Tuesday Talk*: Should Law Students Be Taught To Hack?
Scott Shapiro teaches at Yale Law School, which is bad enough, but what he teaches is even more concerning.
For the past four years, I have taught a cybersecurity class at Yale Law School in which I show my students how to break into computers. Having grown up with a user-friendly web, my students generally have no real idea how the internet or computers work. They are surprised to find how easily they learn to hack and how much they enjoy it. (I do, too, and I didn’t hack a computer until I was 52.) By the end of the semester, they are cracking passwords, cloning websites and crashing servers.
It’s one thing to come upon hacking (the computer kind, not the MIT kind) of your own accord. It’s another to tell people who would otherwise manage to live their lives using Windows how to do so. Why?
Why do I teach idealistic young people how to lead a life of cybercrime? Many of my students will pursue careers in government or with law firms whose clients include major technology companies. I want these budding lawyers to understand their clients’ issues. But my larger aim is to put technical expertise in its place: I want my students to realize that technology alone is not enough to solve the problems we face.
It’s true that some Yale law students end up in government. Historically, quite a few went to work for the government to bide their time until a federal judgeship or corner biglaw office opened up. But these days, they also march, shout down speakers with whom they disagree and, maybe, throw Molotov cocktails into police cars. There are some Yale law students, perhaps many or even most, who believe their “cause” is more righteous than the law. Indeed, this is exacerbated by their being taught that the law is a sham as reflected by our illegitimate Supreme Court of partisan hacks.
The good news is that there are promising ways to tackle the human dimensions of the problem — that is, the social, economic and psychological aspects. The bad news is that we have largely failed to pursue them.
While he didn’t quite mean it this way, it nonetheless remains true that these students are seeing the utility of hacking in social, economic and psychological aspects. Shapire is referring to students appreciating that the technical ability to hack is only one dimension of the problem. What of students appreciating that if black hat hackers can do it for bad purposes, why can white hat hackers, meaning them because of course they’re the good guys in their own story, do it for their righteous purposes?
Shapiro goes on reciting a variety of good purposes and reasons for his course, such that future lawyers can address the threats of hacking in an effective and comprehensive way. Fair enough. But it assumes that their interest in the subject aligns with Shapiro’s rather than the hackers.
We can also help hackers themselves. Hackers are often thought of as brilliant disaffected young men who live in their parents’ basements and wreak havoc for the sheer fun of it. The truth is more familiar. Cybercriminals are, by and large, out to make a living — often in the absence of legitimate ways to use their skills.
Whether that’s true isn’t clear, as this wasn’t a law review article and Shapiro dropped no footnote. But need the lesson be that Yale (or any law school) law students will grow into lawyers dedicated to thwarting the nightmare of hacking, or that Yale law students will grow into lawyers who have learned a trade that can be used for the cause?
Shapiro, obviously, has faith in Yale law students being taught, and possessing, the skills to crack passwords, clone websites and crash servers. Do you? Will this further these inchoate senators to enact laws that effectively address hacking or will this enable them to bring down any person or entity that fails to align with their ideology?
*Tuesday Talk rules apply.