Privacy Law Commons^™

Project Risk Management In Ai-Enabled Systems: Managing Ethical, Privacy, And Governance Risks, Onome Cynthia Anakanire

Harrisburg University Dissertations and Theses

This research examined how Artificial intelligence (AI) has been embedded in project-based work, particularly in finance and software industries, where it enables efficiency and assists in complex decision-making. However, these innovations introduce significant ethical, privacy, and governance risks that traditional project risk management frameworks fail to adequately address. This study investigated how project managers can systematically integrate the management of these emerging risks into AI-enabled projects. Using a qualitative research design, the study drew on semi-structured interviews with project managers, compliance officers, and AI developers in finance, software and related sectors. Supplementary data included internal project documentation and risk registers. …

Securing Biometric Data, Alyssa F. Carroll

Cybersecurity Undergraduate Research Showcase

Biometric data has been widely adopted across various sectors, including digital identity, artificial intelligence (AI), border control, digital wallets, and national identification systems. While biometric identifiers—such as fingerprints, retina scans, and facial recognition—offer reliable and convenient authentication, they also raise significant concerns regarding privacy and security. This paper examines how biometric data is stored, the vulnerabilities it faces, and the most effective methods for safeguarding it. By highlighting the critical importance of biometric data protection, this study reviews current research on approaches, strategies, and policies that enhance security while preserving the functionality and efficiency of biometric systems.

Smartphones On Wheels In Southeast Asia: A Crossroads For Data Governance, Attamongkol Tantratian, Gunn Jiravuttipong

Journal of Law and Mobility

While the transformation of automobiles into data-generating “smartphones on wheels” has revolutionized mobility, it has also raised critical concerns over data privacy and sovereignty. Equipped with sensors and connected technologies, smart vehicles collect vast amounts of data, including personal information, driving patterns, and biometric identifiers. While auto-exporting jurisdictions such as the United States, the European Union, and China have introduced regulatory measures to address these challenges, countries importing smart vehicles remain vulnerable due to their limited influence over the auto companies’ integrated technology and data policies.

This Article examines the regulatory and economic challenges faced by developing nations integrating foreign-designed …

Enhanced Privacy-Enabled Face Recognition Using Κ-Identity Optimization, Ryan Karl

Department of Electrical and Computer Engineering: Dissertations, Theses, and Student Research

Facial recognition is becoming more and more prevalent in the daily lives of the common person. Law enforcement utilizes facial recognition to find and track suspects. The newest smartphones have the ability to unlock using the user's face. Some door locks utilize facial recognition to allow correct users to enter restricted spaces. The list of applications that use facial recognition will only increase as hardware becomes more cost-effective and more computationally powerful. As this technology becomes more prevalent in our lives, it is important to understand and protect the data provided to these companies. Any data transmitted should be encrypted …

Integrating Nist And Iso Cybersecurity Audit And Risk Assessment Frameworks Into Cameroonian Law, Bernard Ngalim

Journal of Cybersecurity Education, Research and Practice

This paper reviews cybersecurity laws and regulations in Cameroon, focusing on cybersecurity and information security audits and risk assessments. The importance of cybersecurity risk assessment and the implementation of security controls to cure deficiencies noted during risk assessments or audits is a critical step in developing cybersecurity resilience. Cameroon's cybersecurity legal framework provides for audits but does not explicitly enumerate controls. Consequently, integrating relevant controls from the NIST frameworks and ISO Standards can improve the cybersecurity posture in Cameroon while waiting for a comprehensive revision of the legal framework. NIST and ISO are internationally recognized as best practices in information …

Law Informs Code: A Legal Informatics Approach To Aligning Artificial Intelligence With Humans, John J. Nay

Northwestern Journal of Technology and Intellectual Property

Artificial Intelligence (AI) capabilities are rapidly advancing. Highly capable AI could cause radically different futures depending on how it is developed and deployed. We are unable to specify human goals and societal values in a way that reliably directs AI behavior. Specifying the desirability (value) of AI taking a particular action in a particular state of the world is unwieldy beyond a very limited set of state-action-values. The purpose of machine learning is to train on a subset of states and have the resulting agent generalize an ability to choose high value actions in unencountered circumstances. Inevitably, the function ascribing …

Misinformation And Disinformation: Detecting Fakes With The Eye And Ai, Victoria Rubin

Data and Test Instruments

How do we detect, deter, and prevent the spread of mis- and disinformationwith the human eye and AI? How does theory inform the practice, and how do theevidence-based research and best practices in lie-catching and truth-seekingprofessions—inform AI? The book looks into well-established human practicessuch as the routines and processes used in detective work, journalism, and scientificinquiry, and how they contribute toward innovative AI solutions. The book explainsthe principles, inner workings, and recent evolution of five types of state-of-the-artAI technologies suitable for curtailing the spread of mis- and disinformation:automated deception detectors, clickbait detectors, satirical fake detectors, rumordebunkers, and computational fact-checking tools.

Dismantling The “Black Opticon”: Privacy, Race Equity, And Online Data-Protection Reform, Anita L. Allen

All Faculty Scholarship

African Americans online face three distinguishable but related categories of vulnerability to bias and discrimination that I dub the “Black Opticon”: discriminatory oversurveillance, discriminatory exclusion, and discriminatory predation. Escaping the Black Opticon is unlikely without acknowledgement of privacy’s unequal distribution and privacy law’s outmoded and unduly race-neutral façade. African Americans could benefit from race-conscious efforts to shape a more equitable digital public sphere through improved laws and legal institutions. This Essay critically elaborates the Black Opticon triad and considers whether the Virginia Consumer Data Protection Act (2021), the federal Data Protection Act (2021), and new resources for the Federal Trade …

A Proportionality-Based Framework For Government Regulation Of Digital Tracing Apps In Times Of Emergency, Sharon Bassan

Dickinson Law Review (2017-Present)

Times of emergency present an inherent conflict between the public interest and the preservation of individual rights. Such times require granting emergency powers to the government on behalf of the public interest and relaxing safeguards against government actions that infringe rights. The lack of theoretical framework to assess governmental decisions in times of emergency leads to a polarized and politicized discourse about potential policies, and often, to public distrust and lack of compliance.

Such a discourse was evident regarding Digital Tracing Apps (“DTAs”), which are apps installed on cellular phones to alert users that they were exposed to people who …

Effects Of Cloud Computing In The Workforce, Kevin Rossi Acosta

Cybersecurity Undergraduate Research Showcase

In recent years, the incorporation of cloud computing and cloud services has increased in many different types of organizations and companies. This paper will focus on the philosophical, economical, and political factors that cloud computing and cloud services have in the workforce and different organizations. Based on various scholarly articles and resources it was observed that organizations used cloud computing and cloud services to increase their overall productivity as well as decrease the overall cost of their operations, as well as the different policies that were created by lawmakers to control the realm of cloud computing. The results of this …

The Ftc And Ai Governance: A Regulatory Proposal, Michael Spiro

Seattle Journal of Technology, Environmental, & Innovation Law

No abstract provided.

Global Privacy Concerns Of Facial Recognition Big Data, Myranda Westbrook

Honors Theses

Facial recognition technology is a system of automatic acknowledgement that recognizes individuals by categorizing specific features of their facial structure to link the scanned information to stored data. Within the past few decades facial recognition technology has been implemented on a large scale to increase the security measures needed to access personal information. This has been specifically used in surveillance systems, social media platforms, and mobile device access control. The extensive use of facial recognition systems has created challenges as it relates to biometric information control and privacy concerns. This concern raises the cost and benefit analysis of an individual’s …

Poland’S Challenge To Eu Directive 2019/790: Standing Up To The Destruction Of European Freedom Of Expression, Michaela Cloutier

Dickinson Law Review (2017-Present)

In 2019, the European Parliament and Council passed Directive 2019/790. The Directive’s passage marked the end of a fouryear- long legislative attempt to impose more liability for copyright violations on Online Service Providers, an effort which was controversial from the start. Online Service Providers fear that the 2019 Directive, especially its Article 17, will completely change the structure of liability on the Internet, forcing providers to adopt expensive content filtering systems. Free speech advocates fear that ineffective filtering technology will infringe upon Internet users’ rights to express themselves, and legal scholars have pointed out the Directive’s inconsistency with prior European …

The Law Of Black Mirror - Syllabus, Yafit Lev-Aretz, Nizan Packin

Open Educational Resources

Using episodes from the show Black Mirror as a study tool - a show that features tales that explore techno-paranoia - the course analyzes legal and policy considerations of futuristic or hypothetical case studies. The case studies tap into the collective unease about the modern world and bring up a variety of fascinating key philosophical, legal, and economic-based questions.

The Data Market: A Proposal To Control Data About You, David Shaw, Daniel W. Engels

SMU Data Science Review

The current legal and economic infrastructure facilitating data collection practices and data analysis has led to extreme over-collection of data and the overall loss of personal privacy. Data over-collection has led to a secondary market for consumer data that is invisible to the consumer and results in a person's data being distributed far beyond their knowledge or control. In this paper, we propose a Data Market framework and design for personal data management and privacy protection in which the individual controls and profits from the dissemination of their data. Our proposed Data Market uses a market-based approach utilizing blockchain distributed …

Internet Of Things For Sustainability: Perspectives In Privacy, Cybersecurity, And Future Trends, Abdul Salam

Faculty Publications

In the sustainability IoT, the cybersecurity risks to things, sensors, and monitoring systems are distinct from the conventional networking systems in many aspects. The interaction of sustainability IoT with the physical world phenomena (e.g., weather, climate, water, and oceans) is mostly not found in the modern information technology systems. Accordingly, actuation, the ability of these devices to make changes in real world based on sensing and monitoring, requires special consideration in terms of privacy and security. Moreover, the energy efficiency, safety, power, performance requirements of these device distinguish them from conventional computers systems. In this chapter, the cybersecurity approaches towards …

Smart Factories, Dumb Policy? Managing Cybersecurity And Data Privacy Risks In The Industrial Internet Of Things, Scott J. Shackelford

Minnesota Journal of Law, Science & Technology

No abstract provided.

Efficient Privacy-Aware Imagery Data Analysis, Yifan Tian

Doctoral Dissertations and Master's Theses

The widespread use of smartphones and camera-coupled Internet of Thing (IoT) devices triggers an explosive growth of imagery data. To extract and process the rich contents contained in imagery data, various image analysis techniques have been investigated and applied to a spectrum of application scenarios. In recent years, breakthroughs in deep learning have powered a new revolution for image analysis in terms of effectiveness with high resource consumption. Given the fact that most smartphones and IoT devices have limited computational capability and battery life, they are not ready for the processing of computational intensive analytics over imagery data collected by …

Privacidad Digital En Ecuador: El Papel De La Vigilancia, La Jurisprudencia Y Los Derechos Humanos, Giselle Valdez

Independent Study Project (ISP) Collection

Este documento es un estudio de caso sobre la privacidad digital en Ecuador, cómo se protege y cómo se debe mejorar las protecciones. Comienzo presentando la falta de privacidad de la persona en Ecuador, a través de la reciente violación de datos y las tecnologías de vigilancia en todo el país desde China. Luego, para analizar la jurisprudencia y la falta de protección de la privacidad en la ley, hago la transición a un análisis legal de la privacidad de datos en Ecuador a través de la Constitución de 2008. Cuando establezco que falta privacidad digital en Ecuador, demuestro una …

Centralizing Energy Consumption Data In State Energy Data Centers, Zach Sibley

Minnesota Journal of Law, Science & Technology

No abstract provided.

Bleeding Out: The Case For Strengthening Healthcare Client Portal Data Privacy Regulations, Matthew D. Mccord

Minnesota Journal of Law, Science & Technology

No abstract provided.

Lowering Legal Barriers To Rpki Adoption, Christopher S. Yoo, David A. Wishnick

All Faculty Scholarship

Across the Internet, mistaken and malicious routing announcements impose significant costs on users and network operators. To make routing announcements more reliable and secure, Internet coordination bodies have encouraged network operators to adopt the Resource Public Key Infrastructure (“RPKI”) framework. Despite this encouragement, RPKI’s adoption rates are low, especially in North America.

This report presents the results of a year-long investigation into the hypothesis—widespread within the network operator community—that legal issues pose barriers to RPKI adoption and are one cause of the disparities between North America and other regions of the world. On the basis of interviews and analysis of …

How Useful Is Gsv As An Environmental Observation Tool? An Analysis Of The Evidence So Far., Katherine Nesse, Leah Airt

SPU Works

Researchers in many disciplines have turned to Google Street View to replace pedestrian- or carbased in-person observation of streetscapes. It is most prevalent within the research literature on the relationship between neighborhood environments and public health but has been used as diverse as disaster recovery, ecology and wildlife habitat, and urban design. Evaluations of the tool have found that the results of GSV-based observation are similar to the results from in-person observation although the similarity depends on the type of characteristic being observed. Larger, permanent and discrete features showed more consistency between the two methods and smaller, transient and judgmental …

Toward A Closer Integration Of Law And Computer Science, Christopher S. Yoo

All Faculty Scholarship

Legal issues increasingly arise in increasingly complex technological contexts. Prominent recent examples include the Stop Online Piracy Act (SOPA) and the Protect Intellectual Property Act (PIPA), network neutrality, the increasing availability of location information, and the NSA’s surveillance program. Other emerging issues include data privacy, online video distribution, patent policy, and spectrum policy. In short, the rapid rate of technological change has increasingly shown that law and engineering can no longer remain compartmentalized into separate spheres. The logical response would be to embed the interaction between law and policy deeper into the fabric of both fields. An essential step would …

Cloud Computing: Architectural And Policy Implications, Christopher S. Yoo

All Faculty Scholarship

Cloud computing has emerged as perhaps the hottest development in information technology. Despite all of the attention that it has garnered, existing analyses focus almost exclusively on the issues that surround data privacy without exploring cloud computing’s architectural and policy implications. This article offers an initial exploratory analysis in that direction. It begins by introducing key cloud computing concepts, such as service-oriented architectures, thin clients, and virtualization, and discusses the leading delivery models and deployment strategies that are being pursued by cloud computing providers. It next analyzes the economics of cloud computing in terms of reducing costs, transforming capital expenditures …

Time Enough - Consequences Of Human Microchip Implantation, Elaine M. Ramesh

RISK: Health, Safety & Environment (1990-2002)

Dr. Ramesh argues that microchip implantation is both possible and, for some purposes, desirable and suggests that now is the time to consider strategies for preventing potentially grievous intrusion into personal privacy.