Current Odds on the Legality of Sports Betting in America

•March 17, 2018 • 13 Comments


In 1992 Congress passed the Professional and Amateur Sports Protection Act (PASPA) disallowing any state to authorize sports betting.[1] This law effectively made intrastate sports betting illegal in 49 states. PASPA allowed for traditional sports betting to continue in Nevada amd allowed for sports lotteries to continue in Oregon, Delaware, and Montana. After twenty years of PASPA operating with no problems New Jersey passed the Sports Wagering Act authorizing and regulating sports wagering on site at any licensed racetrack or Casino in the state.[2] Shortly after the NCAA, MLB, NHL, NBA, and the NFL sued the state of New Jersey under PASPA and  the district court enjoined New Jersey from authorizing intrastate sports betting.[3] The Third Circuit affirmed the district court, holding that PASPA was Constitutional and disallowed states from authorizing intrastate gambling. In a clever, yet unfruitful, response New Jersey decided to repeal any laws prohibiting sports betting, thus ensuring that laws pre-1992 would be in effect.[4] The NCAA and four major sports then sued the new bill, and the Third Circuit ruled that the New Jersey statute authorized sports betting and ruled in favor of the NCAA.[5] New Jersey was then forced to enforce state laws which its legislature had voted to repeal. New Jersey was granted certiori by the Supreme Court and oral arguments were held December 4, 2017. A decision of whether PASPA is Constitutional is expected this summer.


Constitutional Arguments


The main issues in the Christie v. NCAA case are not whether sports betting is harmful (as the federal legislatures declared under PASPA) or beneficial (as the New Jersey legislatures declared under the Sports Wagering Act), but whether PASPA violated the commandeering clause and equal sovereignty doctrine discerned from the tenth Amendment.[6] The NCAA and federal government argue that PASPA substantially affects interstate commerce. The NCAA argues that college and professional athletics employ tens of thousands of people across the nation and allowing purely intrastate gambling would affect the leagues by causing reputational and possibly actual harm.[7] The Third Circuit, using precedent found in Raich[8] and Fillburn[9], held that intrastate sports gambling did affect intrastate commerce and fell under the commerce clause.[10] New Jersey; however, contends that PASPA runs afoul of the Commerce Clause as intrastate gambling is a purely local activity.


The second issue raised before the court is whether PASPA violates the anti-commandeering clause. The NCAA argues that PASPA does not commandeer the states by disallowing the states to authorize sports gambling, because the states are acting in the market by issuing licenses, and thus would fall under the purview of federal law.[11] New Jersey argues that PASPA violates the commandeering clause because it dictates the laws which the states can enact, and in this particular instance PASPA prohibits New Jersey from repealing a statute.[12]


The third Constitutional issue raised is whether PASPA violates the equal sovereignty doctrine. By allowing states to continue authorizing gambling, PASPA effectively allowed Nevada to regulate sports gambling, while disabling other states from passing similar legislation. The Third Circuit agreed with the NCAA that this does not run afoul of the equal sovereignty doctrine because New Jersey in particular had the option to keep their pre-PASPA sports betting regulations on the books, and they elected to enact gambling prohibitions in 1992. New Jersey argues that their prohibitions have been ineffective over the past 25 years and as a state they should be able to determine whether the prohibitions were effective.[13]


Push for Legalized Sports Betting


Since New Jersey had enacted five other states have enacted laws legalizing sports betting in the hopes that PASPA is struck down, thirteen states currently have bills on the floor which would legalize sports betting, and states have passed a study bill which would study the impact on legalized sports betting.[14] Eilers & Krejcik Gaming, which tracks sports betting estimates that in five years sports betting will be legal in 32 states total.[15] With over 55% of Americans supporting legalized sports betting one must wonder why the sudden push?


The biggest incentive for legalizing sports betting is the financial incentives for states. In Nevada alone sports betting has provided  $81,862,418,000 since 1984. Some estimates claim that sports betting is a $400 billion estimate, although these estimates aren’t proven.[16]  In reality it is hard to determine the estimated participation of an illegal activity. The American Gaming Association, estimates that $150 billion were spent on offshore bookies.[17] Some believe the figure could be as low as $60 billion, but would be much higher if there was a domestic option.[18]

While there isn’t a general consensus on how much money sports betting revenue provides, states seem to want a piece of the cut.


The secondary reasons why states and the American Gaming Industry are pusin for legalized sports betting is regulation. With so many bets placed on offshore accounts and predatory internet sites, many Americans are losing larger percentages of the holdings . In both the Amicus briefs on behalf of the state and the New Jersey statutes the parties have indicated that safe regulation and protection of their citizens from illegal bookies is a primary concern for their bills.


Problems with Sports Betting


The two primary concerns that the federal government and the NCAA had with sports betting revolve around the integrity of the sport and the addiction of sports gambling. As mentioned in the serial blog sports betting particularly targets young males between the ages of 18 and 24. In Australia, where sports betting is currently legal, and a $8 billion industry, it is estimated that two-thirds of all gambling addicts are primarily involved[19] Many researchers attribute the rise in addiction to the “gamblization” of sports and the advertising of gambling. With sports playing such a vital role in the American economy and culture, allowing sports gambling could come with increased gambling addiction. In their pleadings, the NCAA also argued that allowing sports betting risks the integrity of the game.[20] Opponents of sports betting argue that allowing sports betting increases the risk that players, and referees would compromise the integrity of the game. Opponents point to incidents including the 1919 World Series, which the Chicago White Black Sox threw because they were paid by the Chicago Mafia, Pete Rose gambling on games in which he played and managed, and the NBA referee gambling scandal of 2007 where half of the NBA’s referees gambled on NBA games in legal sportsbooks.[21] The counterargument to these incidents is that PASPA did not actually prevent any gambling, as all of these incidents were either illegal or post-PASPA. In fact all 4 major sports have contracts with the Swiss company, Sportradar, a company that manages off-shore gambling, and investigates any problems with integrity.[22] The current thought is that by regulating sports-betting, both online and in person, any issues involving  would actually be detected earlier and maybe even prevented with a well regulated scheme.[23] It also appears that even the big 4 is acknowledging the coming impact and benefits of gambling. In an op-ed with the New York Times, NBA Commissioner, Adam Silver, suggested that sports betting was a good idea and the NBA is opening up to the idea.[24] Adam Silver suggested that sports betting is a $400 billion industry (a very unsubstantiated number) and that both the public and the NBA could benefit from the monetary incentives.[25] Silver is a fan of “integrity fees” like the 1% fee on any handles which Indiana has proposed in their sports betting bill.[26] The fee would take 1% of all handles (bets not revenue) and give it to the major sports so they could use the revenue to ensure the integrity of the game. Whether this fee would actually ensure integrity or whether it is a way for multi-billion dollar companies to earn more revenue is another argument.


Questions to Consider


Does PASPA (which does not allow states to authorize sports betting or repeal current laws prohibiting sports betting) run afoul of the 10th Amendment?


Should there be more economic research conducted before we allow states to pass gambling laws for revenue reasons?


How can we ensure intrastate, legal, regulated sports betting, when online off-shore competitors are more accessible and less regulated?


Generally, do you agree that sports betting should be legal, why or why not?

[1] 28 U.S.C. § 3701 et seq.

[2] N.J. Stat. Ann. §§ 5:12A-1 (2012).

[3] NCAA v. Christie, 730 F.3d 208, 232 (3d Cir. 2013)

[4] N.J. Stat. Ann. § 5:12A-7 (2014).

[5] NCAA v. Governor of New Jersey, 832 F.3d 389, 396-97 (3d Cir. 2016)

[6] Brief of Amici Curiae States of West Virginia, Wisconsin, and Wyoming in Support of Petitioners
[7] NCAA v. Governor of New Jersey, 832 F.3d 389, 396-97 (3d Cir. 2016)

[8] Raich v. Gonzalez, 545 U.S. at 19–20, 125 S.Ct. 2195.

[9] Wickard v. Filburn, 317 U.S. 111, 63 S.Ct. 82, 87 L.Ed. 122 (1942)

[10] NCAA v. Governor of New Jersey, 832 F.3d 389, 396-97 (3d Cir. 2016)


[11] Id.

[12] Id.

[13] Id.







[20] NCAA v. Governor of New Jersey, 832 F.3d 389, 396-97 (3d Cir. 2016)


[21] Id.





[25] Id.

[26] Id.



Online Gambling Serial Blog – Daily Fantasy Sports (Blog Post 4 of 7)

•March 17, 2018 • 11 Comments

Since online gambling in the United States has caused many legal uncertainties, including how individual states have dealt with various online gambling issues and how the advancements in internet-based technologies have created uncertainty enforcing online gambling issues, it is necessary for there to be more clear rules and regulations regarding legal issues relating to online gambling in the United States. This blog will discuss various online gambling issues in a seven-part serial blog. The fourth blog post deals with Daily Fantasy Sports (DFS) and if sites like DraftKings and FanDuel are legal to play in the United States.

For those who may not have ever heard of DFS or sites such as DraftKings and FanDuel, it is helpful to understand exactly what is DFS. DFS is based on the season-long fantasy contests that tens of millions of people play each year, most notably for football during the NFL season. [1] Normal season-long fantasy football is when you and a group of other people pick rosters of players and compile points based on those selected players’ statistics over the course of a season. [1] The winner is the person who drafts the team with the players with the best statistics. DFS is like those season-long contests, except boiled down to a single day or week. [1] Instead of drafting a team for an entire season, you pick a team of players for just a day, or for a single week, in the case of DFS contests for the NFL. [1]

The DFS industry is currently dominated by two main companies, DraftKings and FanDuel. [1] These two companies account for more than 90% of market share for DFS. [1] While FanDuel was one of the first movers in the DFS space and the clear industry leader through early 2015, DraftKings has surpassed it for the number one spot. [1] DFS is a large industry with estimates putting the entire amount of entry fees taken in by the DFS companies at more than $3 billion for 2016 with about $250 million in revenue generated by DFS companies. [1]

With such a large industry exploding in recent years, the question has come up whether such sites are legally operating in the United States. The legal exemption for fantasy sports was based on its definition not as gambling but as a game of skill. Under an exception in the UIGEA from 2006, the rules stated that “The term ‘bet’ or ‘wager’ … does not include … participation in any fantasy or simulation sports game or educational game or contest in which (if the game or contest involves a team or teams) no fantasy or simulation sports team is based on the current membership of an actual team that is a member of an amateur or professional sports organization…” [2]

Naturally, the debate then consisted of whether DFS is a game of skill or chance. DraftKings has asserted that daily fantasy is “a skill game and is not considered gambling.” [2] This claim has spread across the entire industry. Legislators agree that “gambling” is all about “chance.” Daily fantasy sites stress the skills and intelligence necessary to succeed in their tournaments as a means of staying on the right side of the law. [3] The Fantasy Sports Trade Association (FSTA) has made the case that that fantasy managers “must take into account a myriad of statistics, facts and game theory in order to be competitive… A manager must know more than simple depth charts and statistics to win; they also must take into account injuries, coaching styles, weather patterns, prospects, home and away statistics, and many other pieces of information in order to be a successful fantasy sports manager.” [3] What FSTA fails to consider is that the same argument is often mounted in defense of conventional sports betting and poker. [3]

In most jurisdictions around the world, DFS is considered a gambling product and requires a gaming license to operate. [1] There are five states where DFS has always been considered to be illegal, which are Arizona, Iowa, Washington, Louisiana, and Montana. [1] Many other states have recently had to deal with the issue of whether DFS should be legal in their state.

In Texas, the Attorney General of Texas released an opinion on the legality of DFS under Texas law on January 19, 2016. In the opinion, the Attorney General stated “[u]nder section 47.02 of the Penal Code, a person commits an offense if he or she makes a bet on the partial or final result of a game or contest or on the performance of a participant in a game or contest. Because the outcome of games in daily fantasy sports leagues depends partially on chance, an individual’s payment of a fee to participate in such activities is a bet. Accordingly, a court would likely determine that participation in daily fantasy sports leagues is illegal gambling ‘under section 47.02 of the Penal Code…It is beyond reasonable dispute that daily fantasy leagues involve an element of chance regarding how a selected player will perform on game day. The participant’s skill in selecting a particular player for his team has no impact on the performance of the player or the outcome of the game.” [4]

On the flip side, Attorney General’s from Massachusetts and Rhode Island have come down and found DFS to be legal. Attorney General Maura Healey from Massachusetts said that she would not pursue any criminal inquiries into DraftKings. [5] She said that there were no federal or state laws that prohibit daily fantasy sports sites from operating, and customers who use DraftKings’ services should not be worried that they are breaking the law. [5] Likewise, in an opinion from the Attorney General of Rhode Island regarding DFS, he stated that, “Although we believe that DFS does implicate certain provisions of existing civil and criminal statutes, it is the opinion of this office that Daily Fantasy Sports may currently operate legally in the State of Rhode Island…Recognizing that although the outcome of some games are purely based upon chance and others entirely on skill, it is clear that DFS, like most games, is a mixture of these factors… The Supreme Court of Rhode Island has adopted the ‘dominant factor’ test to determine if chance exists in a lottery scheme…Applying the ‘dominant factor’ standard, I do not believe that daily fantasy sports constitute a ‘game of chance’ and therefore, daily fantasy sports games to not constitute a lottery under Rhode Island law.” [6]

With DFS, there is a clear absence of safeguards to protect problem gamblers and younger adults. [7] DFS appeal to the demographic most likely to develop gambling problems — young men, who researchers say are more prone to taking risks. [7] FanDuel readily admits that it targets millennials. [7] Fantasy contests have become so popular, and their advertisements so ubiquitous, that gambling counselors say young children are now playing with their fathers or, in some cases, by themselves. [7] Neva Pryor, who counsels gamblers in New Jersey, said that at a recent conference, teachers were saying that on Monday mornings, “all the students talk about is fantasy sports.” [7] Players who bet excessively are usually the last to recognize it, underscoring the need, counselors say, for fantasy sites to list warning signs, such as lying about time or money lost to betting. [7] The council’s director, Neva Pryor, said fantasy sites should require players to prove their age with a driver’s license as there is no age control for DFS. [7] She stated that, “[y]ou can simply open an account in your name, check a box, and put in whatever age you want to put in” and that parents have opened accounts for children. [7]

For a current state-by-state overview of where DFS is considered to be legal and illegal, see

There remain many questions in the DFS industry. How can DFS implement more stringent age requirements through verification of the player’s age? Should there be any federal laws implemented that could eventually take down DFS sites? Is DFS a game of chance or more of a game of skill? Could DFS act as a gateway for people into more mainstream online gambling? Is the addiction and effects on players of DFS much different from those who suffer from gambling problems? Should DFS be required to post information for players who may need help with gambling-like issues? It will be interesting to see if any of these questions will be answered in the coming years or if DFS rules and regulations will remain as they are today.










Cyberterrorism vs Cyber Warfare

•March 11, 2018 • 11 Comments

A hacking group backed by North Korean government reveals the inner machinations of Sony Corporation because of a James Franco comedy.  Once upon a time, such a headline would only be found in an alternate reality. However, in 2014, that is precisely what occurred.

In June 2017, a cyber assault on Ukraine was used to shut down the airport, the railway system, the banks, and the radiation monitoring system inside the Chernobyl power plant.[i]

Most recently, 13 Russian citizens were indicted by the Department of Justice on suspicion of a conspiracy to defraud the United States, conspiracy to commit wire fraud and bank fraud, as well as six counts of aggravated identity theft, due to their attempts to wage information warfare against the United States.[ii]

In all three examples, a group of hackers was sponsored or was suspected to have been sponsored by a state government. Their goal was to cause a disruption in the target’s daily activities as well as substantial actual and potential economic losses.  Yet, none of the attacks were treated as acts of war.

So, were these just cyberterrorist attacks?

Cyberterrorism Definition

The Oxford Dictionary says that cyberterrorism is “the politically motivated use of computers and information technology to cause severe disruption or widespread fear in society.”[iii]

Some states, like Poland, adopt a similar general definition of cyberterrorism. [iv] On the other hand, others choose to be more specific and list what sort of acts constitute cyberterrorism. For example, South Korea includes DDoS attacks as well as Worm viruses as some of the specific forms cyberterrorism can take.

While the majority of these definitions focus on non-state actors, the act of terrorism itself is usually guided by a political motive and a desire to instill fear.

Defining “Act of War”

Title 18 of United States Code defines “act of war” as any act that occurs in the course of declared war; armed conflict, whether or not war has been declared, between two or more nations; or armed conflict between military forces of any origin. [v]

The broad scope of this definition, gives a lot of flexibility when deciding what is and is not an act of war. However, the requirement that the act occur in the course of armed conflict complicates things as it limits the fighting to the military sphere. Thus, unless the target of the cyber attack is a military installation, it would seem that an act of war did not take place.

Such definition of act of war is problematic if a situation like the June 2017 Ukrainian cyber attacks were to occur in the United States. Would a ransom cyber attack on the post office or the AmTrak be considered an act of war? Would a single civilian death as a result of the cyber attack be enough to classify it as an act of war?

In conclusion, the lines between cyberterrorism and state-sponsored cyber attacks, are yet to be clearly drawn. With the ongoing investigation into the Russian interference into the United States election, it is hard to gauge the impact of a single cyber act. In fact, I would argue that trying to distinguish between cyberterrorism and cyber warfare is a waste of resources because the two are often intertwined. The nature of the cyber space itself makes it difficult, nay, impossible to tell the difference between the activities of state sponsored actors and independent hacking groups. Ergo, instead of trying to distinguish between cyber activity, it would be more prudent to update the current definition of the act of war.


Questions to Consider

[1] How would you define cyberterrorism? Do you think a broader, catch-all definition would serve a better function over one with specific examples?

[2] In the grand scheme, does it matter whether or not a cyber attack is defined as an act of war or an act of terrorism? If not, does this mean that the fact that the attacker is a state government versus a non-state actor is not relevant?

[3] Is damage caused by a cyber attack comparable to damages caused by physical act of terrorism/war? If so, then shouldn’t substantial state-sponsored cyber attacks be treated as acts of war?

[4] If a state sponsored cyber attack occurs on the electrical grid and civilian deaths occur as a result, should such an event be considered an act of war?







Online Gambling Serial Blog – Federal Wire Act, UIGEA, and Online Casinos/Poker (Blog Post 3 of 7)

•March 10, 2018 • 5 Comments

Since online gambling in the United States has caused many legal uncertainties, including how individual states have dealt with various online gambling issues and how the advancements in internet-based technologies have created uncertainty enforcing online gambling issues, it is necessary for there to be more clear rules and regulations regarding legal issues relating to online gambling in the United States. This blog will discuss various online gambling issues in a seven-part serial blog. The third blog post deals with the Federal Wire Act, the UIGEA, and the current legal state of online casinos and online poker in the United States.

Today, there still seems to be much confusion over what is technically legal and illegal when dealing with online casinos and online poker. To gain a better understanding of the current laws today, I believe it is important to understand the legislation that deals with these issues today and how there have been various interpretations of the legislative intent for such regulations.

When dealing with online gambling and poker, the first piece of legislation to consider is the Federal Wire Act. U.S. Attorney General Robert F. Kennedy introduced the Federal Wire Act in 1961, which sought to target the mob’s most pro table racket—bookkeeping on horseracing and sports gambling by prohibiting such gambling on the nation’s communication system at the time, which included the telephone and telegraph. [1] The Federal Wire Act was originally intended and long understood as a narrow and targeted weapon to assist the states in preventing organized crime from taking bets on sports—not as a broad federal prohibition that would prevent states from legalizing online gambling within their borders. [1]

Over time, there were various legal disputes over whether the Federal Wire Act would expand to prevent not only sports betting, but online casinos and poker as well. In a 2002 case, In re MasterCard Intern. Inc., the Fifth Circuit held that the Federal Wire Act applied only to online wagers relating to sporting events or contests and concluded that both the plain language and legislative history of the Federal Wire Act made its application only to sports betting abundantly clear, agreeing with the lower court’s conclusion that even a summary glance at the recent legislative history of Internet gambling legislation reinforces the Court’s determination that Internet gambling on a game of chance is not prohibited conduct under the Federal Wire Act. [1]

On the other hand, the District Court of Utah departed from the Fifth Circuit’s interpretation of the Wire Act, in U.S. v. Lombardo, concluding that two out of three of the Federal Wire Act’s prohibitions apply to all gambling and not just sports betting. [1] Specifically, the Lombardo court concluded that while the Wire Act clearly prohibits wire communications related to the transmission of actual bets only for sporting events, because the word “sporting event” does not appear in the next two clauses, prohibiting wire communications related to receiving money or credit for bets and receiving information about bets, those two prohibitions in the Wire Act apply to all gambling and aren’t limited to sports betting. [1] The Lombardo court reasoned that reaching the Fifth Circuit’s conclusion would require them to assume Congress meant to include the “sporting” language in the two other parts of the Act but inadvertently forgot to do so. [1]

With the courts fighting to interpret the Federal Wire Act, the DOJ (Department of Justice) stepped in to clarify the meaning of the Federal Wire Act. After thorough consideration, the OLC (Office of Legal Counsel, a higher office within the DOJ) issued a memo in 2011 declaring that because online lotteries proposed by Illinois and New York did not involve sports, they fell outside the scope of the Wire Act. [1] The opinion was hailed as a game changer because, while OLC only considered the lottery schemes of New York and Illinois, it dispelled any ambiguity about the Federal Wire Act’s gambling prohibitions, clearing the way for other states to legalize and regulate other forms of non-sports intrastate gambling. [1]

Since the Federal Wire Act seemed to not prohibit online gambling or poker, there was an explosion of such sites in the United States. One piece of legislation, known as the Restoration of America’s Wire Act, would create a de facto federal prohibition on Internet gambling and thwart states’ attempts to legalize and regulate the activity. [1] While this Act has not passed yet, the UIGEA was legislation that furthered altered how online casinos and online poker rooms were regulated in the United States.

The Unregulated Internet Gambling Enforcement Act (UIGEA) was enacted in 2006. As unregulated internet gambling exploded in the years prior to the passage of UIGEA, online casinos and poker became extremely popular during this era and operated in a gray area of the law. [2] While the UIGEA’s intent was to make payment processing for these industries illegal, it was already unlawful to do so before UIGEA. [2] The UIGEA prohibits any person, including a business, engaged in the business of betting or wagering from knowingly accepting payments in connection with the participation of another person in unlawful Internet gambling. [3] Such transactions are termed “restricted transactions” and the UIGEA requires the Secretary of the Treasury and the Board of Governors of the Federal Reserve System, in consultation with the U.S. Department of Justice, to designate payment systems that could be used in connection with or to facilitate restricted transactions. [3] Such a designation makes the payment system, and financial transaction providers participating in the system, subject to the requirements of the rule.

UIGEA also requires the Agencies, in consultation with the U.S. Department of Justice, to issue a rule requiring designated payment systems and financial transaction providers participating in each designated payment system to establish policies and procedures reasonably designed to identify and block, or otherwise prevent or prohibit, restricted transactions. [3] The goal of the  UIGEA was to encourage offshore gambling sites to exit the United States market by creating a specific law to punish individuals and companies that processed payments to these entities. [2]

The UIGEA only pushed about two-thirds of the companies out of the US market. [2] It created a black market of unregulated sites that often were not legitimate businesses. [2] Many of the sites that remained in the US market turned out to be scams. [2] The UIGEA was implemented for the first time on what is now known as Black Friday for online poker. [2] On April 15, 2011, online poker players around the world woke up to a big surprise as the FBI and the U.S. Department of Justice had seized the domain names of some of the largest poker sites in the world, including Poker Stars and Full Tilt Poker. [4] They replaced the normal home page content on these poker sites with their own message, that they had taken down the sites for allegedly violating US law. [4]

As stated earlier, the U.S. Justice Department released an opinion in 2011 that acknowledged that states have the right to legalize and regulate gambling over the Internet. The memo notes that the Federal Wire Act only applies to interstate sports betting. Language in the UIGEA specifically gives states the right to legalize and regulate online gambling.

Today, Delaware, Nevada, and New Jersey regulate online gaming. [5] All three states comply with the age and location verification language of the UIGEA. [5] Online state lottery sales available in several states also follow the verification rules mandated by UIGEA. [5] For ordinary American gamblers, while online gambling remains in the murky waters of confusion and complex legislation, it is still possible to gamble online – just not, in most cases, with operators domiciled in the United States. [6]

Since online gambling is such a large industry, it will be interesting to see if more states or the federal government attempt to legalize online casinos and poker and attempt to get a percentage of revenues which can help provide funding for state or federal programs.

What advantages and disadvantages are there to states prohibiting online casinos and online poker? Does the prohibition of online casinos and poker sites outweigh the benefits of potential state and federal revenues? Should states be left to decide if online casinos and poker rooms should be legal within the state or should there be a federal statute that permits or prohibits such sites throughout the United States? With so many sites based out of the United States and the rise of cryptocurrencies that allows for anonymous payments to such sites, does the UIGEA have any real effect at all? It will be interesting to see whether legislation will catch up to emerging technologies and will change or will continue to lead to legal confusion in the United States for people who want to play on online casinos and poker rooms.

























Cryptocurrency: a Brave New World

•March 10, 2018 • 10 Comments

Bitcoin, dogecoin, ether, litecoin, blockchain, Mt. Gox – just a few of the terms any cryptonerd is expected to ring off without second thought. While some of us may have heard of a few of the terms before, the real question becomes, does anyone really understand this stuff? One would assume that before getting involved in cryptocurrencies investors would do their due diligence. Yet, time and time again we see reports that a recent Initial Coin Offering (ICO) or a new and promising bitcoin competitor was really a wolf in sheep’s clothing. [1] This can, at least in part, be blamed on the complexity that is cryptocurrency. Even honest people get caught up in a misunderstanding of the complex law surrounding securities, more specifically whether their cryptocurrency related activities qualify as a securities issuance. [2] However, blame can also be put on nefarious actors trying to make a quick buck. This post will explore some of the issues that have arisen around cryptocurrencies with particular focus on the recent explosion of fraud and other activity that is closely related.

Cryptocurrencies: the Talk of the Town

There is no question that cryptocurrencies are a hot topic. Many are claiming that the crypto-bubble is about to burst at any minute, while others claim that the bubble is far from bursting because the industry is in its infancy. [3] Regardless, bubbles only arise in the context of paradigmatic shifts in investor expectations. Black’s Law Dictionary defines a bubble as, “[a] temporary market condition of inflated value created especially in a particular segment of the economy by excessive speculation or buying, the result being artificial inflation of values.” [4] Indeed, it appears a bubble is here. For instance, there has been an unusual trend of public companies inserting cryptocurrency “buzzwords” into their name, or alternatively changing the name of the entity all together. [5] These companies have seen surging valuations of their stock, however questions remain as to whether these companies are truly pivoting their business models or rather trying to make a quick buck off of unrealistic investor expectations. [6] While there is little question that these entities intend to become involved in the cryptocurrency game to an extent, whether that be by getting involved in mining, announcing an intent to do an ICO, or some vague reference to the usage of blockchain, the question becomes whether it is a misrepresentation to stock holders that the underlying business model has changed. [7] However, these entities are no where near the worst of the bunch – enter, ICOs.

Crowdfunding…What Exactly? The Rise of ICO’s

To truly understand ICOs you must first understand Initial Public Offerings (IPOs). An IPO is when a company, for the first time, offers their stock for sale to the general public. [8] Companies use IPOs to raise capital for expanding their underlying business and are responsible for reporting how they use this capital to both investors and the SEC. [9] However, unlike IPOs, most ICOs have no underlying successful business, and further unless registering with SEC have little to no oversight by any regulatory agency. [10] ICOs use bitcoin, ether, or some other cryptocurrency which is already in existence as the currency with which investors purchase a stake in the ICO, and in exchange are given a “token” or “coin”. [11] The Economist describes these token or coins as “essentially digital coupons, tokens issued on an indelible distributed ledger, or blockchain, of the kind that underpins bitcoin . . .  That means they can easily be traded, although unlike shares they do not confer ownership rights . . . Investors hope that successful projects will cause tokens’ value to rise.” [12]

An important distinction between IPOs and ICOs is that to date, no ICO has been registered under the 1934 Securities Act which requires the issuer to register a prospectus. [13] A prospectus contains information about the company’s financial health in order to allow investors to make an intelligent investment decision. [14] This information is quite detailed including, “information about the issuer’s financial condition, the identity and background of management, and the price and amount of securities to be offered.” [15] The question becomes whether these ICO issuances are actually securities issuances such that section 5 of the Securities Act applies. “Section 5(a) of the Securities Act provides that, unless a registration statement is in effect as to security, it is unlawful for any person, directly or indirectly, to engage in the offer or sale of securities in interstate commerce.” [16] The SEC has recently indicated that at least one such ICO by an entity referred to as The DAO failed to register in spite of the fact that the issuance was clearly a securities issuance. [17] The DAO project has since been shut down after a hacker managed to make off with nearly $50 million in ether. [18] Although running afoul of the law, the DAO had good intentions.

Nefarious ICOs

That is not to say that all ICOs are well intentioned. One need look no further than January of this year to find an example indisputably fraudulent activity related to cryptocurrencies and ICOs. [19] AriseCoin claimed to be “a new digital currency that enables the global economic system the world has been waiting for . . . This new economic system combines the best features of capitalism and socialism, while removing their defects. It’s capitalism without the inequality and socialism without the lack of opportunity.” [20] AriseCoin was supposed to be supported by AriseBank, which claimed to have purchased an FDIC-insured bank, “which would allow it to offer banking products not available on other cryptocurrency projects,” however the Securities Exchange Commission (SEC) says this is patently false. [21] Further, the project claimed to have raised $600 million in capital during its ICO, however, media outlets have been unable to corroborate that claim. [22] The SEC has since shut the project down. [23]

One month earlier, the SEC’s cyber fraud unit took the first enforcement action against an ICO when it shut down PlexCoin. [24] The SEC had been tepid regarding whether they would strictly enforce regulations against ICOs because they are an important source of innovation and had previously made clear that another ICO had “run afoul of securities law, but that [they] would decline to prosecute those responsible. The hope was to get the cryptocurrency world to take securities laws more seriously without doing anything drastic.” [25] The SEC however, found PlexCoin to be an egregious set of circumstances due to the fact that proprietor of PlexCoin’s ICO was a “recidivist securities law violator.” [26]

Cryptocurrency Heists

Despite clear evidence that cryptocurrencies, particularly new cryptocurrencies, have some major risk involved there is also an underlying risk of cryptocurrency heists. For instance, in January of this year hackers made off with $400 million in XEM, a lesser known cryptocurrency, stolen from a cryptocurrency exchange known as Coincheck. [27] In response, Coincheck froze all trading. [28] Coincheck has reportedly promised to partially refund the 260,000 investors effected by the hack. [29] Another now defunct cryptocurrency exchange, Mt. Gox, had to close its doors in 2014 after hackers made off with $400 million in bitcoin. [30] Thus, cryptocurrencies are not just risky when an ICO is announced, but even attempting to cash out through an exchange carries risks. No one knows what new issue tomorrow will bring, however, there is little doubt that as these nascent technologies continue to develop, growing pains will abound.


Questions to consider:

(1) Should cryptocurrencies be regulated as securities, or are they more accurately a currency as the name implies? If they are a currency, what type of regulation should apply to prevent fraud?

(2) Should something be done to prevent companies from changing their names to take advantage of the hype surrounding cryptocurrencies? What about a company that truly intends to change their business model? Where do we draw the line?

(3) Does traditional securities regulations seem to fit into the cryptocurrency world, or would a ground up approach be superior? What might this ground up approach look like?

(4) What type of regulations should apply to cryptocurrency exchanges, particularly in light of the continued heists that occur?

(5) Should the schemas devised to regulate cryptocurrencies, ICOs, and exchanges all work together or does independent regulation of each of these areas seem superior?


[1] Timothy B. Lee, Feds shut down alleged $600 million cryptocurrency scam, ArsTechnica (Jan. 30, 2018),

[2] Timothy B. Lee, Using a blockchain doesn’t exempt you from securities regulations, ArsTechnica (Jan. 30, 2018); Report of Investigation Pursuant to Section 21(a) of the Securities Exchange Act of 1934: The DAO, (July 25, 2017),

[3] Ted Knutson, Cryptocurrency Bubble Burst Unlikely, Says Ex-CFTC Chair, Now Crypto Industry Adviser, Forbes (Mar. 8, 2018),

[4] Bubble, Black’s Law Dictionary (10th ed. 2014).

[5] Factbox: Companies change names, businesses to ride the crypto wave, Reuters (Dec. 22, 2017),

[6] Id.

[7] Id.

[8] Adam Hayes, IPO Basics: What is an IPO?, Investopedia (Last visited March 3, 2018).

[9] Id.

[10] Alex Wilhelm, WTF is an ICO?, TechCrunch (May 23, 2017),

[11] Id.

[12] The market in Initial Coin Offerings risks becoming a bubble, The Economist (Apr. 27. 2017),

[13] Report of Investigation Pursuant to Section 21(a) of the Securities Exchange Act of 1934: The DAO, supra note 2 at 10.

[14] Id.

[15] Id. (quoting SEC v. Cavanagh, 1 F. Supp. 2d 337, 360 (S.D.N.Y. 1998)).

[16] Id.

[17] Id.

[18] Dan Goodin, Bitcoin rival Ethereum fights for its survival after $50 million heist, ArsTechnica (June 21, 2018),;

[19] Lee, supra note 1.

[20] Id. (quoting the AriseCoin developers white paper on the cryptocurrency).

[21] Id.

[22] Id.

[23] Id.

[24] Timothy B. Lee, Feds shut down allegedly fraudulent cryptocurrency offering, ArsTechnica (Dec. 4, 2017),

[25] Id; Report of Investigation Pursuant to Section 21(a) of the Securities Exchange Act of 1934: The DAO, supra note 2.

[26] Lee, supra note 24.

[27] Sean Gallagher, Two new cryptocurrency heists make off with over $400M worth of blockchange ArsTechnica (Jan. 26, 2018),

[28] Id.

[29] Daniel Shane, $530 million cryptocurrency heist may be biggest ever, CNN (Jan. 29, 2018)

[30] Jose Pagliery, How Mt.Gox went down, CNN (Feb. 26, 2014)

“Almost-Stalking”: The Difficulty of Criminalizing Doxing

•February 24, 2018 • 13 Comments

Doxing or doxxing is difficult to define. The word derives from the phrase “dropping dox”, short for “dropping documents”, which was a tactic used by rival hackers in the 1990s to expose each other’s anonymity for harassment or to intimidate through risk of law enforcement action.[i] In its modern usage, it encompasses broader behavior than that; one attempted definition is as follows:

The public release of an individual’s private, sensitive, personal information, such as:

  • Home address, email address, phone number
  • Social security number
  • Employer and employer contact info
  • Family member’s contact info
  • Photos of victim’s children and the school they attend.[ii]

After the Charlottesville “Unite the Right” rally-turned-incident[xiii], people began sharing photographs of the white nationalist protesters on social media accounts, seeking for identification of those depicted.[xiv] The posting of the photographs may or may not be considered doxing, but responding comments which named the individuals depicted or their places of residence are clearly acts of doxing. Doxing is not its own crime and is often prosecuted under stalking or harassment statutes like 18 U.S.C. § 875(c).[iii]

Because doxing accompanied by threats can be properly prosecuted as cyberharassment or cyberstalking, setting apart doxing as a crime itself must encompass behavior that doesn’t fall so easily into those categories: for example, taking publicly-available personal information and concentrating it in one place without the consent of the person described, e.g. uncovering someone’s real name, connecting it to their online alias, and then publicizing the person’s real name and family connections alongside their alias.[iv]

The extremely broad reach of the term doxing has led to the discussion of doxing as a possible crime to emphasize the intent of the doxer, lest valuable speech be criminalized.[v] The First Amendment’s protection of free speech requires strict scrutiny of government statutes which purport to regulate speech. One commonly used exception to this strict scrutiny is the “true threat” doctrine, which holds that speech which is a “true threat” is unprotected by the First Amendment, and therefore may be freely regulated by States. [vi] Much effort has gone into discussion on whether or when speech can be considered a “true threat”, but the Supreme Court has yet to declare what test should be used for “true threats”, and therefore what limitations the First Amendment places on regulating threatening speech, including doxing.[vii]

An extensive analysis of how to differentiate kinds of speech which give rise to criminal activity was done by Professor Eugene Volokh at UCLA School of Law.[viii] Professor Volokh describes 5 potential classifications of speech which facilitates crime which could be used as a basis for a First Amendment exception, though few such exceptions exist in current law:

  1. Speech said to a few people who the speaker knows are likely to use it to commit crime.
  2. Speech, broadly published, with virtually no noncriminal use.
  3. Speech facilitating extraordinarily serious harm, such as nuclear or biological attacks.
  4. Speech, the sole noncriminal value of which is entertainment.
  5. Valuable speech which has been intentionally marketed or framed as to appeal predominantly to its criminal use rather than its noncriminal use. [ix]

[Note: Volokh rejects the last two categories himself, but they are listed here for completeness]

Applying Professor Volokh’s schema to the subject of doxing, cases seem likely not to fall neatly into any of the above categories, the best approximation being a combination of categories 1 and 2. Volokh’s category 1 is based on common law aiding and abetting and emphasizes the need for this category to remain narrow; because many forms of speech have both criminal and noncriminal value, broadly distributing dual-purpose speech even with actual knowledge that some listeners will use the speech to commit crime should be permissible.[x] Examples he gives are chemistry textbooks on explosives, or journalistic websites which describe websites that infringe copyright (think news article describing The Pirate Bay).[xi] The same principles underlie his category 2.

A balancing test could be imagined which assessed 1. the knowledge of the speaker of the listeners’ intent to commit harm and 2. the value of the speech against 3. the size of the audience to create a standard which could work for doxing. However, this test would be limited by strict scrutiny and vagueness doctrines, which may render them unworkable.




Questions for Discussion:

  1. Suppose a doxer, with the intent to publicly shame, Tweets the real name, address, and a photograph of a victim on that victim’s anonymous Twitter handle, as well as an account of a personal harm the victim made against the doxer. Let’s say, the victim frequently criticizes the doxer, but at no point has this antagonistic relationship risen to threats of violence.
    1. What moral culpability do you assign to the doxer? Should this be a crime?
  2. Same facts as 1. Without the intentional design of the doxer, a third-party sees the information and further commits the crime of cyberstalking against the victim (18 USC 875(c) threats of injury to the victim).
    1. What moral culpability do you assign to the doxer? Should the original doxing be a crime?
  3. “…where particular speech falls close to the line separating the lawful and the unlawful, the possibility of mistaken factfinding… create[s] the danger that the legitimate utterance will be penalized. The man who knows that he must… persuade another of the lawfulness of his conduct necessarily must steer far wider of the unlawful zone than if the State must bear these burdens.”[xii]
    1. A balancing test always creates a risk to the public, because it’s not going to be 100% clear how a court will rule when factors are weighed. In what ways do you think a balancing test could be structured to mitigate the dangers of chilling valuable speech while still allowing for doxing to be criminalized?
  4. Should we extend accessory liability to doxers, such that the doxer would be an accessory-before-the-fact to any resultant crimes committed by people who used the information released? What policy concerns would you have for or against this?

[i] Decca Muldowney, So What the Hell Is Doxxing? (2017), (last visited Feb 24, 2018).

[ii] Julia M. MacAllister, The Doxing Dilemma: Seeking a Remedy for the Malicious Publication of Personal Information, 85 Fordham L. Rev. 2451 (2017), quoting Mary Anne Franks, Professor, Univ. of Miami Sch. of Law, Remarks at the American Bar Association Program on Doxing, Swatting, Trolls, and SJWs: Harassment and Gender Discrimination on Social Media Platforms (Nov. 8, 2016) (on file with the Fordham Law Review).
Available at:

[iii] Joey L Blanch, An Introduction to Violent Crime on the Internet, 64 Cyber Misbehavior 2–11 (2016), (last visited Feb 24, 2018).


[v] MacAllister, supra at 2463.

[vi] Watts v. U.S., 394 U.S. 705 (1969).

[vii] See Elonis v. United States, 135 S. Ct. 2001 (2015).

[viii] Eugene Volokh, Crime-Facilitating Speech, HeinOnline — 57 Stan. L. Rev. 1097 2004-2005, available at

[ix] Id. At 1217-18.

[x] Id. At 1174-79.

[xi] Id.

[xii] Speiser v. Randall, 357 U.S. 513, 516.

[xiii] Andrew Katz, Unrest in Virginia (2018), (last visited Feb 27, 2018).

[xiv] Sean Gallagher, Internet turns on white supremacists and neo-Nazis with doxing, phishing (2017), (last visited Feb 27, 2018).

Swatting: A Cyber Threat with Real World Repercussions

•February 24, 2018 • 11 Comments

Swatting is a cyber threat that covers a wide range of offenses and is often carried out by individuals with a great deal of technical skill. Because of this, it presents the justice system with a difficult task in trying to address the issue. Many swatters utilize technology to make it more difficult to trace their activity, and their actions take advantage of third parties to carry out real-world harm to their victims, going beyond the scope of other cyber offenses such as cyber-stalking. Part of the difficulty in addressing this type of crime is figuring out how to classify it; deciding which laws to use to punish those who commit the offense. This presents the question of whether a separate, comprehensive federal law should be created to address the issue directly.

Swatting: The Dangers and Costs

The crime itself involves an individual notifying emergency services with a fraudulent report of serious criminal activity at their victim’s location in order to elicit a forceful response from law enforcement, usually in the form of a SWAT team.[1] These criminals often use Caller ID “spoofing” technology, allowing them to deceive emergency services into believing that the call is coming from the target location.[2]

This creates an incredibly dangerous situation for both the victim and the law enforcement officers responding to the report. SWAT teams arrive heavily armed and ready to react to a high-risk situation with deadly force.[3] An unsuspecting victim will often become confused and disoriented from the spontaneous, aggressive arrival of police officers, causing the victim to react in such a way that might increase the chance of police using violent force against them.[4] Victims, thinking their home is being invaded by intruders, might respond with violence of their own, possibly hurting an officer in self-defense.[5] Beyond the physical harm swatting creates is the economic cost; there is the wasteful drain that comes from responding to false reports. Each deployment of a SWAT team can cost police departments thousands of dollars, and false reports can divert resources from real emergencies that require police attention.[6]

The Wichita Incident

The true extent of the physical danger that swatting presents came to light this past December, when the first fatality as a result of swatting occurred in Wichita, Kansas. After a dispute in an online video game, Los Angeles resident Tyler Barriss allegedly made a false report to Wichita police about a hostage situation occurring at the home of Andrew Finch.[7] When police arrived, Finch emerged from his front door and was killed by an officer.[8] The police have stated that they believed Finch had moved his hands toward his waistband, and appeared to be reaching for a possible weapon.[9] Neither Barriss nor Finch were involved in the original dispute, and it is believed that a third party asked Barriss to commit the act.[10] This case involves several factors that make it a significant case for change in the way the justice system responds to the swatting phenomenon. The fact that Barriss’ actions resulted in a death widens the scope of charges in a swatting case, and the actions of third parties – from the police officer who fired the shot, to the individual who asked Barriss to make the call – further complicate the issue.

The Current Response to Swatting

Actually tracking and locating swatters requires police to pay attention to the internet and social media presence of both the culprit and the victim, since many swatters prey on individuals who are very active on social media and video streaming platforms such as Twitch and YouTube.[11] Because of this, investigations require the cooperation of these businesses and service providers to provide information on swatting suspects. Following a series of swatting incidents in Texas, police were able to track down Zachary Lee Morgenstern after Google and Twitter provided police with the IP addresses associated with Morgenstern’s social media accounts.[12] In the Wichita case, Barriss claimed responsibility for the fraudulent call on Twitter, and explained through YouTube that he had been instructed to perform the crime.[13]

There are currently no federal laws directly related to swatting with which to charge the culprit after apprehending him.[14] Some states have specific statutes related to falsely reporting an emergency, but when there is no such statute, law enforcement has had to creatively utilize related charges and connect them to the act of swatting by viewing it as a step through which the perpetrator committed other crimes.[15] Some charges that police have used include conspiracy to commit device fraud, making interstate threats, and obstruction of justice. The Wichita case presents the difficulty in addressing an interstate issue with an amalgamation of state laws. Barriss is set to face charges in Kansas, but is also connected to incidents in Illinois, New Hampshire, and even Calgary, Canada.[16] In Kansas, he faces a charge of manslaughter due to the resulting fatality, narrowly avoiding a felony murder charge because causing a false alarm is not among the “inherently dangerous felonies” listed under the state’s felony-murder statute.[17]

The Proposed Federal Statute

There have been attempts to create federal legislation against swatting, but so far none have become actual law. The “Swatting Won’t be Accepted or Tolerated Act of 2015” introduced by Senator Charles Schumer would have punished those who would make any “false, fictitious, or fraudulent statement . . . to a Federal law enforcement agency that causes an emergency Federal law enforcement response” with up to eight years in prison, and force them to repay costs to the government for emergency response resources.[18] Massachusetts Representative Katherine Clark introduced a bill called the “Interstate Swatting Hoax Act” in December of 2015.[19] This bill included criminal penalties for anyone who, “with the intent to cause an emergency response by any law enforcement agency, . . . knowingly transmit[s] false or misleading information” that a crime is taking place, as well as civil actions for reimbursement of expenses for the emergency response.[20] The criminal penalties addressed the various degrees of harm, from the basic cost of the response to any resulting death.[21] With many states being slow to directly respond to the swatting issue, federal legislation such as this could help greatly in addressing such a wide ranging, interstate problem.

Addressing Third Parties

As stated previously, social media and internet-based service platforms play an important part in the way swatters connect with their victims, and so it is necessary to address the extent of their responsibility in these cases. Websites such as YouTube and Twitch already offer legal services to counter cyberbullying and swatting, but this generally amounts to banning users after they are reported or cooperating with police after a swatting incident has taken place.[22] Some might suggest that such services should take on the burden of increasing monitoring efforts, be able to notify users of potential threats, and provide specific information to help the user report the threat to police.[23] The Communication Decency Act generally protects online entities from liability for the actions of their users, and case law cites the economic cost of screening millions of users as a basis for shielding these service providers from liability.[24]

The Wichita case also presents the issue of third parties who incite the act of swatting. This brings up the question as to the extent of the responsibility of the person who asked Barriss to make the hoax report. There is also the issue of the actions taken by police, and whether they acted appropriately once they arrived at the scene.


Issues for Discussion

  1. Would federal legislation be an effective solution to the problem of swatting, or should it be left to the states to improve their current laws to appropriately address the issue?
  2. What could be added to any proposed legislation to make it more comprehensive in dealing with the breadth of concerns swatting presents? How should it address third parties like the individual who incited the call in the Wichita case?
  3. Should online service providers take greater responsibility for the actions that take place through use of their channels? What duty, if any, do they owe to their users and is it great enough that they should bear the cost of increased monitoring?
  4. How should SWAT tactics adapt to the growing swatting phenomenon to prevent serious harm in the event of a false alarm? What is the extent of the responsibility of law enforcement in a case like the one in Wichita?

[1] Matthew James Enzeweiler, Swatting Political Discourse: A Domestic Terrorism Threat, 90 NOTRE DAME L. REV. 2001, 2002 (2015).

[2] Id.

[3] Jason Fagone, The Serial Swatter, NEW YORK TIMES (Nov. 24, 2015),

[4] Id.

[5] Darla Slipke, Court document reveals more about Sentinel, OK, bomb threat, NEWSOK (Jan. 22, 2015),

[6] Supra Enzeweiler at 2008.

[7] James Queally and Richard Winton, L.A. ‘swatting’ suspect charged with manslaughter in Kansas over hoax call that led to fatal police shooting, Los Angeles Times (Jan. 12, 2018),

[8] Id.

[9] Id.

[10] Id.

[11] Elizabeth M. Jaffe, Swatting: The New Cyberbullying Frontier After Elonis v. United States, 64 Drake L. Rev. 455, 456 (2016).

[12] Cyrus Farivar, After “you can’t catch a hacker” boast, FBI makes easy work of swatting teen, Ars Technica (Aug. 11, 2015),

[13] Suspect in deadly “SWATting” prank served time for phony bomb report, CBS News (Jan. 2, 2018),

[14] Supra Jaffe at 467.

[15] Id. at 468.

[16] Supra Queally & Winton.

[17] Id.

[18] Supra Jaffe at 467.

[19] Sam Machkovech, Anti-swatting US Congresswoman targeted in swatting attack, Ars Technica (Feb. 1, 2016),

[20] H.R. 114-4057

[21] Id.

[22] Supra Jaffe

[23] Id.

[24] Id.