Internet Law Commons^™

Security In The Digital Age, Michael Gentithes

Akron Law Review

Rapidly evolving technology allows governments and businesses to elevate our collective well-being in ways we could not have imagined just decades ago. Data is now a resource that governments and businesses alike can mine to address the world’s needs with greater efficiency, accuracy, and flexibility. But evolving technology and advanced data analytics also come with risk. New digital capabilities also create new means for nefarious actors to infiltrate the complex technological systems at the heart of nearly all of our daily activities. Just as new digital tools emerge to offer unique goods and services, new tools allow wrongdoers to invade …

“Statistics Are Human Beings With The Tears Wiped Away”: Utilizing Data To Develop Strategies To Reduce The Number Of Native Americans Who Go Missing, Lori Mcpherson, Sarah Blazucki

Seattle University Law Review

On New Year’s Eve night, 2019, sixteen-year-old Selena Shelley Faye Not Afraid attended a party in Billings, Montana, about fifty miles west of her home in Hardin, Montana, near the Crow Reservation. A junior at the local high school, she was active in her community. The party carried over until the next day, and she caught a ride back toward home with friends in a van the following afternoon. When the van stopped at an interstate rest stop, Selena got out but never made it back to the van. The friends reported her missing to the police and indicated they …

Brokered Abuse, Thomas E. Kadri

Scholarly Works

Data brokers are abuse enablers. These companies, which traffic information about people for profit, facilitate interpersonal abuse by making it easier to find and contact people. By thwarting people’s obscurity, brokers expose them to physical, psychological, financial, and reputational harm. To date, there have been four common legal responses to this situation: prohibiting abusive acts, mandating broker transparency, limiting data collection, and restricting data disclosure. Though these measures each have some merit, none is adequate, and several recent privacy laws have even made matters worse. Put simply, the current legal landscape is neither effective nor empathetic.

This Essay explores the …

Too Much Of A Good Thing? A Governing Knowledge Commons Review Of Abundance In Context, Michael J. Madison, Brett M. Frischmann, Madelyn Sanfilippo, Katherine J. Strandburg

Articles

The economics of abundance, along with the sociology of abundance, the law of abundance, and so forth, should be re-framed, linked, and situated in a common context for empirical rather than conceptual research. Abundance may seem to be a new, big thing, between anxiety over information overload, Big Data, and related technological disruptions. But scholars know that abundance is an ancient phenomenon, which only seemed to disappear as twentieth century social science focused on scarcity instead. Restoring the study of abundance, and figuring out how to solve the problems that abundance might create, means shedding disciplinary blinders and going back …

Passcodes, Protection, And Legal Practicality: The Necessity Of A Digital Fifth Amendment, Ethan Swierczewski

Catholic University Journal of Law and Technology

No abstract provided.

Legislating Data Loyalty, Woodrow Hartzog, Neil Richards

Faculty Scholarship

Lawmakers looking to embolden privacy law have begun to consider imposing duties of loyalty on organizations trusted with people’s data and online experiences. The idea behind loyalty is simple: organizations should not process data or design technologies that conflict with the best interests of trusting parties. But the logistics and implementation of data loyalty need to be developed if the concept is going to be capable of moving privacy law beyond its “notice and consent” roots to confront people’s vulnerabilities in their relationship with powerful data collectors.

In this short Essay, we propose a model for legislating data loyalty. Our …

Taking It With You: Platform Barriers To Entry And The Limits Of Data Portability, Gabriel Nicholas

Michigan Technology Law Review

Policymakers are faced with a vexing problem: how to increase competition in a tech sector dominated by a few giants. One answer proposed and adopted by regulators in the United States and abroad is to require large platforms to allow consumers to move their data from one platform to another, an approach known as data portability. Facebook, Google, Apple, and other major tech companies have enthusiastically supported data portability through their own technical and political initiatives. Today, data portability has taken hold as one of the go-to solutions to address the tech industry’s competition concerns.

This Article argues that despite …

Shifting Contour Of Data Sharing In Financial Market And Regulatory Responses: The Uk And Australian Models, Han-Wei Liu

American University Business Law Review

I. INTRODUCTION

Starting from Directive 2015/2366 on Payment Services in the Internal Market — known as PSD II in the European Union (EU) — countries across the world have or are contemplating a new framework to govern data sharing among different players in the financial market. “Open Banking,” as this trend is called, requires or encourages — depending on the regulatory models adopted in different jurisdictions — banks to share consumer-permissioned banking data with third parties securely, in a form that facilitates its use. The Open Banking initiatives have diffused from the EU, and the UK, to elsewhere. The current …

"Times They Are A Changin'" - Can The Ad Tech Industry Survive In A Privacy Conscious World?, Meaghan Donahue

Catholic University Journal of Law and Technology

The "ad tech ecosystem" is a web of interconnected technologies and intermediaries that facilitate targeted advertising based on consumer data, and supports the free internet while providing users with promotional content relevant to their interests. However, in recent years, lawmakers and consumer advocates have highlighted the dangers associated with the unregulated use of consumer data for advertising purposes, prompting a flurry of legislative action at both the state and federal levels. These various laws and proposed bills impose new challenges on the ad tech industry--threatening to fundamentally change the way the business operates. However, through innovation and creative thinking, the …

Algorithms In Business, Merchant-Consumer Interactions, & Regulation, Tabrez Y. Ebrahim

Faculty Scholarship

The shift towards the use of algorithms in business has transformed merchant–consumer interactions. Products and services are increasingly tailored for consumers through algorithms that collect and analyze vast amounts of data from interconnected devices, digital platforms, and social networks. While traditionally merchants and marketeers have utilized market segmentation, customer demographic profiles, and statistical approaches, the exponential increase in consumer data and computing power enables them to develop and implement algorithmic techniques that change consumer markets and society as a whole. Algorithms enable targeting of consumers more effectively, in real-time, and with high predictive accuracy in pricing and profiling strategies. In …

Symposium: The California Consumer Privacy Act, Margot Kaminski, Jacob Snow, Felix Wu, Justin Hughes

Loyola of Los Angeles Law Review

Loyola of Los Angeles Law Review is pleased to publish the third “symposium discussion” series in which leading experts are invited to engage in an evening symposium on a new or emerging area of law. The subject of our second evening symposium was the California Consumer Privacy Act (CCPA), a statute signed into state law by then- Governor Jerry Brown on June 28, 2018 and effective as of January 1, 2020.

As with most new law, there are many unsettled issues, disagreements about the likely impact of the law, and much to be developed as regulations are established and the …

Untangling The Privacy Law Web: Why The California Consumer Privacy Act Furthers The Need For Federal Preemptive Legislation, Jordan Yallen

Loyola of Los Angeles Law Review

No abstract provided.

The Limits And Possibilities Of Data-Driven Antitrafficking Efforts, Jennifer Musto Ph.D.

Georgia State University Law Review

An examination of technology in the countertrafficking space reveals recurring tensions between law enforcement and rights-based approaches. It also illuminates assumptions, such as the one that posits more law enforcement-focused, nonstate-actor-supported data-driven efforts are necessary to securing justice for people in trafficking situations. However, a closer look at how technology is used and by whom also invites us to ask different questions and to leverage the power of our all-too-human creative potential in thinking about how to value and prioritize data ethics, transparency, and accountability in future countertrafficking work.

Data Governance And The Emerging University, Michael J. Madison

Book Chapters

Knowledge and information governance questions are tractable primarily in institutional terms, rather than in terms of abstractions such as knowledge itself or individual or social interests. This chapter offers the modern research university as an example. Practices of data-intensive research by university-based researchers, sometimes reduced to the popular phrase “Big Data,” pose governance challenges for the university. The chapter situates those challenges in the traditional understanding of the university as an institution for understanding forms and flows of knowledge. At a broad level, the chapter argues that the new salience of data exposes emerging shifts in the social, cultural, and …

Tools For Data Governance, Michael J. Madison

Articles

This article describes the challenges of data governance in terms of the broader framework of knowledge commons governance, an institutional approach to governing shared knowledge, information, and data resources. Knowledge commons governance highlights the potential for effective community- and collective-based governance of knowledge resources. The article focuses on key concepts within the knowledge commons framework rather than on specific law and public policy questions, directing the attention of researchers and policymakers to critical inquiry regarding relevant social groups and relevant data “things.” Both concepts are key tools for effective data governance.

Symposium: The California Consumer Privacy Act, Margot Kaminski, Jacob Snow, Felix Wu, Justin Hughes

Publications

This symposium discussion of the Loyola of Los Angeles Law Review focuses on the newly enacted California Consumer Privacy Act (CPPA), a statute signed into state law by then-Governor Jerry Brown on June 28, 2018 and effective as of January 1, 2020. The panel was held on February 20, 2020.

The panelists discuss how businesses are responding to the new law and obstacles for consumers to make effective use of the law’s protections and rights. Most importantly, the panelists grapple with questions courts are likely to have to address, including the definition of personal information under the CCPA, the application …

Making Room For Big Data: Web Scraping And An Affirmative Right To Access Publicly Available Information Online, Amber Zamora

The Journal of Business, Entrepreneurship & the Law

This paper will explore the legality of web scraping through the lens of recent litigation between web scraper hiQ Labs and the online professional networking platform, LinkedIn. First, the paper will study the background of web scraping litigation, some challenges courts face in issuing consistent verdicts, and the most common claims companies make against web scrapers. Then the paper will address three of the most common claims and identify court motivations and limitations within the doctrines. The first claims are those arising from the federal Computer Fraud and Abuse Act (CFAA). Next, the paper will investigate copyright claims and defenses …

Digital Colonialism: The 21st Century Scramble For Africa Through The Extraction And Control Of User Data And The Limitations Of Data Protection Laws, Danielle Coleman

Michigan Journal of Race and Law

As Western technology companies increasingly rely on user data globally, extensive data protection laws and regulations emerged to ensure ethical use of that data. These same protections, however, do not exist uniformly in the resource-rich, infrastructure-poor African countries, where Western tech seeks to establish its presence. These conditions provide an ideal landscape for digital colonialism.

Digital colonialism refers to a modern-day “Scramble for Africa” where largescale tech companies extract, analyze, and own user data for profit and market influence with nominal benefit to the data source. Under the guise of altruism, large scale tech companies can use their power and …

Privacy Statements Under The Gdpr, Mike Hintze

Seattle University Law Review

The need to include specific types of information in a privacy statement is a GDPR compliance obligation that does not get as much attention as some other GDPR requirements. Perhaps that is because privacy statements have been much maligned in recent years. They are too long and full of legalese. Nobody reads them. They are part of a notice and consent approach to privacy that puts an unrealistic burden on consumers to make informed choices. But despite these well-known criticisms, the GDPR doubles down on privacy statements. In fact, gauging by the roughly fourfold increase in privacy statement requirements compared …

Confiding In Con Men: U.S. Privacy Law, The Gdpr, And Information Fiduciaries, Lindsey Barrett

Seattle University Law Review

In scope, ambition, and animating philosophy, U.S. privacy law and Europe’s General Data Protection Regulation are almost diametric opposites. The GDPR’s ambitious individual rights, significant prohibitions, substantive enforcement regime, and broad applicability contrast vividly with a scattershot U.S. regime that generally prioritizes facilitating commerce over protecting individuals, and which has created perverse incentives for industry through anemic enforcement of the few meaningful limitations that do exist. A privacy law that characterizes data collectors as information fiduciaries could coalesce with the commercial focus of U.S. law, while emulating the GDPR’s laudable normative objectives and fortifying U.S. consumer privacy law with a …

The Gdpr: It Came, We Saw, But Did It Conquer?, Leila Javanshir

Seattle University Law Review

On February 1, 2019, the Seattle University Law Review held its annual symposium at the Seattle University School of Law. Each year, the Law Review hosts its symposium on a topic that is timely and meaningful. This year, privacy and data security professionals from around the globe gathered to discuss the current and future effects of the General Data Protection Regulation (GDPR) that was implemented on May 25, 2018. The articles and essays that follow this Foreword are the product of this year’s symposium.

Footprints: Privacy For Enterprises, Processors, And Custodians…Oh My!, Blair Witzel, Carrie Mount

Seattle University Law Review

Americans’ interest in privacy—as evidenced by increasing news coverage, online searches, and new legislation—has grown over the past decade. After the European Union enacted the General Data Protection Regulation (GDPR), technologists and legal professionals have focused on primary collectors of data—known under various legal regimes as the “controller” or “custodian.” Thanks to advances in computing, many of these data collectors offload the processing of data to third parties providing data-related cloud services like Amazon, Microsoft, and Google. In addition to the data they have already collected about the data subjects themselves, these companies now “hold” that data on behalf of …

Artificial Intellegence And Policing: First Questions, Elizabeth E. Joh

Seattle University Law Review

Artificial intelligence is playing an increasingly larger role in all sectors of society, including policing. Many police departments are already using artificial intelligence (AI) to help predict and identify suspicious persons and places.1 Increased computational power and oceans of data have given rise to inferences about violence and threats.2 AI will change policing just as it will healthcare, insurance, commerce, and transportation. But what questions should we ask about AI and policing?

The Struggle To Define Privacy Rights And Liabilities In A Digital World And The Unfortunate Role Of Constitutional Standing, Juan Olano

University of Miami Law Review

Today’s world runs on data. The creation and improvement of technological products and services depend on the exchange of data between people and companies. As people’s lives become more digitized, companies can collect, store, and analyze more data, and in turn, create better technology. But, because consumer data can be very sensitive (think Social Security numbers, GPS location, fingerprint recognition, etc.) this cyclical exchange comes with serious privacy risks; especially in light of more frequent and sophisticated cyberattacks. This creates a face-off between technological growth and privacy rights. While it makes sense that people should be willing to subside some …

Privacy In The Age Of The Hacker: Balancing Global Privacy And Data Security Law, Cunningham, Mckay, Mckay Cunningham

McKay Cunningham

The twin goals of privacy and data security share a fascinating symbiotic relationship: too much of one undermines the other. The international regulatory climate, embodied principally by the European Union’s 1995 Directive, increasingly promotes privacy. In the last two decades, fifty-three countries enacted national legislation largely patterned after the E.U. Directive. These laws, by and large, protect privacy by restricting data processing and data transfers.

At the same time, hacking, malware, and other cyber-threats continue to grow in frequency and sophistication. In 2010, one security firm recorded 286 million variants of malware and reported that 232.4 million identities were exposed. …

The Tortoise And The Hare Of International Data Privacy Law: Can The United States Catch Up To Rising Global Standards?, Matthew Humerick

Catholic University Journal of Law and Technology

Technological developments spur the development of big data on a global scale. The breadth of data companies collect, maintain, process, and transmit affects nearly every country and organization around the world. Inherent to big data are issues of data protection and transfers to third countries. While many jurisdictions emphasize the importance of protecting consumer data, such as the European Union, others, like the United States, do not. To circumvent this issue, the United States and European Union contracted around data privacy standard discrepancies through the Safe Harbor Agreement, which eased cross-border data transfers. However, the Court of Justice of the …

Borders And Bits, Jennifer Daskal

Articles in Law Reviews & Other Academic Journals

Our personal data is everywhere and anywhere, moving across national borders in ways that defy normal expectations of how things and people travel from Point A to Point B. Yet, whereas data transits the globe without any intrinsic ties to territory, the governments that seek to access or regulate this data operate with territorial-based limits. This Article tackles the inherent tension between how governments and data operate, the jurisdictional conflicts that have emerged, and the power that has been delegated to the multinational corporations that manage our data across borders as a result. It does so through the lens of …

The Industrial Internet Of Things: Risks, Liabilities, And Emerging Legal Issues, Mauricio Paez, Kerianne Tobitsch

NYLS Law Review

No abstract provided.

Keynote Address: The Digital Forevermore, Thomas J. Ridge

University of Richmond Law Review

No abstract provided.

Newsroom: Cybersecurity: Obama's Conflicted Legacy 02-17-2017, Peter Margulies

Life of the Law School (1993- )

No abstract provided.