Law Commons^™

Privacy Law Issues In Public Blockchains: An Analysis Of Blockchain, Pipeda, The Gdpr, And Proposals For Compliance, Noah Walters

Canadian Journal of Law and Technology

Proponents of blockchain proclaim that the technology’s greatest innovation is trust. Blockchain create trust by serving as an indispensable ledger (a central point of truth), for all stakeholders to a transaction. Instead of companies managing and reconciling records of the same transaction in privately held databases, both sides of a transaction are recorded simultaneously on a shared ledger — the blockchain. As a result, the crypto economic environment is characterized by the decentralized coordination of business processes and transactions. Proponents of crypto-economics regard decentralized coordination as an opportunity for new forms of economic innovation, forms designed to increase value for …

Medical Ai And Contextual Bias, W. Nicholson Price Ii

Articles

Artificial intelligence will transform medicine. One particularly attractive possibility is the democratization of medical expertise. If black-box medical algorithms can be trained to match the performance of high-level human experts — to identify malignancies as well as trained radiologists, to diagnose diabetic retinopathy as well as board-certified ophthalmologists, or to recommend tumor-specific courses of treatment as well as top-ranked oncologists — then those algorithms could be deployed in medical settings where human experts are not available, and patients could benefit. But there is a problem with this vision. Privacy law, malpractice, insurance reimbursement, and FDA approval standards all encourage developers …

Data Regulation With Chinese Characteristics, Henry S. Gao

Centre for AI & Data Governance

Data regulation has become a key issue in today’s world. For various reasons, however, it has been challenging to understand data regulations in China, home to the largest e-commerce market in the world. This paper traces the evolution of data and Internet regulation in China, from the early days of the Chinese Internet, to the regulatory turf wars among different agencies, and all the way to the elevation of data and Internet regulation to the level of national security and the rise of a super-agency in charge of the issue in recent years. The paper argues that, the Chinese Internet …

Diversity As A Trade Secret, Jamillah Bowman Williams

Georgetown Law Faculty Publications and Other Works

When we think of trade secrets, we often think of famous examples such as the Coca-Cola formula, Google’s algorithm, or McDonald’s special sauce used on the Big Mac. However, companies have increasingly made the novel argument that diversity data and strategies are protected trade secrets. This may sound like an unusual, even suspicious, legal argument. Many of the industries that dominate the economy in wealth, status, and power continue to struggle with a lack of diversity. Various stakeholders have mobilized to improve access and equity, but there is an information asymmetry that makes this pursuit daunting. When potential plaintiffs and …

The Role Of Satellites And Smart Devices: Data Surprises And Security, Privacy, And Regulatory Challenges, Anne T. Mckenna, Amy C. Gaudion, Jenni L. Evans

Amy C. Gaudion

Strava, a popular social media platform and mobile app like Facebook but specifically designed for athletes, posts a “heatmap” with consensually-obtained details about users’ workouts and geolocation. Strava’s heatmap depicts aggregated data of user location and movement by synthesizing GPS satellite data points and movement data from users’ smart devices together with satellite imagery. In January of 2018, a 20-year-old student tweeted that Strava’s heatmap revealed U.S. forward operating bases. The tweet revealed a significant national security issue and flagged substantial privacy and civil liberty concerns.

Smart devices, software applications, and social media platforms aggregate consumer data from multiple data …

Digital Colonialism: The 21st Century Scramble For Africa Through The Extraction And Control Of User Data And The Limitations Of Data Protection Laws, Danielle Coleman

Michigan Journal of Race and Law

As Western technology companies increasingly rely on user data globally, extensive data protection laws and regulations emerged to ensure ethical use of that data. These same protections, however, do not exist uniformly in the resource-rich, infrastructure-poor African countries, where Western tech seeks to establish its presence. These conditions provide an ideal landscape for digital colonialism.

Digital colonialism refers to a modern-day “Scramble for Africa” where largescale tech companies extract, analyze, and own user data for profit and market influence with nominal benefit to the data source. Under the guise of altruism, large scale tech companies can use their power and …

Privacy Statements Under The Gdpr, Mike Hintze

Seattle University Law Review

The need to include specific types of information in a privacy statement is a GDPR compliance obligation that does not get as much attention as some other GDPR requirements. Perhaps that is because privacy statements have been much maligned in recent years. They are too long and full of legalese. Nobody reads them. They are part of a notice and consent approach to privacy that puts an unrealistic burden on consumers to make informed choices. But despite these well-known criticisms, the GDPR doubles down on privacy statements. In fact, gauging by the roughly fourfold increase in privacy statement requirements compared …

Confiding In Con Men: U.S. Privacy Law, The Gdpr, And Information Fiduciaries, Lindsey Barrett

Seattle University Law Review

In scope, ambition, and animating philosophy, U.S. privacy law and Europe’s General Data Protection Regulation are almost diametric opposites. The GDPR’s ambitious individual rights, significant prohibitions, substantive enforcement regime, and broad applicability contrast vividly with a scattershot U.S. regime that generally prioritizes facilitating commerce over protecting individuals, and which has created perverse incentives for industry through anemic enforcement of the few meaningful limitations that do exist. A privacy law that characterizes data collectors as information fiduciaries could coalesce with the commercial focus of U.S. law, while emulating the GDPR’s laudable normative objectives and fortifying U.S. consumer privacy law with a …

The Gdpr: It Came, We Saw, But Did It Conquer?, Leila Javanshir

Seattle University Law Review

On February 1, 2019, the Seattle University Law Review held its annual symposium at the Seattle University School of Law. Each year, the Law Review hosts its symposium on a topic that is timely and meaningful. This year, privacy and data security professionals from around the globe gathered to discuss the current and future effects of the General Data Protection Regulation (GDPR) that was implemented on May 25, 2018. The articles and essays that follow this Foreword are the product of this year’s symposium.

Footprints: Privacy For Enterprises, Processors, And Custodians…Oh My!, Blair Witzel, Carrie Mount

Seattle University Law Review

Americans’ interest in privacy—as evidenced by increasing news coverage, online searches, and new legislation—has grown over the past decade. After the European Union enacted the General Data Protection Regulation (GDPR), technologists and legal professionals have focused on primary collectors of data—known under various legal regimes as the “controller” or “custodian.” Thanks to advances in computing, many of these data collectors offload the processing of data to third parties providing data-related cloud services like Amazon, Microsoft, and Google. In addition to the data they have already collected about the data subjects themselves, these companies now “hold” that data on behalf of …

Title 2.0: Discrimination Law In A Data-Driven Society, Bryan Casey

Journal of Law and Mobility

More than a quarter century after civil rights activists pioneered America’s first ridesharing network, the connections between transportation, innovation, and discrimination are again on full display. Industry leaders such as Uber, Amazon, and Waze have garnered widespread acclaim for successfully combatting stubbornly persistent barriers to transportation. But alongside this well-deserved praise has come a new set of concerns. Indeed, a growing number of studies have uncovered troubling racial disparities in wait times, ride cancellation rates, and service availability in companies including Uber, Lyft, Task Rabbit, Grubhub, and Amazon Delivery.

Surveying the methodologies employed by these studies reveals a subtle, but …

Nowhere To Run, Nowhere To Hide.* Applying The Fourth Amendment To Connected Cars In The Internet-Of-Things Era, Gregory C. Brown, Jr.

Journal of Civil Rights and Economic Development

(Excerpt)

Part I of this Note will briefly discuss the key components of a Connected Car, identify who collects the data from the Car, and examine the various uses for the data. Part I also explores whether Car owners consent to the collection of their Car’s data. Part II-A will trace the historical development of the automobile exception to the Fourth Amendment, which generally permits law-enforcement officers to conduct a warrantless search of a vehicle. Part II-B will discuss how the Supreme Court has applied the Fourth Amendment to pre-Internet technologies. Part II-C will discuss two recent Fourth Amendment Supreme …

The Exclusionary Rule In The Age Of Blue Data, Andrew Ferguson

Articles in Law Reviews & Other Academic Journals

In Herring v. United States, Chief Justice John Roberts reframed the Supreme Court’s understanding of the exclusionary rule: “As laid out in our cases, the exclusionary rule serves to deter deliberate, reckless, or grossly negligent conduct, or in some circumstances recurring or systemic negligence.” The open question remains: how can defendants demonstrate sufficient recurring or systemic negligence to warrant exclusion? The Supreme Court has never answered the question, although the absence of systemic or recurring problems has figured prominently in two recent exclusionary rule decisions. Without the ability to document recurring failures, or patterns of police misconduct, courts can dismiss …

Data-Centric Technologies: Patent And Copyright Doctrinal Disruptions, Tabrez Y. Ebrahim

Faculty Scholarship

Data-centric technologies create information content that directly controls, modifies, or responds to the physical world. This information content resides in the digital world yet has profound economic and societal impact in the physical world. 3D printing and artificial intelligence are examples of data-centric technologies. 3D printing utilizes digital data for eventual printing of physical goods. Artificial intelligence learns from data sets to make predictions or automated decisions for use in physical applications and systems. 3D printing and artificial intelligence technologies are based on digital foundations, blur the digital and physical divide, and dramatically improve physical goods, objects, products, or systems. …

The Role Of Satellites And Smart Devices: Data Surprises And Security, Privacy, And Regulatory Challenges, Anne T. Mckenna, Amy C. Gaudion, Jenni L. Evans

Faculty Scholarly Works

Strava, a popular social media platform and mobile app like Facebook but specifically designed for athletes, posts a “heatmap” with consensually-obtained details about users’ workouts and geolocation. Strava’s heatmap depicts aggregated data of user location and movement by synthesizing GPS satellite data points and movement data from users’ smart devices together with satellite imagery. In January of 2018, a 20-year-old student tweeted that Strava’s heatmap revealed U.S. forward operating bases. The tweet revealed a significant national security issue and flagged substantial privacy and civil liberty concerns.

Smart devices, software applications, and social media platforms aggregate consumer data from multiple data …