Digital Commons Network^™

Do Not Touch My Data: Exploring A Disclosure-Based Framework To Address Data Access, Francis Morency

Washington and Lee Journal of Civil Rights and Social Justice

Companies have too much control over people’s information. In the data marketplace, companies package and sell individuals’ data, and these individuals have little to no bargaining power over the process. Companies may freely buy and sell people’s data in the private sector for targeted marketing and behavior manipulation. In the justice system, an unchecked data marketplace leaves black and brown communities vulnerable to serious data access issues caused by predictive sentencing, for example. Risk assessment algorithms in predictive sentencing rely on data on individuals and run all relevant data points to provide the likelihood that a defendant will recidivate low …

Peeling Back The Student Privacy Pledge, Alexi Pfeffer-Gillett

Scholarly Articles

Education software is a multi-billion dollar industry that is rapidly growing. The federal government has encouraged this growth through a series of initiatives that reward schools for tracking and aggregating student data. Amid this increasingly digitized education landscape, parents and educators have begun to raise concerns about the scope and security of student data collection.

Industry players, rather than policymakers, have so far led efforts to protect student data. Central to these efforts is the Student Privacy Pledge, a set of standards that providers of digital education services have voluntarily adopted. By many accounts, the Pledge has been a success. …

“Hello…It’S Me. [Please Don’T Sue Me!]” Examining The Fcc’S Overbroad Calling Regulations Under The Tcpa, Marissa A. Potts

Brooklyn Law Review

Americans have received unwanted telemarketing calls for decades. In response to a rapid increase in pre-recorded calls made using autodialer devices, Congress enacted the Telephone Consumer Protection Act (TCPA) in 1992. The TCPA imposes restrictions on calls made to consumers’ residences and wireless phones using autodialer devices, even if they are not telemarketing calls. Congress appointed the Federal Communications Commission (FCC) to prescribe rules and regulations to enforce the TCPA. In 2015, the FCC released an order that defined autodialer more broadly under the statute. Consequently, devices that have the potential to become autodialers in the future, even if they …

Moving Beyond “Reasonable”: Clarifying The Ftc’S Use Of Its Unfairness Authority In Data Security Enforcement Actions, Timothy E. Deal

Fordham Law Review

Data security breaches, which compromise private consumer information, seem to be an ever-increasing threat. To stem this tide, the Federal Trade Commission (FTC) has relied upon its authority to enforce the prohibition against unfair business practices under section 5 of the Federal Trade Commission Act (“section 5”) to hold companies accountable when they fail to employ data security measures that could prevent breaches. Specifically, the FTC brings enforcement actions when it finds that companies have failed to implement “reasonable” data security measures. However, companies and scholars argue that the FTC has not provided adequate notice of which data security practices …

Regulating Healthcare Robots: Maximizing Opportunities While Minimizing Risks, Drew Simshaw, Nicolas Terry, Kris Hauser, M.L. Cummings

Richmond Journal of Law & Technology

Some of the most dynamic areas of robotics research and development today are healthcare applications. Robot-assisted surgery, robotic nurses, in-home rehabilitation, and eldercare robots' are all demonstrating rapidly iterating innovation. Rising healthcare labor costs and an aging population will increase demand for these human surrogates and enhancements. However, like many emerging technologies, robots are difficult to place within existing regulatory frameworks. For example, the federal Food, Drug, and Cosmetic Act (FD&C Act) seeks to ensure that medical devices (few of which are consumer devices) are safe, the HIPAA Privacy and Security Rules apply to data collected by health care providers …

Need For Informed Consent In The Age Of Ubiquitous Human Testing, Caitlyn Kuhs

Loyola of Los Angeles Law Review

No abstract provided.

Protecting Personal Information: Achieving A Balance Between User Privacy And Behavioral Targeting, Patrick Myers

University of Michigan Journal of Law Reform

Websites and mobile applications provide immeasurable benefits to both users and companies. These services often collect vast amounts of personal information from the individuals that use them, including sensitive details such as Social Security numbers, credit card information, and physical location. Personal data collection and dissemination leave users vulnerable to various threats that arise from the invasion of their privacy, particularly because users are often ignorant of the existence or extent of these practices. Current privacy law does not provide users with adequate protection from the risks attendant to the collection and dissemination of their personal information. This Note advocates …

Data Privacy Regulation In The Age Of Smartphones, Matthew Hettrich

Touro Law Review

No abstract provided.

The Intel And Microsoft Settlements, Robert H. Lande

All Faculty Scholarship

This article briefly compares and contrasts the recent U.S. Federal Trade Commission's antitrust settlement with Intel, and the antitrust cases brought against Microsoft. The article praises the FTC's settlement with Intel, and predicts that history will judge it very favorably compared to the settlement by the U.S. Department of Justice of its antitrust case against Microsoft.

Ftc V. Intel: Applying The "Consumer Choice" Framework To "Pure" Section 5 Allegations, Robert H. Lande

All Faculty Scholarship

This short article analyzes the "pure" Section 5 allegations in the recent FTC complaint against Intel. It first shows that Section 5 of the Federal Trade Commission Act is more encompassing than the Sherman Act and why this breath is in the public interest. It next analyzes allegations from the Intel Complaint, showing why each appears to be in the public interest yet might not be permitted by the Sherman Act. It also discusses other advantages that would arise if these charges were litigated under Section 5 rather than the Sherman Act.

The article notes assertions by Intel and others …

“Medical” Monitoring For Non-Medical Harms: Evaluating The Reasonable Necessity Of Measures To Avoid Identity Fraud After A Data Breach, James Graves

Richmond Journal of Law & Technology

In July 2005, “reformed” hacker Albert Gonzalez noticed an insecure wireless network at a Marshalls department store in Miami. After exploiting the vulnerability, Gonzalez and his accomplices installed programs that captured credit card numbers. They stored the credit card numbers on servers in Latvia and Ukraine, created ATM cards using some of the numbers, and used those cards to withdraw hundreds of thousands of dollars in cash. Fifteen months later, Marshalls’ parent company, TJX, announced that forty-five million of its customers’ credit card numbers had been exposed to the thieves.

Antitrust Enfocement And High-Technology Markets, William J. Baer, David A. Balto

Michigan Telecommunications & Technology Law Review

Although the antitrust laws apply to all industries, the application must be tempered in each case by the myriad ways in which competition can be modified by structural, behavioral, technological, regulatory, and other characteristics. The Commission applies the antitrust laws with sensitivity to the special characteristics of high-tech industries and of intellectual property, but also with the recognition that--as in other industries--competition plays an important role in spurring innovation and in spreading the benefits of that innovation to consumers. This focus is not new. This balanced approach has roots that go back at least to the 1977 Antitrust Guide to …