Law Commons^™

International Data Privacy Lawws And The Protectors Of Privacy, Ilmr Editors

Brigham Young University International Law & Management Review

No abstract provided.

Whose Business Is Your Pancreas?: Potential Privacy Problems In New York City's Mandatory Diabetes Registry (With N. Gingo Et Al.), Harold J. Krent, Nicholas Gingo, Monica Kapp, Rachel Moran, Mary Neal, Meghan Paulas, Puneet Sarna, Sarah Suma

All Faculty Scholarship

New York City authorities in 2006 formulated a policy requiring that medical data from all diabetics in the City be stored in a centralized registry. This diabetic registry is the first in the nation to require collection of personal testing data for the purpose of monitoring treatments for a noninfectious disease. The registry represents an important step on the path toward better understanding and managing of the disease. Nonetheless, establishment of the registry threatens privacy in a number of ways. Many individuals are open about their diabetes, but others prefer to keep that information to themselves, whether because of concerns …

State Government—The Arkansas Freedom Of Information Act—Houston We Have A Problem: A Coach And A Comptroller Illustrate The Repercussions Of Releasing Electronic Information Through The Arkansas Freedom Of Information Act, Alexander Justiss

University of Arkansas at Little Rock Law Review

FOIA provides a necessary oversight by which Arkansans can monitor the actions of those within the government. FOIA ensures that its purpose may not be thwarted by prohibiting the transfer, withdrawal, or destruction of documents in an attempt to prevent their release to the public. The executive, legislative, and judicial branches of the government are subject to the FOIA. FOIA statutorily exempts certain public records that would otherwise be accessible to Arkansans. Additionally, the Arkansas Constitution provides numerous safeguards to protect the privacy rights of individuals.

Issues arise with electronic communication under FOIA so various judicial and Attorney General opinions …

De-Identified Data And Third Party Data Mining: The Risk Of Re-Identification Of Personal Information, C. Christine Porter

Washington Journal of Law, Technology & Arts

Recent computer science research demonstrates that anonymized data can sometimes be easily re-identified with particular individuals, despite companies’ attempts to isolate personal information. Netflix and AOL are two examples of companies that released personal data intended to be anonymous but which was reidentified with individual users with the use of very small amounts of auxiliary data. Re-identification of anonymized data may expose companies to increased liability, as the information may no longer be treated as anonymous. In addition, companies may violate their own privacy policies by releasing anonymous information to third parties that can be easily re-identified with individual users. …

Lawrence M. Friedman's Guarding Life's Dark Secrets : Legal And Social Controls Over Reputation, Propriety, And Privacy (Book Review), James A. Gardner

Book Reviews

No abstract provided.

Locating The Mislaid Gate: Revitalizing Tinker By Repairing Judicial Overgeneralizations Of Technologically Enabled Student Speech, Kenneth R. Pike

BYU Law Review

No abstract provided.

Accidental Privacy Spills, James Grimmelmann

Cornell Law Faculty Publications

The realm of privacy law has more crimes than criminals, more wrongs than wrongdoers. Some invasions of privacy are neither intentional nor negligent; it's easy to recognize the harm, but hard to pin the blame.

Laurie Garrett attended the World Economic Forum as a journalist and wrote a private email to a few close friends, only to see that email end up on a widely-read weblog.

This essay tells the story of that inevitable accident: an "accident" in that it needn't have happened, but "inevitable" in that there's no principled way to prevent similar misunderstandings from recurring, again and again …

Liability For Consumer Information Security Breaches: Deconstructing Ftc Complaints And Settlements, Joel B. Hanson

Washington Journal of Law, Technology & Arts

For several years, hackers taking advantage of security holes in the information system of TJX Companies, Inc. stole sensitive credit and debit card information belonging to at least 45.7 million customers. The TJX breach is one of the largest thefts of consumer information in history and is illustrative of the recent wave of security breaches. Private lawsuits against companies that fail to protect consumer information have typically failed. However, the Federal Trade Commission has taken enforcement action against such companies that fail to implement reasonable security measures to protect customers’ personal information. These complaints have resulted in settlement agreements requiring …

No Harm, No Foul: Limits On Damages Awards For Individuals Subject To A Data Breach, Derek A. Bishop

Washington Journal of Law, Technology & Arts

Recently, TJX, Inc. announced that computer hackers breached several of TJX’s databases containing the driver’s license and credit card numbers of over 47 million customers. Within a month, a class action lawsuit attempting to hold TJX responsible for losing control of this information was filed. In the past, class action lawsuits based on the release of consumer’s personal data have failed because the plaintiffs have not alleged sufficient harms. This article examines legal claims relating to the release of personal data by companies during security breaches. To date, courts have refused to find individuals harmed by the negligent release of …

What If Samuel D. Warren Hadn't Married A Senator's Daughter: Uncovering The Press Coverage That Led To The Right To Privacy, Amy Gajda

Faculty Scholarship

No abstract provided.

"I Will Not Divulge": How To Resolve The "Mass Of Legal Confusion" Surrounding The Physician-Patient Relationship In West Virginia, Mary Claire Johnson

West Virginia Law Review

No abstract provided.

Student Drug Testing: The Blinding Appeal Of In Loco Parentis And The Importance Of State Protection Of Student Privacy, Tony Lacroix

Brigham Young University Education and Law Journal

No abstract provided.

Internet Search And Seizure In United States V. Forrester: New Problems In The New Age Of Pen Registers, Deborah Buckner

Brigham Young University Journal of Public Law

No abstract provided.

Data Privacy And Breach Reporting: Compliance With Various State Laws, G. Martin Bingisser

Washington Journal of Law, Technology & Arts

This Article discusses state laws requiring notification of a party whose personal information is held by a business or government agency when the third party’s security is breached and an unauthorized person accesses the personal information. In the wake of the 2005 ChoicePoint data breach, over half of the states passed legislation requiring that companies notify the affected parties after breach of personal information. Most of the state statutes followed the model set forth by California’s Security Breach Notification Act of 2002. However, significant variations exist between the different statutes, which can create compliance problems. This Article specifically illustrates the …

Confidentiality: An Expectation In Health Care, Anita L. Allen

All Faculty Scholarship

The practice of confidentiality has continued in an era of increased, voluntary openness about medical information in everyday life. Indeed the number and variety of state and federal laws mandating confidentiality by medical professionals has increased in the last dozen years. Moreover, personal injury suits alleging breach of confidentiality or invasion of privacy, along with suits asserting evidentiary privileges, reflect the reality that expectations of confidentiality of medical records and relationships remain strong.

Lobbying Is An Honorable Profession: The Right To Petition And The Competition To Be Right, Nick Allard

Faculty Scholarship

No abstract provided.

Katz And The Origins Of The Reasonable Expectation Of Privacy Test, Peter Winn

McGeorge Law Review

No abstract provided.

Katz V. United States: The Untold Story, Harvey A. Schneider

McGeorge Law Review

No abstract provided.

Public Assistance For The Price Of Privacy: Leaving The Door Open On Welfare Home Searches, Preston L. Morgan

McGeorge Law Review

No abstract provided.

When Mobile Phones Are Rfid-Equipped - Finding E.U.-U.S. Solutions To Protect Consumer Privacy And Facilitate Mobile Commerce, Nancy J. King

Michigan Telecommunications & Technology Law Review

New mobile phones have been designed to include delivery of mobile advertising and other useful location-based services, but have they also been designed to protect consumers' privacy? One of the key enabling technologies for these new types of phones and new mobile services is Radio Frequency Identification (RFID), a wireless communication technology that enables the unique identification of tagged objects. In the case of RFID-enabled mobile phones, the personal nature of the devices makes it very likely that, by locating a phone, businesses will also be able to locate its owner. Consumers are currently testing new RFID-enabled phones around the …

The 'High Crime Area' Question: Requiring Verifiable And Quantifiable Evidence For Fourth Amendment Reasonable Suspicion Analysis, Andrew Ferguson, Damien Bernache

Articles in Law Reviews & Other Academic Journals

This article proposes a legal framework to analyze the "high crime area" concept in Fourth Amendment reasonable suspicion challenges.Under existing Supreme Court precedent, reviewing courts are allowed to consider that an area is a "high crime area" as a factor to evaluate the reasonableness of a Fourth Amendment stop. See Illinois v. Wardlow, 528 U.S. 119 (2000). However, the Supreme Court has never defined a "high crime area" and lower courts have not reached consensus on a definition. There is no agreement on what a "high-crime area" is, whether it has geographic boundaries, whether it changes over time, whether it …

Federal Search Commission? Access, Fairness, And Accountability In The Law Of Search, Oren Bracha, Frank Pasquale

Faculty Scholarship

Should search engines be subject to the types of regulation now applied to personal data collectors, cable networks, or phone books? In this article, we make the case for some regulation of the ability of search engines to manipulate and structure their results. We demonstrate that the First Amendment, properly understood, does not prohibit such regulation. Nor will such interventions inevitably lead to the disclosure of important trade secrets.

After setting forth normative foundations for evaluating search engine manipulation, we explain how neither market discipline nor technological advance is likely to stop it. Though savvy users and personalized search may …

The Future Of Privacy Policies: A Privacy Nutrition Label Filled With Fair Information Practices, 26 J. Marshall J. Computer & Info. L. 1 (2008), Corey A. Ciocchetti

UIC John Marshall Journal of Information Technology & Privacy Law

The article looks at the threats accompanying online shopping, such as identity theft and aggregated data files. Such issues arise when companies carelessly lose laptops filled with unencrypted data or callously sell data on the open market with collected personally identifying information (PII). The article explains that although privacy policies are supposed to force companies to strengthen their privacy practices they are not always effective because companies often post inconspicuous, vague and legalese-filled policies. These ambiguous postings cause online shoppers to blindly submit PII and ignore privacy practices completely. The article proposes a solution to this problem through the standardization …

United States V. Andrus: Password Protect Your Roommate, Not Your Computer, 26 J. Marshall J. Computer & Info. L. 183 (2008), Sarah M. Knight

UIC John Marshall Journal of Information Technology & Privacy Law

The article looks at the decision in United States v. Andrus, where it was determined that the police could obtain consent from a father to search an adult son’s computer without first checking if the father who gave consent know the password and therefore had apparent authority to search. The police used Encase, software designed to make a forensic copy of a hard drive, without even turning on the computer. The 10th Circuit majority opinion decided the police committed no error when they conducted the search. The article’s author argues that the dissenting opinion took the correct position in its …

Symbiotic Regulation, 26 J. Marshall J. Computer & Info. L. 207 (2008), Andrew Murray

UIC John Marshall Journal of Information Technology & Privacy Law

In this paper the author points out that complexity is at the heart of much of the work of today’s academia. The paper explains how the role of an academic researcher may be defined as studying and modelling complexity in an effort to make it accessible to a wider audience. This article models the complexity of regulatory relationships in communications networks and in particular the Internet. First, the article models the complexity of the regulatory environment. Next, it explains how regulators may harness the power of the network to achieve effective regulatory settlements by harnessing symbiotic regulation. Finally, it explains …

The Twenty-Seventh Annual John Marshall Law School International Moot Court Competition In Information Technology And Privacy Law:Summary Of Bench Memorandum, 26 J. Marshall J. Computer & Info. L. 259 (2008), Robin Ficke, James Lai, Steven Tseng, Panagiota Kelali

UIC John Marshall Journal of Information Technology & Privacy Law

Petitioner, Alex Romero (“Romero”), appeals to the Marshall Supreme Court from an order granting summary judgment in favor of Respondent, Windbucket Entertainment, LLC (“Windbucket”). Romero’s lawsuit alleged that Windbucket and a third party (not a party to the present appeal) were liable to him for invasion of privacy by intrusion upon seclusion. Romero then sought discovery sanctions against Windbucket for violations of Marshall Rule of Civil Procedure 37. The issues in the case concern whether a subscriber to an Internet-based, multiplayer computer game can state a valid invasion of privacy claim against the game’s publisher, when liability is based on …

Wikipedia Made Law? The Federal Judicial Citation Of Wikipedia, 26 J. Marshall J. Computer & Info. L. 229 (2008), Amber Lynn Wagner

UIC John Marshall Journal of Information Technology & Privacy Law

In this comment the author examines the new and growing body of federal opinions citing Wikipedia an authoritative source. The comment details how Wikipedia articles are generated, and the ease with which anyone can edit them, to illustrate their shortcomings as sources for making judicial determinations. The author provides examples of federal cases where judges rely on Wikipedia to define terms ranging from colloquial phrases to medical equipment. The author points out that in spite of several academic institutions and the U.S. Trade and Patent Office banning it as a source, federal judges continue to rely on Wikipedia in their …

Opening The Red Cross International Tracing Service Archive, 26 J. Marshall J. Computer & Info. L. 161 (2008), Kenneth Waltzer

UIC John Marshall Journal of Information Technology & Privacy Law

The Red Cross International Tracing Service Archive in Bad Arolsen contains nearly 17.5 million names and nearly 50 million World War II and post-war era documents. The Bonn Accords designated the International Tracing Service (“ITS”) as the sole caretaker of these documents. A recent revision to the Bonn Accords has resulted in a reopening of archives at Bad Arolsen. ITS has started to digitize materials, and the data has been distributed to designated research institutions. The revision also resulted in access to the archives for research purposes. This expanded availability of the information has raised a number of important questions …

The Twenty-Seventh Annual John Marshall Law School International Moot Court Competition In Information Technology And Privacy Law: Brief For The Petitioner, 26 J. Marshall J. Computer & Info. L. 283 (2008), David Caras, Jennifer Robbins, Zach Rudisill

UIC John Marshall Journal of Information Technology & Privacy Law

No abstract provided.

Beyond Whiffle-Ball Bats: Addressing Identity Crime In An Information Economy, 26 J. Marshall J. Computer & Info. L. 47 (2008), Erin Kenneally, Jon Stanley

UIC John Marshall Journal of Information Technology & Privacy Law

The article discusses the challenges to the protection of private personal information in the age of rapid technological changes and advances with a particular focus on the explosion of Identity Theft Crime (IDC). The paper highlights the compartmentalized and imbalanced roles that the free market and law enforcement (LE) play in response to this emerging threat to privacy, the implications of this dynamic, and recommendations for improving the societal risk management of Identity Crime.