Law Commons^™

The Limitations Of Privacy Rights, Daniel J. Solove

Notre Dame Law Review

Individual privacy rights are often at the heart of information privacy and data protection laws. The most comprehensive set of rights, from the European Union’s General Data Protection Regulation (GDPR), includes the right to access, right to rectification (correction), right to erasure (deletion), right to restriction, right to data portability, right to object, and right to not be subject to automated decisions. Privacy laws around the world include many of these rights in various forms.

In this Article, I contend that although rights are an important component of privacy regulation, rights are often asked to do far more work than …

Privacy Qui Tam, Peter Ormerod

Notre Dame Law Review

Privacy law keeps getting stronger, but surveillance-based businesses have proven immune to these new legal regimes. The disconnect between privacy law in theory and in practice is a multifaceted problem, and one critical component is enforcement.

Today, most privacy laws are enforced by governmental regulators—the Federal Trade Commission, the nascent California Privacy Protection Agency, and state attorneys general. An enduring impasse for proposed privacy laws is whether to supplement public enforcement by using a private right of action to authorize individuals to enforce the law.

Both of these conventional enforcement schemes have significant shortcomings. Public enforcement has proven inadequate because …

Uncertain Terms, Leah R. Fowler, Jim Hawkins, Jessica L. Roberts

Notre Dame Law Review

Health apps collect massive amounts of sensitive consumer data, including information about users’ reproductive lives, mental health, and genetics. As a result, consumers in this industry may shop for privacy terms when they select a product. Yet our research reveals that many digital health tech companies reserve the right to unilaterally amend their terms of service and their privacy policies. This ability to make one-sided changes undermines the market for privacy, leaving users vulnerable. Unfortunately, the current law generally tolerates unilateral amendments, despite fairness and efficiency concerns. We therefore propose legislative, regulatory, and judicial solutions to better protect consumers of …

The Impact Of Schrems Ii: Next Steps For U.S. Data Privacy Law, Andraya Flor

Notre Dame Law Review

Schrems II invalidated Privacy Shield because the court found that it did not provide an “essentially equivalent” level of protection compared to the guarantees of the GDPR. The National Security Agency (NSA) operated surveillance programs that had the potential to infringe on the rights of EU subjects, and there was a lack of oversight and effective judicial remedies to protect rights of EU data subjects, which undermined Privacy Shield as a mechanism for data transfers. This Note sets aside the surveillance and national security issue, which would require resolution through a shift in overall U.S. national security law, and instead …

Going Rogue: Mobile Research Applications And The Right To Privacy, Stacey A. Tovino

Notre Dame Law Review

This Article investigates whether nonsectoral state laws may serve as a viable source of privacy and security standards for mobile health research participants and other health data subjects until new federal laws are created or enforced. In particular, this Article (1) catalogues and analyzes the nonsectoral data privacy, security, and breach notification statutes of all fifty states and the District of Columbia; (2) applies these statutes to mobile-app-mediated health research conducted by independent scientists, citizen scientists, and patient researchers; and (3) proposes substantive amendments to state law that could help protect the privacy and security of all health data subjects, …

A New Third-Party Doctrine: The Telephone Metadata Program And Carpenter V. United States, Mary-Kathryn Takeuchi

Notre Dame Law Review

This Note will answer the question of whether bulk metadata collection is still defensible under the third-party doctrine. It ultimately concludes that Chief Justice Roberts incorrectly asserted that Carpenter v. United States will not impact the application of the third-party doctrine to collection techniques involving national security, and that the warrantless collection of bulk metadata under the Foreign Intelligence Surveillance Act is no longer defensible by the third-party doctrine. In Section I.A, this Note discusses traditional Fourth Amendment jurisprudence in Katz v. United States and the establishment of the third-party doctrine as a bright-line rule in United States v. Miller …

A Repeated Call For Omnibus Federal Cybersecurity Law, Carol Li

Notre Dame Law Review

In Part I, this Note discusses the concerning regularity of high-profile data breaches that have occurred within the United States’ weak and patchwork landscape of cybersecurity law. Part II discusses the challenges companies face when attempting to comply with the current cybersecurity law, and why companies who are deemed compliant are still falling victim to hackers and data breaches. Part III makes a call for federal legislation to replace the current, inadequate, fragmented, and uneven landscape of cybersecurity law. Part IV discusses numerous factors and incentives to consider in creating an omnibus federal cybersecurity law. Finally, Part V offers some …

Marketplace Of Ideas, Privacy, And The Digital Audience, Alexander Tsesis

Notre Dame Law Review

The availability of almost limitless sets of digital information has opened a vast marketplace of ideas. Information service providers like Facebook and Twitter provide users with an array of personal information about products, friends, acquaintances, and strangers. While this data enriches the lives of those who share content on the internet, it comes at the expense of privacy.

Social media companies disseminate news, advertisements, and political messages, while also capitalizing on consumers’ private shopping, surfing, and traveling habits. Companies like Cambridge Analytica, Amazon, and Apple rely on algorithmic programs to mash up and scrape enormous amounts of online and otherwise …

The Privacy Policymaking Of State Attorneys General, Danielle Keats Citron

Notre Dame Law Review

Much as Justice Louis Brandeis imagined states as laboratories of the law, offices of state attorneys general have been laboratories of privacy enforcement. State attorneys general have been nimble privacy enforcers whereas federal agencies have been more constrained by politics. Local knowledge, specialization, multistate coordination, and broad legal authority have allowed AG offices to fill in gaps in the law. State attorneys general have established baseline fair-information protections and expanded the frontiers of privacy law to cover sexual intimacy and youth. Their efforts have reinforced and strengthened federal norms, further harmonizing certain aspects of privacy and data security policy.

Although …

Police Body-Worn Camera Policy: Balancing The Tension Between Privacy And Public Access In State Law, Kyle J. Maury

Notre Dame Law Review

Body camera implementation remains in its infancy stage. As such,

there is a dearth of legal scholarship analyzing the policy considerations associated

with body cameras. Instead of raising the issues involved and assessing

arguments for and against implementation, this Note assumes body cameras

are a force for good and are here to stay for the long haul. Consequently, the

goal of this Note is to analyze various issues involved in administering body

cameras against a backdrop of recently enacted state legislation—focusing

specifically on the tension between protecting privacy interests while also

ensuring public access to recordings. This Note examines these …

Unilateral Invasions Of Privacy, Roger Allan Ford

Notre Dame Law Review

Most people seem to agree that individuals have too little privacy, and most proposals to address that problem focus on ways to give those users more information about, and more control over, how information about them is used. Yet in nearly all cases, information subjects are not the parties who make decisions about how information is collected, used, and disseminated; instead, outsiders make unilateral decisions to collect, use, and disseminate information about others. These potential privacy invaders, acting without input from information subjects, are the parties to whom proposals to protect privacy must be directed. This Article develops a theory …

Privacy And Markets: A Love Story, Ryan Calo

Notre Dame Law Review

After defining terms, Part I lays out the law and economics case against privacy, including its basis in economic thought more generally. Part II canvasses the literature responding to economic skepticism in the privacy law literature. Some scholars mount an insider critique, accepting the basic tenets of economics but suggesting that privacy actually increases efficiency in some contexts, or else noting that markets themselves will yield privacy under the right conditions. Others critique economic thinking from the outside. Markets “unravel” privacy by penalizing it, degrade privacy by treating it as just another commodity, or otherwise interfere with the values or …

Whose Line Is It Anyway? Probable Cause And Historical Cell Site Data, Megan L. Mckeown

Notre Dame Law Review

This Note argues that the “specific and articulable facts” standard does not accord with the intent of the drafters of the Fourth Amendment to protect individuals’ reasonable expectation of privacy. Although allowing the government access to historical cell site data to use as evidence in a criminal proceeding aids law enforcement, legislators must recognize the risks that flow from allowing the government to retrieve cell phone location information without probable cause. At least one study suggests that the public is losing confidence in their ability to control personal information, ultimately creating public discomfort with and suspicion of government surveillance. If …

Online Terms Of Service: A Shield For First Amendment Scrutiny Of Government Action, Jacquelyn E. Fradette

Notre Dame Law Review

Part I of this Note will canvas popular opinions and perceptions about First Amendment rights on the Internet using examples of public outcry over recent instances of speech limitation. It will also discuss the state action doctrine generally and how the presence of this doctrine most likely renders certain popular public constitutional intuitions about the First Amendment erroneous.

Part II will provide an overview of how courts have taken an expansive and protective view of private ordering between online parties. It will discuss how courts have developed a robust freedom to contract jurisprudence in the Internet context. Because courts essentially …

An Argument Against Open-File Discovery In Criminal Cases, Brian P. Fox

Notre Dame Law Review

This Note argues that, for the most part, open-file discovery proponents fail to recognize the added burden that defense counsel would face under a regime in which all items of the prosecution’s evidence are available for investigation by the defense. This is particularly true in the eighty to ninety percent of criminal cases where the defendant is indigent, and the court appointed defense counsel is operating under strict resource constraints.

This Note also argues that advocates of open-file discovery fail to recognize that in the majority of cases involving prosecutorial misconduct, the prosecutor’s intentional wrongdoing will be sufficient to overshadow …