse pharmacies at a lower rate than they do their affiliated pharmacies. This directly targets suspicions that CVS Caremark reimburses CVS pharmacies more to eliminate competition and steer patients towards filling their medications at CVS pharmacies. Like Louisiana, Maine enacted a law stating that PBMs could not participate in spread pricing without proper notice to the state. On October 1st, 2021, North Carolina’s Senate Bill 257 will take effect. This bill requires PBMs to apply for business licenses with the Commissioner of the Department of Insurance, subjecting them to more spread pricing regulations and threats of restitution to pharmacies they reimburse unfairly. While the states’ efforts are not perfect solutions, they are necessary efforts to regulate PBMs more. The federal government’s efforts to increase transparency is unnecessary due to the public recognition of PBM spread pricing. Every state audit that shows gross spread pricing is transparent enough to alert the federal government that PBMs pose a widespread problem to our healthcare system without greater restrictions. PBMs need to be controlled directly through regulations targeted towards preventing and prohibiting spread pricing, rather than asked to report every six months just how much they profit off their deceptive billing practices.


TikTok Settles in Class Action Data Privacy Lawsuit – Will Pay $92 Million Settlement

Sarah Nelson, MJLST Staffer

On November 15, 2021, TikTok users received the following notification within the app: “Class Action Settlement Notice: U.S. residents who used Tik Tok before 01 OCT 2021 may be eligible for a class settlement payment – visit https://www.TikTokDataPrivacySettlement.com for details.” The notification was immediately met with skepticism, with users taking to Twitter and TikTok itself to joke about how the notification was likely a scam. However, for those familiar with TikTok’s litigation track record on data privacy, this settlement does not come as a surprise. Specifically, in 2019, TikTok – then known as Musical.ly – settled with the Federal Trade Commission over alleged violations of the Children’s Online Privacy Protection Act for $5.7 million. This new settlement is notable for the size of the payout and for what it tells us about the current state of data privacy and biometric data law in the United States.

Allegations in the Class Action

21 federal lawsuits against TikTok were consolidated into one class action to be overseen by the United States District Court for the Northern District of Illinois. All of the named plaintiffs in the class action are from either Illinois or California and many are minors. The class action comprises two classes – one class covers TikTok users nationwide and the other only includes Tik Tok users who are residents of Illinois.

In the suit, plaintiffs allege TikTok improperly used their personal data. This improper use includes accusations that TikTok, without consent, shared consumer data with third parties. These third parties allegedly include companies based in China, as well as well-known companies in the United States like Google and Facebook. The class action also accuses TikTok of unlawfully using facial recognition technology and of harvesting data from draft videos – videos that users made but never officially posted. Finally, plaintiffs allege TikTok actively took steps to conceal these practices.

What State and Federal Laws Were Allegedly Violated?

On the federal law level, plaintiffs allege TikTok violated the Computer Fraud and Abuse Act (CFAA) and the Video Privacy Protection Act (VPPA). As the name suggests, the CFAA was enacted to combat computer fraud and prohibits accessing “protected computers” in the absence of authorization or beyond the scope of authorization. Here, the plaintiff-users allege TikTok went beyond the scope of authorization by secretly transmitting personal data, “including User/Device Identifiers, biometric identifiers and information, and Private Videos and Private Video Images never intended for public consumption.” As for the VPPA, the count alleges the Act was violated when TikTok gave “personally identifiable information” to Facebook and Google. TikTok allegedly provided Facebook and Google with information about what videos a TikTok user had watched and liked, and what TikTok content creators a user had followed.

On the state level, the entire class alleged violations of the California Comprehensive Data Access and Fraud Act and a Violation of the Right to Privacy under the California Constitution. Interestingly, the plaintiffs within the Illinois subclasswere able to allege violations under the Biometric Information Privacy Act (BIPA). Under the BIPA, before collecting user biometric information, companies must inform the consumer in writing that the information is being collected and why. The company must also say how long the information will be stored and get the consumer to sign off on the collection. The complaint alleges TikTok did not provide the required notice or receive the required written consent.

Additionally, plaintiffs allege intrusion upon seclusion, unjust enrichment, and violation of both a California unfair competition law and a California false advertising law.

In settling the class action, TikTok denies any wrongdoing and maintains that this settlement is only to avoid the cost of further litigation. TikTok gave the following statement to the outlet Insider: “While we disagree with the assertions, we are pleased to have reached a settlement agreement that allows us to move forward and continue building a safe and joyful experience for the TikTok community.”

Terms of the Settlement

To be eligible for a settlement payment, a TikTok user must be a United States resident and must have used the app prior to October of 2021. If an individual meets these criteria, they must submit a claim before March 1, 2022. 89 million usersare estimated to be eligible to receive payment. However, members of the Illinois subclass are eligible to receive six shares of the settlement, as compared to the one share the nationwide class is eligible for. This difference is due to the added protection the Illinois subclass has from BIPA.

In addition to the payout, the settlement will require TikTok to revise its practices. Under the agreed upon settlement reforms, TikTok will no longer mine data from draft videos, collect user biometric data unless specified in the user agreement, or use GPS data to track user location unless specified in the user agreement. TikTok also said they would no longer send or store user data outside of the United States.

All of the above settlement terms are subject to final approval by the U.S. District Judge.

Conclusion

The lawyers representing TikTok users remarked that this settlement was “among the largest privacy-related payouts in history.” And, as noted by NPR, this settlement is similar to the one agreed to by Facebook in 2020 for $650 million. It is possible the size of these settlements will contribute to technology companies preemptively searching out and ceasing practices that may be privacy violative

It is also worth noting the added protection extended to residents of Illinois because of BIPA and its private right of actionthat can be utilized even where there has not been a data breach.

Users of the TikTok app often muse about how amazingly curated their “For You Page” – the videos that appear when you open the app and scroll without doing any particular search – seem to be. For this reason, even with potential privacy concerns, the app is hard to give up. Hopefully, users can rest a bit easier now knowing TikTok has agreed to the settlement reforms.


The StingRay You’ve Never Heard Of: How One of the Most Effective Tools in Law Enforcement Operates Behind a Veil of Secrecy

Dan O’Dea, MJLST Staffer

One of the most effective investigatory tools in law enforcement has operated behind a veil of secrecy for over 15 years. “StingRay” cell phone tower simulators are used by law enforcement agencies to locate and apprehend violent offenders, track persons of interest, monitor crowds when intelligence suggests threats, and intercept signals that could activate devices. When passively operating, StingRays mimic cell phone towers, forcing all nearby cell phones to connect to them, while extracting data in the form of metadata calls, text messages, internet traffic, and location information, even when a connected phone is powered off. They can also inject spying software into phones and prevent phones from accessing cellular data. StingRays were initially used overseas by federal law enforcement agencies to combat terrorism, before spreading into the hands of the Department of Justice and Department of Homeland Security, and now are actively used by local law enforcement agencies in 27 states to solve everything from missing persons cases to thefts of chicken wings.

The use of StingRay devices is highly controversial due to their intrusive nature. Not only does the use of StingRays raise privacy concerns, but tricking phones into connecting to StingRays mimicking cell phone towers prevent accessing legitimate cell phone service towers, which can obstruct access to 911 and other emergency hotlines. Perplexingly, the use of StingRay technology by law enforcement is almost entirely unregulated. Local law enforcement agencies frequently cite secrecy agreements with the FBI and the need to protect an investigatory tool as a means of denying the public information about how StingRays operate, and criminal defense attorneys have almost no means of challenging their use without this information. While the Department of Justice now requires federal agents obtain a warrant to use StingRay technology in criminal cases, an exception is made for matters relating to national security, and the technology may have been used to spy on racial-justice protestors during the Summer of 2020 under this exception. Local law enforcement agencies are almost completely unrestricted in their use of StingRays, and may even conceal their use in criminal prosecutions by tagging their findings as those of a “confidential source,” rather than admitting the use of a controversial investigatory tool. Doing so allows prosecutors to avoid  battling 4th amendment arguments characterizing data obtained by StingRays as unlawful search and seizure.

After existing in a “legal no-man’s land” since the technology’s inception, Senator Ron Wyden (D-OR) and Representative Ted Lieu (D-HI) sought to put an end to the secrecy of StingRays through introducing the Cell-Site Simulator Warrant Act of 2021 in June of 2021. The bill would have mandated that law enforcement agencies obtain a warrant to investigate criminal activity before deploying StingRay technology while also requiring law enforcement agencies to delete data of phones other than those of investigative targets. Further, the legislation would have required agencies to demonstrate a need to use StingRay technology that outweighs any potential harm to the community impacted by the technology. Finally, the bill would have limited authorized use of StingRay technology to the minimum amount of time necessary to conduct an investigation. However, the Cell-Site Simulator Warrant Act of 2021 appears to have died in committee after failing to garner significant legislative support.

Ultimately, no device with the intrusive capabilities of StingRays should be allowed to operate free from the constraints of regulation. While StingRays are among the most effective tools utilized by law enforcement, they are also among the most intrusive into the privacy of the general public. It logically follows that agencies seeking to operate StingRays should be required to make a showing of a need to utilize such an intrusive investigatory tool. In certain situations, it may be easy to establish the need to deploy a StingRay, such as doing so to further the investigation of a missing persons case. In others, law enforcement agencies would correctly find their hands tied should they wish to utilize a StingRay to catch a chicken wing thief.