Law Commons^™

Data Is What Data Does: Regulating Based On Harm And Risk Instead Of Sensitive Data, Daniel J. Solove

Northwestern University Law Review

Heightened protection for sensitive data is becoming quite trendy in privacy laws around the world. Originating in European Union (EU) data protection law and included in the EU’s General Data Protection Regulation, sensitive data singles out certain categories of personal data for extra protection. Commonly recognized special categories of sensitive data include racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, health, sexual orientation and sex life, and biometric and genetic data.

Although heightened protection for sensitive data appropriately recognizes that not all situations involving personal data should be protected uniformly, the sensitive data approach is …

Data Privacy Regulations In The United States, China, And The European Union, Charlsey A. Kelly

Honors College Theses

This paper compares and discusses the different data privacy regulations found in the United States, China, and the European Union. It is no secret that big tech companies like Facebook and Google continuously collect data on their users. The big question is what protections and rights one has as a consumer. The answer to this question differs when you are in different parts of the world. Currently the United States does not have a federal data privacy law, China recently adopted a new data privacy law called the Personal Information Protection Law, and the European Union has a data privacy …

The Anomaly That Is Privacy: Data Privacy Concerns Related To The Rise Of Microchip Implants In Humans, Kendra Lobban

Catholic University Journal of Law and Technology

No abstract provided.

A Proportionality-Based Framework For Government Regulation Of Digital Tracing Apps In Times Of Emergency, Sharon Bassan

Dickinson Law Review (2017-Present)

Times of emergency present an inherent conflict between the public interest and the preservation of individual rights. Such times require granting emergency powers to the government on behalf of the public interest and relaxing safeguards against government actions that infringe rights. The lack of theoretical framework to assess governmental decisions in times of emergency leads to a polarized and politicized discourse about potential policies, and often, to public distrust and lack of compliance.

Such a discourse was evident regarding Digital Tracing Apps (“DTAs”), which are apps installed on cellular phones to alert users that they were exposed to people who …

Symposium: The California Consumer Privacy Act, Margot Kaminski, Jacob Snow, Felix Wu, Justin Hughes

Publications

This symposium discussion of the Loyola of Los Angeles Law Review focuses on the newly enacted California Consumer Privacy Act (CPPA), a statute signed into state law by then-Governor Jerry Brown on June 28, 2018 and effective as of January 1, 2020. The panel was held on February 20, 2020.

The panelists discuss how businesses are responding to the new law and obstacles for consumers to make effective use of the law’s protections and rights. Most importantly, the panelists grapple with questions courts are likely to have to address, including the definition of personal information under the CCPA, the application …

Humans Forget, Machines Remember: Artificial Intelligence And The Right To Be Forgotten, Tiffany Li, Eduard Fosch Villaronga, Peter Kieseberg

Faculty Scholarship

To understand the Right to be Forgotten in context of artificial intelligence, it is necessary to first delve into an overview of the concepts of human and AI memory and forgetting. Our current law appears to treat human and machine memory alike – supporting a fictitious understanding of memory and forgetting that does not comport with reality. (Some authors have already highlighted the concerns on the perfect remembering.) This Article will examine the problem of AI memory and the Right to be Forgotten, using this example as a model for understanding the failures of current privacy law to reflect the …

Pii In Context: Video Privacy And A Factor-Based Test For Assessing Personal Information, Daniel L. Macioce Jr.

Pepperdine Law Review

As a central concept in American information privacy law, personally identifiable information (PII) plays a critical role in determining whether a privacy violation has occurred. Under the Video Privacy Protection Act of 1988 (VPPA), PII “includes information which identifies a person as having requested or obtained specific video materials or services.” Despite the clarity that these words may have when the Statute was enacted, the line separating PII from non-PII in the context of streaming video is not easily drawn, in part due to the prevalence of behavior tracking technologies and the emergence of “big data” analytics. The First Circuit, …

An Economic Analysis Of The Law Surrounding Data Aggregation In Cyberspace, Johnathan M. H. Short

Maine Law Review

The emergence of technological advances has traditionally created new and unique legal problems. The solutions to counter these problems are often drawn from our legal traditions and adapted to an ever-modernizing world. However, as Professor Coase opined at the dawn of the communication technology revolution, “lawyers and economists should not be so overwhelmed by the emergence of new technologies as to change the existing legal and economic system without first making quite certain that this is required.” Examination and reflection, in other words, is paramount to instituting a sound legal framework to encompass developing legal problems in technology. This Article …

The Inadequate, Invaluable Fair Information Practices, Woodrow Hartzog

Faculty Scholarship

For the past thirty years, the general advice for those seeking to collect, use, and share people’s personal data in a responsible way was relatively straightforward: follow the fair information practices, often called the “FIPs.” These general guidelines were designed to ensure that data processors are accountable for their actions and that data subjects are safe, secure, and endowed with control over their personal information. The FIPs have proven remarkably sturdy against the backdrop of near-constant technological change. Yet in the age of social media, big data, and artificial intelligence, the FIPs have been pushed to their breaking point. We …

An Expressive Theory Of Privacy Intrusions, Craig Konnoth

Publications

The harms of privacy intrusions are numerous. They include discrimination, reputational harm, and chilling effects on speech, thought, and behavior. However, scholarship has yet to fully recognize a kind of privacy harm that this article terms "expressive."

Depending on where the search is taking place and who the actors involved are--a teacher in a school, the police on the street, a food inspector in a restaurant--victims and observers might infer different messages from the search. The search marks the importance of certain societal values such as law enforcement or food safety. It can also send messages about certain groups by …

Chapter Two: Privacy, Tracy Mitrano

Tracy Mitrano

The Privacy Policymaking Of State Attorneys General, Danielle Keats Citron

Faculty Scholarship

No abstract provided.

Data Breaches And Privacy Law: Lawyers’ Challenges In Handling Personal Information, Charlotte Duc-Bragues

Cornell Law School J.D. Student Research Papers

Sharing personal information with a lawyer potentially represents the greatest source of vulnerability for an individual. Since the first major security breach in 2005, law firms have been pressed both by public authorities and clients to take action in order to protect confidential information from potential harmful breaches.

This paper seeks to provide an overview of the challenges faced by lawyers in handling personal information with regard to potential security breaches. The aim is to analyze this issue through the focal of privacy law; statistics on security breaches and tools to prevent this phenomenon, extensively studied in class, are given …

Law As An Ally Or Enemy In The War On Cyberbullying: Exploring The Contested Terrain Of Privacy And Other Legal Concepts In The Age Of Technology And Social Media, A. Wayne Mackay

Articles, Book Chapters, & Popular Press

This article focuses on the role and limits of law as a response to cyberbullying. The problem of cyberbullying engages many of our most fundamental legal concepts and provides an interesting case study. Even when there is general agreement that the problem merits a legal response, there are significant debates about what that response should be. Which level and what branch of government can and should best respond? What is the most appropriate legal process for pursuing cyberbullies—traditional legal avenues or more creative restorative approaches? How should the rights and responsibilities of perpetrators, victims and even bystanders be balanced? Among …

Cybercrime, Ronald C. Griffin

Journal Publications

This essay recounts campaigns against privacy; the fortifications erected against them; and hi-jinx attributable to hackers, crackers, and miscreants under the Fair Credit Reporting Act.

The Law Of Privacy In Canada (Student Edition) By Barbara A. Mcisaac, Rick Shields, Kris Klein (Toronto: Thomson Carswell, 2004), John D. Gregory

Canadian Journal of Law and Technology

To help lawyers advise their clients on their rights and obligations in this complex and novel field, the various legal publishers have offered an array of guides and textbooks analyzing the law of privacy. Thomson/Carswell turned for its book to the national law firm of McCarthy Tétrault. Three McCarthy lawyers (Barbara McIsaac, Rick Shields, and Kris Klein) are listed as authors of The Law of Privacy in Canada, and several others have contributed significant parts of the text, and they have done a creditable job in pulling it all together. It seems to be the only thorough and up-to-date analysis …

Book Review: Privacy Law In Canada By Colin H.H. Mcnairn And Alexander K. Scott, Anne Mussett

Canadian Journal of Law and Technology

Privacy Law in Canada is a 360-page work that broadly covers legislation at both the federal and provin- cial level, and criminal and civil liability for privacy intru- sions in the context of case law from across Canada. Particular focus is given to privacy issues associated with the workplace, personal health information, technolog- ical surveillance, and protecting consumers and debtors. The authors take a practical approach in examining chal- lenging questions, such as whether a consumer’s consent is required to obtain a credit report; disclosure of med- ical information; monitoring an employee’s computer use and voice mail; how the PIPEDA …

From Subway Stations To The Information Superhighway: Compliance Strategies For Musicians To Avoid The Worldwide Entanglement Of Privacy Laws, Yvenne M. King

Vanderbilt Journal of Entertainment & Technology Law

In light of the fact that operating a website raises many complex legal issues covering numerous areas of law, this Article focuses on one area that musicians, as website owners, should address: their potential liability for third-party claims based upon violation of consumer privacy laws. This Article first discusses the importance for musician website operators of protecting consumers' privacy rights. Second, it addresses the need to establish a "global privacy compliance plan" to limit musicians' legal liabilities. Finally, it explains how musicians can go about creating such a plan by developing "minimum guidelines" and "privacy practices." ... For purposes of …

At The Intersection Of Visible And Invisable Worlds: United States Privacy Law And The Internet, Dorothy J. Glancy

Faculty Publications

The purpose of this essay is to consider some characteristics ofUnited States privacy law that contribute to the obscurity of many intersections between the Internet and privacy law. This discussion is not an exhaustive catalogue of all of the ways in which United States privacy law may apply to Internet activities. Nor is it intended to be
an evaluation of the effectiveness of this privacy law. Rather, the point here is to explore why the application of privacy law to the Internet is a matter of considerable complexity and some uncertainty.
The focus is on certain characteristics of privacy law …

The Establishment Of A U.S. Federal Data Protection Agency To Define And Regulate Internet Privacy And Its Impact On U.S.-China Relations: Marco Polo Where Are You?, Omar Saleem

Journal Publications

Marco Polo's desire to explore new worlds and exchange both ideas and goods should be the impetus behind the Internet. The Internet is the global economic network of the new millennium. This Article first discusses the factors that have caused both the reevaluation of Western notions of privacy, and consideration of the establishment of a Federal Data Protections Agency. Next, the article discusses the EU's approach to regulating Internet privacy. This section is followed by a discussion of why the U.S. and EU approaches to Internet privacy regulation must be implemented from a global, or MarcoPolo-like perspective. The article then …