Law Commons^™

Keep Your Fingerprints To Yourself: New York Needs A Biometric Privacy Law, Brendan Mcnerney

St. John's Law Review

(Excerpt)

Imagine walking into a store, picking something up, and just walking out. No longer is this shoplifting, it is legal. In 2016, Amazon introduced their “Just Walk Out” technology in Seattle. “Just Walk Out” uses cameras located throughout the store to monitor shoppers, document what they pick up, and automatically charge that shoppers’ Amazon account when they leave the store. Recently, Amazon started selling “Just Walk Out” technology to other retailers. Since then, retailers have become increasingly interested in collecting and using customers’ “biometric identifiers and information.” Generally, “biometrics” is used to refer to “measurable human biological and behavioral …

Closing The Data Gap: Protecting Biometric Information Under The Biometric Information Privacy Act And The California Consumer Protection Act, Eva-Maria Ghelardi

St. John's Law Review

(Excerpt)

Between May and June of 2014, Stacy Rosenbach bought her son, Alexander, a Six Flags season pass online. She submitted Alexander’s personal information and read that Alexander would complete the sign-up process at the park. No details described what the sign-up process would entail.

After showing his online receipt at Six Flags, Alexander was brought to an office to provide the customary thumb scan. Alexander’s thumb scan, along with the season pass card, was required to permit him to enter the various rides. He was not given any information about how his thumb scan would be stored or used …

Protecting Consumers In The Age Of The Internet Of Things, Nicole Smith

St. John's Law Review

(Excerpt)

IoT devices are an ever-increasing force of nature in our daily lives. They provide a multitude of essential benefits that we as a society have come to rely on. Thus, IoT devices are likely to continue to become irreplaceable tools. With the many benefits that these devices bring, they also bring a vast array of privacy and security issues that our society has not had to face until recently. Because of the new and prevalent risks associated with the IoT and because of the increasing harms to consumers, it is time for Congress to enact an IoT-specific data privacy …

Dna Is Different: An Exploration Of The Current Inadequacies Of Genetic Privacy Protection In Recreational Dna Databases, Jamie M. Zeevi

St. John's Law Review

(Excerpt)

Part I of this Note discusses the fundamental science behind DNA and defines and explains the process of familial DNA searching. Part I also discusses how Carpenter v. United States provides a framework to begin thinking about the unique nature of DNA and privacy implications for its use, and why the revealing nature of this type of data warrants protection. Part II of this Note delves into the lack of constitutional and statutory protections for DNA in recreational DNA databases. First, Part II explains that traditional Fourth Amendment concepts, like search warrants, probable cause, reasonable expectation of privacy, third-party …

The (Possibly) Injured Consumer: Standing In Data Breach Litigation, Lauren M. Lozada

St. John's Law Review

(Excerpt)

This Note will address the question of what factors a prospective plaintiff must display to “push [a] threatened injury of future identity theft beyond the speculative to the sufficiently imminent.” Part I will delve into relevant statistics to identify the characteristics of a data breach that most often lead to eventual identity theft. Part II will explore recent data breach standing cases and analyze the factual differences and legal perspectives that have led to disparate results among the federal circuits. Lastly, Part III will recommend a method for evaluating future data breach standing issues.

Stingray Cell-Site Simulator Surveillance And The Fourth Amendment In The Twenty-First Century: A Review Of The Fourth Amendment In An Age Of Surveillance, And Unwarranted, Harvey Gee

St. John's Law Review

(Excerpt)

This Review discusses two timely and insightful books examining the changing relationship between privacy and the Fourth Amendment in the digital era. Part I discusses the tensions between the need to protect privacy rights and the slowly evolving legal landscape during a time of rapidly changing technology, to introduce David Gray’s The Fourth Amendment in an Age of Surveillance. His book explains how the Fourth Amendment, though embattled, can have a prominent role in twenty-first century discussions of privacy, technology, and surveillance. Gray’s analysis is engaged to broaden the conversation about Stingray technology. This section analyzes a sampling of …

Unlimited Data Search Plan: Warrantless Border Search Of Mobile Device Data Likely Unconstitutional For Violating The Fundamental Right To Informational Privacy, Atanu Das

St. John's Law Review

(Excerpt)

Part I of this Article discusses a case in which a United States citizen was subject to an unconstitutional warrantless border search of his mobile device data. Part II explains the history and current state of Supreme Court jurisprudence of the border search exception doctrine. Part III explains the way in which Supreme Court jurisprudence finds the right to informational privacy for mobile device data to be a fundamental right. Part IV discusses the reluctance of some legal commentators to find that a governmental intrusion on the right to informational privacy is subject to strict scrutiny. Part V finds …

It's Nothing Personal: Why Existing State Laws On Point-Of-Sale Consumer Data Collection Should Be Replaced With A Federal Standard, Kate Mirino

St. John's Law Review

(Excerpt)

Accordingly, this Note proposes a contemporary-minded federal solution to preempt and standardize the various, outmoded state approaches in this field. Part I engages in a historical overview of the development of information privacy law in the United States. Part II provides a summary and comparison of the existing state rules at play. Part III discusses the negative consequences—both to consumers and to businesses—of inconsistent regulation in this area, and explains why a federal solution is necessary. Part IV outlines the parameters of the federal regulation proposed by this Note.

Protecting Personal Data: A Model Data Security And Breach Notifications Statute, Michael Bloom

St. John's Law Review

(Excerpt)

This Note argues that current law is inadequate to protect consumers in light of the prevalence and severity of data breaches in recent years, and that a unifying federal legislation combining portions of state law and the DSBNA should be enacted. Part I of this Note analyzes the DSBNA for notification requirements when data breaches occur, the requirements for the implementation of security policies, regulatory mechanisms for monitoring compliance with these requirements, and criminal penalties for failing to comply. Part II summarizes the various state laws that exist for notification of data breaches. Part III proposes a model federal …

Tactful Inattention: Erving Goffman, Privacy In The Digital Age, And The Virtue Of Averting One's Eyes, Elizabeth De Armond

St. John's Law Review

(Excerpt)

This Article suggests that we would benefit if we would protect privacy by sometimes requiring tactful inattention by potential users rather than total secrecy by the target. That is, some legal privacy protections should stop emphasizing secrecy and instead emphasize the appropriate uses of personally identifiable and often sensitive information by gelling tactful inattention into legal standards. Culturally, such an expansion may be difficult, as we tend to a “finders-keepers” attitude towards data. However, given technology’s ability to dissolve routine barriers, if we require others to leave some information out of some equations, we may be able to retain …

Of Third-Party Bathwater: How To Throw Out The Third-Party Doctrine While Preserving Government's Ability To Use Secret Agents, Amy L. Peikoff

St. John's Law Review

(Excerpt)

In Part I of this Article, I discuss the third-party doctrine, including its history, the types of cases to which it has been applied, and arguments in favor of and against it, with particular focus on Orin Kerr's defense of the doctrine. In Part II, I propose an alternative-and, I think, better-way of dealing with cases typically thought to fall under this doctrine. My proposal, as we will see, rests upon the model for the legal protection of privacy that I have elucidated and defended in prior articles: a model based on our rights to property and contract. Finally, …