Law Commons^™

Promoting Innovation While Preventing Discrimination: Policy Goals For The Scored Society, Danielle K. Citron, Frank Pasquale

Faculty Scholarship

There are several normative theories of jurisprudence supporting our critique of the scored society, which complement the social theory and political economy presented in our 2014 article on that topic in the Washington Law Review. This response to Professor Tal Zarsky clarifies our antidiscrimination argument while showing that is only one of many bases for the critique of scoring practices. The concerns raised by Big Data may exceed the capacity of extant legal doctrines. Addressing the potential injustice may require the hard work of legal reform.

Deconstructing The Relationship Between Privacy And Security [Viewpoint], Gregory Conti, Lisa A. Shay, Woodrow Hartzog

Faculty Scholarship

From a government or law-enforcement perspective, one common model of privacy and security postulates that security and privacy are opposite ends of a single continuum. While this model has appealing properties, it is overly simplistic. The relationship between privacy and security is not a binary operation in which one can be traded for the other until a balance is found. One fallacy common in privacy and security discourse is that trade-offs are effective or even necessary. Consider the remarks of New York Police Department Commissioner Ray Kelly shortly after the Boston Marathon bombing, “I'm a major proponent of cameras. I …

Criminalizing Revenge Porn, Danielle K. Citron, Mary Anne Franks

Faculty Scholarship

Violations of sexual privacy, notably the non-consensual publication of sexually graphic images in violation of someone's trust, deserve criminal punishment. They deny subjects' ability to decide if and when they are sexually exposed to the public and undermine trust needed for intimate relationships. Then too they produce grave emotional and dignitary harms, exact steep financial costs, and increase the risks of physical assault. A narrowly and carefully crafted criminal statute can comport with the First Amendment. The criminalization of revenge porn is necessary to protect against devastating privacy invasions that chill self-expression and ruin lives.

Metadata: Piecing Together A Privacy Solution, Chris Conley

Faculty Scholarship

Imagine the government is constantly monitoring you — keeping track of every person you call or email, every place you go, everything you buy, and more — all without getting a warrant. And when you challenge them, they claim you have no right to expect this kind of information to be private. Besides, they’re not actually listening to what you say or reading what you write, so what’s the big deal anyhow?

Unfortunately, this scenario is more real than imaginary. Government agencies ranging from the NSA to local police departments have taken advantage of weak or uncertain legal protections for …

The Ftc And The New Common Law Of Privacy, Daniel J. Solove, Woodrow Hartzog

Faculty Scholarship

One of the great ironies about information privacy law is that the primary regulation of privacy in the United States has barely been studied in a scholarly way. Since the late 1990s, the Federal Trade Commission (FTC) has been enforcing companies’ privacy policies through its authority to police unfair and deceptive trade practices. Despite over fifteen years of FTC enforcement, there is no meaningful body of judicial decisions to show for it. The cases have nearly all resulted in settlement agreements. Nevertheless, companies look to these agreements to guide their privacy practices. Thus, in practice, FTC privacy jurisprudence has become …

The Ftc And Privacy And Security Duties For The Cloud, Daniel J. Solove

Faculty Scholarship

Third-party data service providers, especially providers of cloud computing services, present unique and difficult privacy and data security challenges. While many companies that directly collect data from consumers are bound by the promises they make to individuals in their privacy policies, cloud service providers are usually not a part of this arrangement. It is not entirely clear what, if any, obligations cloud service providers have to protect the data of individuals with whom they have no contractual relationship. This problem is especially acute because many institutions sharing personal data with cloud service providers fail to include significant privacy and security …

Reviving Implied Confidentiality, Woodrow Hartzog

Faculty Scholarship

The law of online relationships has a significant flaw-it regularly fails to account for the possibility of an implied confidence. The established doctrine of implied confidentiality is, without explanation, almost entirely absent from online jurisprudence in environments where it has traditionally been applied offline, such as with sensitive data sets and intimate social interactions.

Courts' abandonment of implied confidentiality in online environments should have been foreseen. The concept has not been developed enough to be consistently applied in environments such as the Internet that lack obvious physical or contextual cues of confidence. This absence is significant because implied confidentiality could …

The Value Of Modest Privacy Protections In A Hyper Social World, Woodrow Hartzog

Faculty Scholarship

Two of the greatest modem challenges to protecting personal information are determining how to protect information that is already known by many and how to create an adequate remedy for privacy harms that are opaque, remote, or cumulative. Both of these challenges are front and center for those who seek to protect socially shared information. Social media and wearable communication technologies like Google Glass present vexing questions about whether information that is known by many can ever be "private," what the privacy harm might be from this information's misuse, and how to remedy such harms in balance with competing values …

Rethinking Online Privacy In Canada: Commentary On Voltage Pictures V. John And Jane Doe, Ngozi Okidegbe

Faculty Scholarship

This article problematizes the use of the bona fide case standard as the legal standard for a court to order a third party Internet Service Provider ("ISP") to disclose subscriber information to a copyright owner in online piracy cases. It argues that ISP account holders have a reasonable expectation of privacy in their subscriber information. It contends that the current bona fide case standard affords a relatively low threshold of protection for Internet users’ subscriber information. The reason for which the article takes this position is that the bona fide case standard can be met solely by IP address evidence, …