Law Commons^™

Privacy Nicks: How The Law Normalizes Surveillance, Woodrow Hartzog, Evan Selinger, Johanna Gunawan

Faculty Scholarship

Privacy law is failing to protect individuals from being watched and exposed, despite stronger surveillance and data protection rules. The problem is that our rules look to social norms to set thresholds for privacy violations, but people can get used to being observed. In this article, we argue that by ignoring de minimis privacy encroachments, the law is complicit in normalizing surveillance. Privacy law helps acclimate people to being watched by ignoring smaller, more frequent, and more mundane privacy diminutions. We call these reductions “privacy nicks,” like the proverbial “thousand cuts” that lead to death.

Privacy nicks come from the …

Toward Stronger Data Protection Laws, Margot E. Kaminski

Publications

No abstract provided.

Persistent Surveillance, Andrew Guthrie Ferguson

Articles in Law Reviews & Other Academic Journals

Persistent surveillance technologies grant police vast new investigative capabilities. The technologies both monitor targeted areas and generate databases of searchable information about people, places, and patterns that can be connected and accessed for criminal prosecutions.

In the face of this growing police surveillance, courts have struggled to make sense of a fragmented Fourth Amendment doctrine. The Supreme Court has offered some clues that “digital may be different” when it comes to surveillance, but lower courts have been left struggling to apply old law to new technologies. Warrantless use of persistent surveillance technologies raises hard questions about when a “search” occurs …

Requiring What’S Not Required: Circuit Courts Are Disregarding Supreme Court Precedent And Revisiting Officer Inadvertence In Cyberlaw Cases, Michelle Zakarin

Scholarly Works

As the age of technology has taken this country by surprise and left us with an inability to formally prepare our legal system to incorporate these advances, many courts are forced to adapt by applying pre-technology rules to new technological scenarios. One illustration is the plain view exception to the Fourth Amendment. Recently, the issue of officer inadvertence at the time of the search, a rule that the United States Supreme Court has specifically stated is not required in plain view inquiries, has been revisited in cyber law cases. It could be said that the courts interested in the existence …

The Surprising Virtues Of Data Loyalty, Woodrow Hartzog, Neil M. Richards

Faculty Scholarship

Lawmakers in the United States and Europe are seriously considering imposing duties of data loyalty that implement ideas from privacy law scholarship, but critics claim such duties are unnecessary, unworkable, overly individualistic, and indeterminately vague. This paper takes those criticisms seriously, and its analysis of them reveals that duties of data loyalty have surprising virtues. Loyalty, it turns out, can support collective well-being by embracing privacy’s relational turn; it can be a powerful state of mind for reenergizing privacy reform; it prioritizes human values rather than potentially empty formalism; and it offers solutions that are flexible and clear rather than …

Legislating Data Loyalty, Woodrow Hartzog, Neil Richards

Faculty Scholarship

Lawmakers looking to embolden privacy law have begun to consider imposing duties of loyalty on organizations trusted with people’s data and online experiences. The idea behind loyalty is simple: organizations should not process data or design technologies that conflict with the best interests of trusting parties. But the logistics and implementation of data loyalty need to be developed if the concept is going to be capable of moving privacy law beyond its “notice and consent” roots to confront people’s vulnerabilities in their relationship with powerful data collectors.

In this short Essay, we propose a model for legislating data loyalty. Our …

Periods For Profit And The Rise Of Menstrual Surveillance, Michele E. Gilman

All Faculty Scholarship

Menstruation is being monetized and surveilled, with the voluntary participation of millions of women. Thousands of downloadable apps promise to help women monitor their periods and manage their fertility. These apps are part of the broader, multi-billion dollar, Femtech industry, which sells technology to help women understand and improve their health. Femtech is marketed with the language of female autonomy and feminist empowerment. Despite this rhetoric, Femtech is part of a broader business strategy of data extraction, in which companies are extracting people’s personal data for profit, typically without their knowledge or meaningful consent. Femtech can oppress menstruators in several …

Chinese Technology Platforms Operating In The United States: Assessing The Threat (Originally Published As A Joint Report Of The National Security, Technology, And Law Working Group At The Hoover Institution At Stanford University And The Tech, Law & Security Program At American University Washington College Of Law), Gary Corn, Jennifer Daskal, Jack Goldsmith, Chris Inglis, Paul Rosenzweig, Samm Sacks, Bruce Schneier, Alex Stamos, Vincent Stewart

Joint PIJIP/TLS Research Paper Series

No abstract provided.

Law Library Blog (January 2021): Legal Beagle's Blog Archive, Roger Williams University School Of Law

Law Library Newsletters/Blog

No abstract provided.

Privacy In Pandemic: Law, Technology, And Public Health In The Covid-19 Crisis, Tiffany C. Li

Law Faculty Scholarship

The COVID-19 pandemic has caused millions of deaths and disastrous consequences around the world, with lasting repercussions for every field of law, including privacy and technology. The unique characteristics of this pandemic have precipitated an increase in use of new technologies, including remote communications platforms, healthcare robots, and medical Al. Public and private actors alike are using new technologies, like heat sensing, and technologically influenced programs, like contact tracing, leading to a rise in government and corporate surveillance in sectors like healthcare, employment, education, and commerce. Advocates have raised the alarm for privacy and civil liberties violations, but the emergency …

If You Don't Care, Who Will?, Chad J. Pomeroy

Faculty Articles

As a property law professor, I have lately found myself thinking a lot about privacy rights. Initially, the two topics (property and privacy) perhaps do not seem closely related, but I think they are—or, at least, I think the tie between the two is becoming much more pronounced and important, as modern life becomes ever more techno-centric. specifically, I think that privacy rights are, at this point, essentially an outgrowth of property rights. That is, one's right to privacy is dependent on what we traditionally view as one's property rights. At least, I think this is the current state of …

The Covid-19 Pandemic And The Technology Trust Gap, Johanna Gunawan, David Choffnes, Woodrow Hartzog, Christo Wilson

Faculty Scholarship

Industry and government tried to use information technologies to respond to the COVID-19 pandemic, but using the internet as a tool for disease surveillance, public health messaging, and testing logistics turned out to be a disappointment. Why weren’t these efforts more effective? This Essay argues that industry and government efforts to leverage technology were doomed to fail because tech platforms have failed over the past few decades to make their tools trustworthy, and lawmakers have done little to hold these companies accountable. People cannot trust the interfaces they interact with, the devices they use, and the systems that power tech …

A Duty Of Loyalty For Privacy Law, Neil M. Richards, Woodrow Hartzog

Faculty Scholarship

Data privacy law fails to stop companies from engaging in self-serving, opportunistic behavior at the expense of those who trust them with their data. This is a problem. Modern tech companies are so entrenched in our lives and have so much control over what we see and click that the self-dealing exploitation of people has become a major element of the internet’s business model.

Academics and policymakers have recently proposed a possible solution: require those entrusted with people’s data and online experiences to be loyal to those who trust them. But many have concerns about a duty of loyalty. What, …

Good Health And Good Privacy Go Hand-In-Hand (Originally Published By Jnslp), Jennifer Daskal

Joint PIJIP/TLS Research Paper Series

No abstract provided.

Privacy In Pandemic: Law, Technology, And Public Health In The Covid-19 Crisis, Tiffany Li

Faculty Scholarship

The COVID-19 pandemic has caused millions of deaths and disastrous consequences around the world, with lasting repercussions for every field of law, including privacy and technology. The unique characteristics of this pandemic have precipitated an increase in use of new technologies, including remote communications platforms, healthcare robots, and medical AI. Public and private actors are using new technologies, like heat sensing, and technologically-influenced programs, like contact tracing, alike in response, leading to a rise in government and corporate surveillance in sectors like healthcare, employment, education, and commerce. Advocates have raised the alarm for privacy and civil liberties violations, but the …

Gdpr And The Importance Of Data To Ai Startups, James Bessen, Stephen Michael Impink, Lydia Reichensperger, Robert Seamans

Faculty Scholarship

What is the impact of the European Union’s General Data Protection Regime (“GDPR”) and data regulation on AI startups? How important is data to AI product development? We study these questions using unique survey data of commercial AI startups. AI startups rely on data for their product development. Given the scale and scope of their business models, these startups are particularly susceptible to policy changes impacting data collection, storage and use. We find that training data and frequent model refreshes are particularly important for AI startups that rely on neural nets and ensemble learning algorithms. We also find that firms …

The Missing Regulatory State: Monitoring Businesses In An Age Of Surveillance, Rory Van Loo

Faculty Scholarship

An irony of the information age is that the companies responsible for the most extensive surveillance of individuals in history—large platforms such as Amazon, Facebook, and Google—have themselves remained unusually shielded from being monitored by government regulators. But the legal literature on state information acquisition is dominated by the privacy problems of excess collection from individuals, not businesses. There has been little sustained attention to the problem of insufficient information collection from businesses. This Article articulates the administrative state’s normative framework for monitoring businesses and shows how that framework is increasingly in tension with privacy concerns. One emerging complication is …

Review Of Ian Kerr And Jane Bailey, The Implications Of Digital Rights Management For Privacy And Freedom Of Expression, 2 Journal Of Information, Communication & Ethics In Society 87 (2004), Ann Bartow

Law Faculty Scholarship

Ian Kerr, who passed away far too young in 2019, was an incisive scholar and a much treasured colleague. The wit that sparkled in his papers was matched only by his warmth toward his friends, of whom there were many. He and his many co-authors wrote with deep insight and an equally deep humanity about copyright, artificial intelligence, privacy, torts, and much much more.

Ian was also a valued contributor to the Jotwell Technology Law section. His reviews here display the same playful generosity that characterized everything else he did. In tribute to his memory, we are publishing a memorial …

Location Tracking And Digital Data: Can Carpenter Build A Stable Privacy Doctrine?, Evan H. Caminker

Articles

In Carpenter v United States, the Supreme Court struggled to modernize twentieth-century search and seizure precedents for the “Cyber Age.” Twice previously this decade the Court had tweaked Fourth Amendment doctrine to keep pace with advancing technology, requiring a search warrant before the government can either peruse the contents of a cell phone seized incident to arrest or use a GPS tracker to follow a car’s long-term movements.

Recording As Heckling, Scott Skinner-Thompson

Publications

A growing body of authority recognizes that citizen recording of police officers and public space is protected by the First Amendment. But the judicial and scholarly momentum behind the emerging “right to record” fails to fully incorporate recording’s cost to another important right that also furthers First Amendment principles: the right to privacy.

This Article helps fill that gap by comprehensively analyzing the First Amendment interests of both the right to record and the right to privacy in public while highlighting the role of technology in altering the First Amendment landscape. Recording information can be critical to future speech and, …

Revenge Porn, Thomas Lonardo, Tricia P. Martland, Rhode Island Bar Journal

Life of the Law School (1993- )

No abstract provided.

Humans Forget, Machines Remember: Artificial Intelligence And The Right To Be Forgotten, Tiffany Li, Eduard Fosch Villaronga, Peter Kieseberg

Faculty Scholarship

To understand the Right to be Forgotten in context of artificial intelligence, it is necessary to first delve into an overview of the concepts of human and AI memory and forgetting. Our current law appears to treat human and machine memory alike – supporting a fictitious understanding of memory and forgetting that does not comport with reality. (Some authors have already highlighted the concerns on the perfect remembering.) This Article will examine the problem of AI memory and the Right to be Forgotten, using this example as a model for understanding the failures of current privacy law to reflect the …

Bulk Biometric Metadata Collection, Margaret Hu

Scholarly Articles

Smart police body cameras and smart glasses worn by law enforcement increasingly reflect state-of-the-art surveillance technology, such as the integration of live-streaming video with facial recognition and artificial intelligence tools, including automated analytics. This Article explores how these emerging cybersurveillance technologies risk the potential for bulk biometric metadata collection. Such collection is likely to fall outside the scope of the types of bulk metadata collection protections regulated by the USA FREEDOM Act of 2015. The USA FREEDOM Act was intended to bring the practice of bulk telephony metadata collection conducted by the National Security Agency (“NSA”) under tighter regulation. In …

Are Anti-Bullying Laws Effective?, Ari Ezra Waldman

Articles & Chapters

Since 2010, when several high profile bullying-related suicides brought bullying and cyberharassment into the national consciousness, all 50 states have passed laws that address bullying among the nation’s youth. This essay is the first in a series of three projects on federal, state, municipal, and individual school approaches to bullying. There are only 4 published studies on the relationships between law and bullying rates. This Essay adds several features to the discourse. It offers a comprehensive analysis of the contents of state anti-bullying laws, using a 16-item list of guidelines from the United States Department of Education as a frame. …

Privacy Revisited: A Global Perspective On The Right To Be Left Alone, Jon L. Mills

UF Law Faculty Publications

Reviewing: Ronald J. Krotoszynski, Jr., Privacy Revisited: A Global Perspective on the Right to Be Left Alone (Oxford University Press 2016).

Designing Without Privacy, Ari Ezra Waldman

Articles & Chapters

In Privacy on the Ground, the law and information scholars Kenneth Bamberger and Deirdre Mulligan showed that empowered chief privacy officers (CPOs) are pushing their companies to take consumer privacy seriously, integrating privacy into the designs of new technologies. But their work was just the beginning of a larger research agenda. CPOs may set policies at the top, but they alone cannot embed robust privacy norms into the corporate ethos, practice, and routine. As such, if we want the mobile apps, websites, robots, and smart devices we use to respect our privacy, we need to institutionalize privacy throughout the corporations …

Body Cameras And The Path To Redeem Privacy Law, Woodrow Hartzog

Faculty Scholarship

From a privacy perspective, the movement towards police body cameras seems ominous. The prospect of a surveillance device capturing massive amounts of data concerning people’s most vulnerable moments is daunting. These concerns are compounded by the fact that there is little consensus and few hard rules on how and for whom these systems should be built and used. But in many ways, this blank slate is a gift. Law and policy makers are not burdened by the weight of rules and technologies created in a different time for a different purpose. These surveillance and data technologies will be modern. Many …

Ispy: Threats To Individual And Institutional Privacy In The Digital World, Lori Andrews

All Faculty Scholarship

What type of information is collected, who is viewing it, and what law librarians can do to protect their patrons and institutions.

Protecting Homeowners' Privacy Rights In The Age Of Drones: The Role Of Community Associations, Hillary B. Farber, Marvin J. Nodiff

Faculty Publications

Homeowners' notions of privacy in their dwellings and surroundings are under attack from the threat of pervasive surveillance by small civilian drones equipped with highly sophisticated visual and data-gathering capabilities. Streamlined rules recently issued by the Federal Aviation Administration ("FAA') have unleashed technological innovation that promises great societal benefits. However, the new rules expose homeowners to unwanted snooping because they lack limits on the distance drones may operate from residential dwellings or time of operations. Indeed, our society should not expect a federal agency to deal effectively with the widely diverse issues of drone technology facing the states, given the …

Carpenter V. United States: Brief Of Scholars Of Criminal Procedure And Privacy As Amici Curiae In Support Of Petitioner, Andrew Ferguson

Articles in Law Reviews & Other Academic Journals

Amici curiae are forty-two scholars engaged in significant research and/or teaching on criminal procedure and privacy law. This brief addresses issues that are within amici’s particular areas of scholarly expertise. They have a shared interest in clarifying the law of privacy in the digital era, and believe that a review of scholarly literature on the topic is helpful to answering the question in this case. This brief is co-authored by Harry Sandick, Kathrina Szymborski, & Jared Buszin of Patterson Belknap Webb & Tyler LLP.Carpenter v. United States presents an opportunity to reconsider the Fourth Amendment in the digital age. Cell …