Law Commons^™

Data Is What Data Does: Regulating Use, Harm, And Risk Instead Of Sensitive Data, Daniel J. Solove

GW Law Faculty Publications & Other Works

Heightened protection for sensitive data is becoming quite trendy in privacy laws around the world. Originating in European Union (EU) data protection law and included in the EU’s General Data Protection Regulation (GDPR), sensitive data singles out certain categories of personal data for extra protection. Commonly recognized special categories of sensitive data include racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, health, sexual orientation and sex life, biometric data, and genetic data.

Although heightened protection for sensitive data appropriately recognizes that not all situations involving personal data should be protected uniformly, the sensitive data approach …

The Prediction Society: Algorithms And The Problems Of Forecasting The Future, Hideyuki Matsumi, Daniel J. Solove

GW Law Faculty Publications & Other Works

Predictions about the future have been made since the earliest days of humankind, but today, we are living in a brave new world of prediction. Today’s predictions are produced by machine learning algorithms that analyze massive quantities of personal data. Increasingly, important decisions about people are being made based on these predictions.

Algorithmic predictions are a type of inference. Many laws struggle to account for inferences, and even when they do, the laws lump all inferences together. But as we argue in this Article, predictions are different from other inferences. Predictions raise several unique problems that current law is ill-suited …

The Carceral Home, Kate Weisburd

GW Law Faculty Publications & Other Works

In virtually all areas of law, the home is the ultimate constitutionally protected area, at least in theory. In practice, a range of modern institutions that target private life—from public housing to child welfare—have turned the home into a routinely surveilled space. Indeed, for the 4.5 million people on criminal court supervision, their home is their prison, or what I call a “carceral home.” Often in the name of decarceration, prison walls are replaced with restrictive rules that govern every aspect of private life and invasive surveillance technology that continuously records intimate information. While prisons have always been treated in …

An Overview Of Privacy Law In 2022, Daniel J. Solove, Paul M. Schwartz

GW Law Faculty Publications & Other Works

Chapter 1 of PRIVACY LAW FUNDAMENTALS (6th edition, IAPP 2022) provides an overview of information privacy law circa 2022. The chapter summarizes the common themes in privacy laws and discusses the various types of laws (federal, constitutional, state, international). It contains a list and brief summary of the most significant U.S. federal privacy laws. The heart of the chapter is an historical timeline of major developments in the law of privacy and data security, including key cases, enactments of laws, major regulatory developments, influential publications, and other significant events. The chapter also contains a curated list of important treatises and …

Breached! Why Data Security Law Fails And How To Improve It (Chapter 1), Daniel J. Solove, Woodrow Hartzog

GW Law Faculty Publications & Other Works

Digital connections permeate our lives—and so do data breaches. Given that we must be online for basic communication, finance, healthcare, and more, it is remarkable how difficult it is to secure our personal information. Despite the passage of many data security laws, data breaches are increasing at a record pace. In their book, BREACHED! WHY DATA SECURITY LAW FAILS AND HOW TO IMPROVE IT (Oxford University Press 2022), Professors Daniel Solove and Woodrow Hartzog argue that the law fails because, ironically, it focuses too much on the breach itself.

Drawing insights from many fascinating stories about data breaches, Solove and …

Standing And Privacy Harms: A Critique Of Transunion V. Ramirez, Daniel J. Solove, Danielle Citron

GW Law Faculty Publications & Other Works

Through the standing doctrine, the U.S. Supreme Court has taken a new step toward severely limiting the effective enforcement of privacy laws. The recent Supreme Court decision, TransUnion v. Ramirez (U.S. June 25, 2021) revisits the issue of standing and privacy harms under the Fair Credit Reporting Act (FCRA) that began with Spokeo v. Robins, 132 S. Ct. 1441 (2012). In TransUnion, a group of plaintiffs sued TransUnion under FCRA for falsely labeling them as potential terrorists in their credit reports. The Court concluded that only some plaintiffs had standing – those whose credit reports were disseminated. Plaintiffs whose credit …

Eu Law In Populist Times: Crises And Prospects, Francesca Bignami

GW Law Faculty Publications & Other Works

EU Law in Populist Times: Crises and Prospects analyzes the sovereignty-sensitive EU law that has emerged over the past decade—in economic policy, human migration, internal security, and constitutional fundamentals (rule-of-law policies to combat democratic backsliding). These are legal areas at the heart of state sovereignty, over which the EU’s prerogatives accelerated following the multiple crises that hit beginning in 2009. They are also EU policies that occupy center stage in the acrimonious debates that have emerged between European establishment parties and populist political forces, precisely because of the huge economic, social, and constitutional stakes involved in reaching into core state …

Sentenced To Surveillance: Fourth Amendment Limits On Electronic Monitoring, Kate Weisburd

GW Law Faculty Publications & Other Works

As courts and legislatures increasingly recognize that “digital is different” and attempt to limit government surveillance of private data, one group is conspicuously excluded from this new privacy-protective discourse: the five million people in the United States on probation, parole, or other forms of community supervision. This Article is the first to explore how warrantless electronic surveillance is dramatically transforming community supervision and, as a result, amplifying a growing privacy-protection disparity: those in the criminal legal system are increasingly losing privacy protections even while those not in the system are increasingly gaining privacy protections. The quickly expanding use of GPS-equipped …

An Overview Of Privacy Law, Daniel J. Solove, Paul M. Schwartz

GW Law Faculty Publications & Other Works

Chapter 2 of PRIVACY LAW FUNDAMENTALS provides a brief overview of information privacy law – the scope and types of law. The chapter contains an historical timeline of major developments in the law of privacy and data security.

PRIVACY LAW FUNDAMENTALS is a distilled guide to the essential elements of U.S. data privacy law. In an easily-digestible format, the book covers core concepts, key laws, and leading cases.

Professors Daniel Solove and Paul Schwartz clearly and concisely distill all relevant information about privacy law into this short volume. PRIVACY LAW FUNDAMENTALS is designed to be like Strunk and White’s Elements …

Hipaa Turns 10: Analyzing The Past, Present, And Future Impact, Daniel J. Solove

GW Law Faculty Publications & Other Works

This essay, written in a journalistic style, examines HIPAA over the past decade. The essay discusses the creation of HIPAA, the evolution of HHS enforcement, the impact of the HITECH Act, and the overall influence and effect of HIPAA on healthcare providers and organizations using medical data. Professor Solove combines analysis with interviews of key regulators and practitioners.

Privacy Self-Management And The Consent Dilemma, Daniel J. Solove

GW Law Faculty Publications & Other Works

The current regulatory approach for protecting privacy involves what I refer to as “privacy self-management” — the law provides people with a set of rights to enable them to decide how to weigh the costs and benefits of the collection, use, or disclosure of their information. People’s consent legitimizes nearly any form of collection, use, and disclosure of personal data.

Although privacy self-management is certainly a necessary component of any regulatory regime, I contend in this Article that it is being asked to do work beyond its capabilities. Privacy self-management does not provide meaningful control. Empirical and social science research …

Reconciling Personal Information In The United States And European Union, Daniel J. Solove, Paul M. Schwartz

GW Law Faculty Publications & Other Works

US and EU privacy law diverge greatly. At the foundational level, they diverge in their underlying philosophy: In the US, privacy law focuses on redressing consumer harm and balancing privacy with efficient commercial transactions. In the EU, privacy is hailed as a fundamental right that trumps other interests. Even at the threshold level - determining what information is covered by the regulation - the US and EU differ significantly. The existence of personal information - commonly referred to as “personally identifiable information” (PII) - is the trigger for when privacy laws apply. PII is defined quite differently in US and …

Nothing To Hide: The False Tradeoff Between Privacy And Security (Introduction), Daniel J. Solove

GW Law Faculty Publications & Other Works

"If you've got nothing to hide," many people say, "you shouldn't worry about government surveillance." Others argue that we must sacrifice privacy for security. But as Daniel J. Solove argues in this book, these arguments and many others are flawed. They are based on mistaken views about what it means to protect privacy and the costs and benefits of doing so.

In addition to attacking the "Nothing-to Hide Argument," Solove exposes the fallacies of pro-security arguments that have often been used to justify government surveillance and data mining. These arguments - such as the "Luddite Argument,"the "War-Powers Argument," the "All-or-Nothing …

Privacy Law Fundamentals, Daniel J. Solove, Paul M. Schwartz

GW Law Faculty Publications & Other Works

"Privacy Law Fundamentals" is a distilled guide to the essential elements of U.S. data privacy law. In an easily-digestible format, the book covers core concepts, key laws, and leading cases. Included here for download are The Table of Contents and Chapter 1.

The book explains the major provisions of all of the major privacy statutes, regulations, cases, including state privacy laws and FTC enforcement actions. It provides numerous charts and tables summarizing the privacy statutes (i.e. statutes with private rights of action, preemption, and liquidated damages, among other things). Topics covered include: the media, domestic law enforcement, national security, government …

The Pii Problem: Privacy And A New Concept Of Personally Identifiable Information, Daniel J. Solove, Paul M. Schwartz

GW Law Faculty Publications & Other Works

Personally identifiable information (PII) is one of the most central concepts in information privacy regulation. The scope of privacy laws typically turns on whether PII is involved. The basic assumption behind the applicable laws is that if PII is not involved, then there can be no privacy harm. At the same time, there is no uniform definition of PII in information privacy law. Moreover, computer science has shown that in many circumstances non-PII can be linked to individuals, and that de-identified data can be re-identified. PII and non-PII are thus not immutable categories, and there is a risk that information …

Rethinking Free Speech And Civil Liability, Daniel J. Solove, Neil M. Richards

GW Law Faculty Publications & Other Works

One of the most important and unresolved quandaries of First Amendment jurisprudence involves when civil liability for speech will trigger First Amendment protections. When speech results in civil liability, two starkly opposing rules are potentially applicable. Since New York Times v. Sullivan, the First Amendment requires heightened protection against tort liability for speech, such as defamation and invasion of privacy. But in other contexts involving civil liability for speech, the First Amendment provides virtually no protection. According to Cohen v. Cowles, there is no First Amendment scrutiny for speech restricted by promissory estoppel and contract. The First Amendment rarely requires …

Data Mining And The Security-Liberty Debate, Daniel J. Solove

GW Law Faculty Publications & Other Works

In this essay, written for a symposium on surveillance for the University of Chicago Law Review, I examine some common difficulties in the way that liberty is balanced against security in the context of data mining. Countless discussions about the trade-offs between security and liberty begin by taking a security proposal and then weighing it against what it would cost our civil liberties. Often, the liberty interests are cast as individual rights and balanced against the security interests, which are cast in terms of the safety of society as a whole. Courts and commentators defer to the government's assertions about …

Necessary Subjects: The Need For A Mandatory National Donor Gamete Registry, Naomi R. Cahn

GW Law Faculty Publications & Other Works

This brief article calls for a mandatory national donor gamete registry. It first discusses the history of secrecy in the adoption context before turning to issues involving confidentiality in the donor context. After analyzing the issues involved in maintaining the secrecy of donor gametes, the article ultimately recommends the establishment of a national information registry, similar to that in place in numerous other countries, to keep track of children both through donor egg, embryo, and sperm, as well as the identities of the gamete providers. Participation in the registry would be mandatory for anyone involved in supplying donor gametes. Once …

The Case For Tolerant Constitutional Patriotism: The Right To Privacy Before The European Courts, Francesca Bignami

GW Law Faculty Publications & Other Works

The theory of constitutional patriotism has been advanced as a solution to the European Union's legitimacy woes. Europeans, according to this theory, should recognize themselves as members of a single human community and thus acknowledge the legitimacy of Europe-wide governance based on their shared belief in a common set of liberal democratic values. Yet in its search for unity, constitutional patriotism, like nationalism and other founding myths, carries the potential for the exclusion of others. This article explores the illiberal tendencies of one element of the liberal canon - the right to privacy - in the case law of Europe's …

Understanding Privacy (Chapter One), Daniel J. Solove

GW Law Faculty Publications & Other Works

Privacy is one of the most important concepts of our time, yet it is also one of the most elusive. As rapidly changing technology makes information increasingly available, scholars, activists, and policymakers have struggled to define privacy, with many conceding that the task is virtually impossible.

In UNDERSTANDING PRIVACY (Harvard University Press, May 2008), Professor Daniel J. Solove offers a comprehensive overview of the difficulties involved in discussions of privacy and ultimately provides a provocative resolution. He argues that no single definition can be workable, but rather that there are multiple forms of privacy, related to one another by family …

The New Vulnerability: Data Security And Personal Information, Daniel J. Solove

GW Law Faculty Publications & Other Works

This book chapter was originally written for a conference on privacy and security at Stanford Law School held in March 2004. The chapter argues that abuses of personal information are caused by the failure to regulate the way companies manage personal information. Despite taking elaborate technological measures to protect their data systems, companies readily disseminate the personal information they have collected to a host of other entities and sometimes even to anyone willing to pay a small fee. Companies provide access to their record systems over the phone to anybody in possession of a few easy-to-find pieces of personal information …

'I'Ve Got Nothing To Hide' And Other Misunderstandings Of Privacy, Daniel J. Solove

GW Law Faculty Publications & Other Works

In this short essay, written for a symposium in the San Diego Law Review, Professor Daniel Solove examines the nothing to hide argument. When asked about government surveillance and data mining, many people respond by declaring: "I've got nothing to hide." According to the nothing to hide argument, there is no threat to privacy unless the government uncovers unlawful activity, in which case a person has no legitimate justification to claim that it remain private. The nothing to hide argument and its variants are quite prevalent, and thus are worth addressing. In this essay, Solove critiques the nothing to hide …

Privacy's Other Path: Recovering The Law Of Confidentiality, Daniel J. Solove, Neil M. Richards

GW Law Faculty Publications & Other Works

The familiar legend of privacy law holds that Samuel Warren and Louis Brandeis invented the right to privacy in 1890, and that William Prosser aided its development by recognizing four privacy torts in 1960. In this article, Professors Richards and Solove contend that Warren, Brandeis, and Prosser did not invent privacy law, but took it down a new path. Well before 1890, a considerable body of Anglo-American law protected confidentiality, which safeguards the information people share with others. Warren, Brandeis, and later Prosser turned away from the law of confidentiality to create a new conception of privacy based on the …

The Future Of Reputation: Gossip, Rumor, And Privacy On The Internet, Daniel J. Solove

GW Law Faculty Publications & Other Works

YouTube. Facebook. MySpace. Wikipedia. Google. These are among the many new ways people are communicating and obtaining information. In THE FUTURE OF REPUTATION: GOSSIP, RUMOR, AND PRIVACY ON THE INTERNET (Yale University Press, October 2007), Professor Daniel J. Solove warns that this new world demands new thinking about the nature of privacy.

Teeming with chatrooms, online discussion groups, and blogs, the Internet offers previously unimagined opportunities for personal expression and communication. But there's a dark side to the story. A trail of information fragments about us is forever preserved on the Internet, instantly available in a Google search. A permanent …

Towards A Right To Privacy In Transnational Intelligence Networks, Francesca Bignami

GW Law Faculty Publications & Other Works

Transnational intelligence networks have emerged as an essential tool for combating international terrorism and criminal activity. As with domestic intelligence-gathering, they raise a number of privacy concerns: the risk of false information, the danger that intelligence will be used for illegitimate purposes, and the burden placed on human dignity and individual autonomy by free-wheeling data gathering. Transnational networks, however, exacerbate these privacy problems due to the dispersed nature of government authority and the difficulty of ensuring compliance with privacy duties by each node in the network. This article illustrates the dangers of transnational intelligence sharing with the case of Maher …

Privacy For The Working Class: Public Work And Private Lives, Michael Selmi

GW Law Faculty Publications & Other Works

Privacy has become the law's chameleon, simultaneously everywhere and nowhere. This is particularly true of the workplace where employees often seek some private space but where the law, particularly the formidable employment-at-will rule, typically frustrates that search. As the workplace has expanded both in its scope and importance, additional concerns have been raised about an employer's potential reach outside of the workplace. In this symposium contribution, I explore the privacy issue by asking a fundamental question: what do employees deserve? My answer is that, as a matter of policy, we ought to concede privacy issues as the employer's domain at …

Family, Naomi R. Cahn

GW Law Faculty Publications & Other Works

Based on contemporary privacy law, this entry discusses two different aspects of family privacy: (1) the marital relationship and (2) the parent-child relationship. Marital privacy protects several aspects of married life. The first form of marital privacy protects the very decision of whom to marry. While state laws generally establish who may marry whom, the Supreme Court has established the quasi-fundamental nature of the right to marry. The second form of marital privacy involves the right to relational privacy. This constitutionally developed right to marital privacy protects the relationship from undue interference, particularly in the context of sexual decision-making.

There …

A Taxonomy Of Privacy, Daniel J. Solove

GW Law Faculty Publications & Other Works

Privacy is a concept in disarray. Nobody can articulate what it means. As one commentator has observed, privacy suffers from an embarrassment of meanings. Privacy is far too vague a concept to guide adjudication and lawmaking, as abstract incantations of the importance of privacy do not fare well when pitted against more concretely-stated countervailing interests.

In 1960, the famous torts scholar William Prosser attempted to make sense of the landscape of privacy law by identifying four different interests. But Prosser focused only on tort law, and the law of information privacy is significantly more vast and complex, extending to Fourth …

A Brief History Of Information Privacy Law, Daniel J. Solove

GW Law Faculty Publications & Other Works

This book chapter provides a brief history of information privacy law in the United States from colonial times to the present. It discusses the development of the common law torts, Fourth Amendment law, the constitutional right to information privacy, numerous federal statutes pertaining to privacy, electronic surveillance laws, and more. It explores how the law has emerged and changed in response to new technologies that have increased the collection, dissemination, and use of personal information.

A Tale Of Two Bloggers: Free Speech And Privacy In The Blogosphere, Daniel J. Solove

GW Law Faculty Publications & Other Works

This short essay was written for the symposium, Bloggership: How Blogs are Transforming Legal Scholarship, held at Harvard Law School on April 27-28, 2006. In this essay, Professor Solove examines Glenn Reynold's new book, An Army of Davids, which champions little guy bloggers (the Davids) who are taking on mainstream media entities (the Goliaths).

Who exactly is David? We have a rather romantic conception of bloggers; we envision Eugene Volokh, but most bloggers are probably more akin to Jessica Cutler, the U.S. Senate staffer who blogged about sex gossip. The average blogger is a teenager writing an online diary, not …