Law Commons^™

The Case For The Third-Party Doctrine, Orin S. Kerr

Orin Kerr

This Article offers a defense of the Fourth Amendment's third party doctrine, the controversial rule that information loses Fourth Amendment protection when it is knowingly revealed to a third party. Fourth Amendment scholars have repeatedly attacked the rule on the ground that it is unpersuasive on its face and gives the government too much power This Article responds that critics have overlooked the benefits of the rule and have overstated its weaknesses. The third-party doctrine serves two critical functions. First, the doctrine ensures the technological neutrality of the Fourth Amendment. It corrects for the substitution effect of third parties that …

The Role Of Satellites And Smart Devices: Data Surprises And Security, Privacy, And Regulatory Challenges, Anne T. Mckenna, Amy C. Gaudion, Jenni L. Evans

Amy C. Gaudion

Strava, a popular social media platform and mobile app like Facebook but specifically designed for athletes, posts a “heatmap” with consensually-obtained details about users’ workouts and geolocation. Strava’s heatmap depicts aggregated data of user location and movement by synthesizing GPS satellite data points and movement data from users’ smart devices together with satellite imagery. In January of 2018, a 20-year-old student tweeted that Strava’s heatmap revealed U.S. forward operating bases. The tweet revealed a significant national security issue and flagged substantial privacy and civil liberty concerns.

Smart devices, software applications, and social media platforms aggregate consumer data from multiple data …

Is It Time For A Universal Genetic Forensic Database?, Christopher Slobogin, Ellen Wright Clayton, J. W. Hazel, B. A. Malin

Christopher Slobogin

The ethical objections to mandating forensic profiling of newborns and/or compelling every citizen or visitor to submit to a buccal swab or to spit in a cup when they have done nothing wrong are not trivial. But newborns are already subject to compulsory medical screening, and people coming from foreign countries to the United States already submit to fingerprinting. It is also worth noting that concerns about coercion or invasions of privacy did not give pause to legislatures (or, for that matter, even the European Court) when authorizing compelled DNA sampling from arrestees, who should not forfeit genetic privacy interests …

Is It Time For A Universal Genetic Forensic Database?, Christopher Slobogin, Ellen Wright Clayton, J. W. Hazel, B. A. Malin

Ellen Wright Clayton

The ethical objections to mandating forensic profiling of newborns and/or compelling every citizen or visitor to submit to a buccal swab or to spit in a cup when they have done nothing wrong are not trivial. But newborns are already subject to compulsory medical screening, and people coming from foreign countries to the United States already submit to fingerprinting. It is also worth noting that concerns about coercion or invasions of privacy did not give pause to legislatures (or, for that matter, even the European Court) when authorizing compelled DNA sampling from arrestees, who should not forfeit genetic privacy interests …

A Few Criminal Justice Big Data Rules, Stephen E. Henderson

Stephen E Henderson

Testimony On Unmanned Aircraft Systems Rules And Regulations, Stephen E. Henderson

Stephen E Henderson

If You Fly A Drone, So Can Police, Stephen E. Henderson

Stephen E Henderson

Ou Professor: Fourth Amendment At Heart Of Dispute Between Fbi, Apple, Stephen E. Henderson

Stephen E Henderson

Please, Let's Bury The Junk: The Codis Loci And The Revelation Of Private Information, David H. Kaye

David Kaye

This Northwestern University Law Review Colloquy paper describes the four possible ways in which genetic loci could possess predictive or diagnostic value with regard to diseases and explains why these mechanisms have not led, and probably cannot lead, to useful screening tests with the Convicted Offender DNA Index System (CODIS) profiles in national, state, and local databases. It then considers the phenotypes and familial relationships that the CODIS STRs can be used to identify. The profiles carry limited information about an individual's race and familial relationships, and the article places the resulting privacy issues in perspective. Finally, the paper comments …

A Fourth Amendment Theory For Arrestee Dna And Other Biometric Databases, David H. Kaye

David Kaye

Routine DNA sampling following a custodial arrest process is now the norm in many jurisdictions, but is it consistent with the Fourth Amendment? The few courts that have addressed the question have disagreed on the answer, but all of them seem to agree on two points: (1) the reasonableness of the practice turns on a direct form of balancing of individual and governmental interests; and (2) individuals who are convicted — and even those who are merely arrested — have a greatly diminished expectation of privacy in their identities. This Article disputes these propositions and offers an improved framework for …

Copyrights, Privacy, And The Blockchain, Tom W. Bell

Tom W. Bell

A Rose By Any Other Name: Regulating Law Enforcement Bulk Metadata Collection, Stephen E. Henderson

Stephen E Henderson

Fourth Amendment Time Machines (And What They Might Say About Police Body Cameras), Stephen E. Henderson

Stephen E Henderson

The Greening Of Canadian Cyber Laws: What Environmental Law Can Teach And Cyber Law Can Learn, Sara Smyth

Sara Smyth

This article examines whether Canadian environmental law and policy could serve as a model for cyber crime regulation. A wide variety of offences are now committed through digital technologies, including thievery, identity theft, fraud, the misdirection of communications, intellectual property theft, espionage, system disruption, the destruction of data, money laundering, hacktivism, and terrorism, among others. The focus of this Article is on the problem of data security breaches, which target businesses and consumers. Following the Introduction, Part I provides an overview of the parallels that can be drawn between threats in the natural environment and on the Internet. Both disciplines …

The Self, The Stasi, The Nsa: Privacy, Knowledge, And Complicity In The Surveillance State, Richard Warner, Robert H. Sloan

Richard Warner

We focus on privacy in public. The notion dates back over a century, at least to the work of the German sociologist, Georg Simmel. Simmel observed that people voluntarily limit their knowledge of each other as they interact in a wide variety of social and commercial roles, thereby making certain information private relative to the interaction even if it is otherwise publicly available. Current governmental surveillance in the US (and elsewhere) reduces privacy in public. But to what extent?

The question matters because adequate self-realization requires adequate privacy in public. That in turn depends on informational norms, social norms that …

Digital Peepholes | Remote Activation Of Webcams: Technology, Law And Policy, Lori Andrews

Lori B. Andrews

Self-Defense Against Robots, A. Michael Froomkin, Zak Colangelo

A. Michael Froomkin

This paper examines when, under U.S. law, humans may use force against robots to protect themselves, their property, and their privacy. May a landowner legally shoot down a trespassing drone? May she hold a trespassing autonomous car as security against damage done or further torts? Is the fear that a drone may be operated by a paparazzo or a peeping Tom sufficient grounds to disable or interfere with it? How hard may you shove if the office robot rolls over your foot? This paper addresses all those issues and one more: what rules and standards we could put into place …

To Read Or Not To Read: Privacy Within Social Networks, The Entitlement Of Employees To A Virtual “Private Zone” And The Balloon Theory, Shlomit Yanisky-Ravid

Shlomit Yanisky-Ravid Professor of Law

Social networking has increasingly become the most common venue of self-expression in the digital era. Although social networks started as a social vehicle, they have recently become a major source for employers to track personal data ("screening") of applicants, employees or former employees.

This article addresses the questions of whether this casual business routine harms employees' rights to privacy with regard to data users post in social networks, what the drawbacks of this routine may be, and why and how privacy rights should be protected to secure private zones within the virtual sphere. The article suggests that a privacy right …

When Enough Is Enough: Location Tracking, Mosaic Theory, And Machine Learning, Steven M. Bellovin, Renée M. Hutchins, Tony Jebara, Sebastian Zimmeck

Renée M. Hutchins

Since 1967, when it decided Katz v. United States, the Supreme Court has tied the right to be free of unwanted government scrutiny to the concept of reasonable xpectations of privacy.[1] An evaluation of reasonable expectations depends, among other factors, upon an assessment of the intrusiveness of government action. When making such assessment historically the Court has considered police conduct with clear temporal, geographic, or substantive limits. However, in an era where new technologies permit the storage and compilation of vast amounts of personal data, things are becoming more complicated. A school of thought known as “mosaic theory” has stepped …

No Surfing Allowed: A Review And Analysis Of Legislation Prohibiting Employers From Demanding Access To Employees’ And Job Applicants’ Social Media Accounts, Robert Sprague

Robert Sprague

This article examines recent state legislation prohibiting employers from requesting username and password information from employees and job applicants in order to access restricted portions of those employees’ and job applicants’ personal social media accounts. This article raises the issue of whether this legislation is even needed, from both practical and legal perspectives, focusing on: (a) how prevalent the practice is of requesting employees’ and job applicants’ social media access information; (b) whether alternative laws already exist which prohibit employers from requesting employees’ and job applicants’ social media access information; and (c) whether any benefits can be derived from this …

Our Records Panopticon And The American Bar Association Standards For Criminal Justice, Stephen E. Henderson

Stephen E Henderson

"Secrets are lies. Sharing is caring. Privacy is theft." So concludes the main character in Dave Egger’s novel The Circle, in which a single company that unites Google, Facebook, and Twitter – and on steroids – has the ambition not only to know, but also to share, all of the world's information. It is telling that a current dystopian novel features not the government in the first instance, but instead a private third party that, through no act of overt coercion, knows so much about us. This is indeed the greatest risk to privacy in our day, both the unprecedented …

Privacy Inalienability And The Regulation Of Spyware, Paul M. Schwartz

Paul M. Schwartz

No abstract provided.

"Do-Not-Track" As Contract, Joshua A.T. Fairfield

Joshua A.T. Fairfield

Support for enforcement of a do-not-track option in browsers has been gathering steam. Such an option presents a simple method for consumers to protect their privacy. The problem is how to enforce this choice. The Federal Trade Commission (FTC) could enforce a do-not-track option in a consumer browser under its section 5 powers. The FTC, however, currently appears to lack the political will to do so. Moreover, the FTC cannot follow the model of its successful do-not-call list since the majority of Internet service providers (ISPs) assign Internet addresses dynamically — telephone numbers do not change, whereas Internet protocol (IP) …

Navigating Through The Fog Of Cloud Computing Contracts, T. Noble Foster

T. Noble Foster

This paper explores legal issues associated with cloud computing, provides analysis and commentary on typical clauses found in contracts offered by well-known cloud service providers, and identifies strategies to mitigate the risk of exposure to cloud-based legal claims in the critical areas of data security, privacy, and confidentiality. While current research offers numerous case studies, viewpoints, and technical descriptions of cloud processes, our research provides a close examination of the language used in cloud contract terms. Analysis of these contract terms supports the finding that most standard cloud computing contracts are unevenly balanced in favor of the cloud service provider. …

Do-Not-Track As Default, Joshua A.T. Fairfield

Joshua A.T. Fairfield

Do-Not-Track is a developing online legal and technological standard that permits consumers to express their desire not to be tracked by online advertisers. Do-Not-Track has the ability to change the relationship between consumers and advertisers in the information market. Everything will depend on implementation. The most effective way to allow users to achieve their privacy preferences is to implement Do-Not-Track as a default feature. The World Wide Web Consortium’s (W3C) standard setting body for Do-Not-Track has, however, endorsed a corrosive standard in its Tracking Preferences Expression (TPE) draft. This standard requires consumers to set their privacy preference by hand. This …

Cracks In The Foundation: The New Internet Regulation's Hidden Threat To Privacy And Commerce, Joshua A.T. Fairfield

Joshua A.T. Fairfield

Scholarship to date has focused on the legal significance of the novelty of the Internet. This scholarship does not describe or predict actual Internet legislation. Instead of asking whether the Internet is so new as to merit new law, legislators and academics should re-evaluate the role of government in orchestrating collective action and change the relative weight of enforcement, deterrence, and incentives in Internet regulations. A perfect example of the need for this new approach is the recent CANSPAM Act of 2003, which was intended to protect personal privacy and legitimate businesses. However, the law threatens both of these interests, …

American Bar Association Criminal Justice Standards On Law Enforcement Access To Third Party Records, Stephen E. Henderson

Stephen E Henderson

Implementación De Políticas Corporativas Sobre Internet Y Redes Sociales En México, Rodolfo C. Rivas Rea Esq.

Rodolfo C. Rivas

The author analyzes and describes the necessary elements of a successful social media and Internet corporate policy; through citing common pitfalls and learning lessons from different jurisdictions across the world. The author then offers general guidelines on policies for Mexican enterprises under Mexican legislation.///////////////////////////////////////////////////////////////////////////////////////El autor analiza y describe los elementos necesarios de una política corporativa sobre internet y redes sociales exitosa, citando los errores más comunes y aprendiendo lecciones de las legislaciones de distintos países.

Piracy,Privacy, And Privatization: Fictional And Legal Approaches To The Electronic Future Of Cash , Walter A. Effross

Walter Effross

No abstract provided.

Information Revolution: “Choice Of Control” To “Choice And Control”, Subhajit Basu, Christina Munns

Subhajit Basu

Please do not cite without permission of the authors.

In this article, we critically analyse whether the ‘privacy framework’ for health records is ‘fit-for-purpose’ for the NHS’s ‘information revolution’ and argue that the NHS’s ‘proxy-individual’ information-guardian role could inadvertently mask individuals’ intended roles, effectively circumventing autonomy-based laws by limiting the power of individuals to be autonomous. We suggest that moving ‘choice of control’ to individuals will render ‘privacy’ redundant whilst validating ‘confidentiality’ via consent from empowered individuals. This power shift would expose the overdue need for options to increase levels of individual ‘control/privacy,’ moving from the NHS’s paternal ‘proxy-individual’ conception …