Privacy Law Commons^™

Privacy Nicks: How The Law Normalizes Surveillance, Woodrow Hartzog, Evan Selinger, Johanna Gunawan

Faculty Scholarship

Privacy law is failing to protect individuals from being watched and exposed, despite stronger surveillance and data protection rules. The problem is that our rules look to social norms to set thresholds for privacy violations, but people can get used to being observed. In this article, we argue that by ignoring de minimis privacy encroachments, the law is complicit in normalizing surveillance. Privacy law helps acclimate people to being watched by ignoring smaller, more frequent, and more mundane privacy diminutions. We call these reductions “privacy nicks,” like the proverbial “thousand cuts” that lead to death.

Privacy nicks come from the …

Layered Fiduciaries In The Information Age, Zhaoyi Li

Indiana Law Journal

Technology companies such as Facebook have long been criticized for abusing customers’ personal information and monetizing user data in a manner contrary to customer expectations. Some commentators suggest fiduciary law could be used to restrict how these companies use their customers’ data.1 Under this framework, a new member of the fiduciary family called the “information fiduciary” was born. The concept of an information fiduciary is that a company providing network services to “collect, analyze, use, sell, and distribute personal information” owes customers and end-users a fiduciary duty to use the collected data to promote their interests, thereby assuming fiduciary liability …

The World Moved On Without Me: Redefining Contraband In A Technology-Driven World For Youth Detained In Washington State, Stephanie A. Lowry

Seattle University Law Review

If you ask a teenager in the United States to show you one of their favorite memories, they will likely show you a picture or video on their cell phone. This is because Americans, especially teenagers, love cell phones. Ninety-seven percent of all Americans own a cell phone according to a continuously updated survey by the Pew Research Center. For teenagers aged thirteen to seventeen, the number is roughly 95%. For eighteen to twenty-nine-year-olds, the number grows to 100%. On average, eight to twelve-year-old’s use roughly five and a half hours of screen media per day, in comparison to thirteen …

Toward Stronger Data Protection Laws, Margot E. Kaminski

Publications

No abstract provided.

Persistent Surveillance, Andrew Guthrie Ferguson

Articles in Law Reviews & Other Academic Journals

Persistent surveillance technologies grant police vast new investigative capabilities. The technologies both monitor targeted areas and generate databases of searchable information about people, places, and patterns that can be connected and accessed for criminal prosecutions.

In the face of this growing police surveillance, courts have struggled to make sense of a fragmented Fourth Amendment doctrine. The Supreme Court has offered some clues that “digital may be different” when it comes to surveillance, but lower courts have been left struggling to apply old law to new technologies. Warrantless use of persistent surveillance technologies raises hard questions about when a “search” occurs …

Legislating Data Loyalty, Woodrow Hartzog, Neil Richards

Faculty Scholarship

Lawmakers looking to embolden privacy law have begun to consider imposing duties of loyalty on organizations trusted with people’s data and online experiences. The idea behind loyalty is simple: organizations should not process data or design technologies that conflict with the best interests of trusting parties. But the logistics and implementation of data loyalty need to be developed if the concept is going to be capable of moving privacy law beyond its “notice and consent” roots to confront people’s vulnerabilities in their relationship with powerful data collectors.

In this short Essay, we propose a model for legislating data loyalty. Our …

A New Reality: Deepfake Technology And The World Around Us, Molly Mullen

Mitchell Hamline Law Review

No abstract provided.

Agriculture & Data Privacy: I Want A Hipaa(Potamus) For Christmas . . . Maybe, Jennifer Zwagerman

Texas A&M Law Review

Technology advancements make life, work, and play easier and more enjoyable in many ways. Technology issues are also the cause of many headaches and dreams of living out the copier destruction scene from the movie “Office Space.” Whether it be user error or technological error, one key technology issue on many minds right now is how all the data produced every second of every day, in hundreds of different ways, is used by those that collect it.

How much data are we talking about here? In 2018, the tech company Domo estimated that by 2020 “1.7 MB of data will …

Chinese Technology Platforms Operating In The United States: Assessing The Threat (Originally Published As A Joint Report Of The National Security, Technology, And Law Working Group At The Hoover Institution At Stanford University And The Tech, Law & Security Program At American University Washington College Of Law), Gary Corn, Jennifer Daskal, Jack Goldsmith, Chris Inglis, Paul Rosenzweig, Samm Sacks, Bruce Schneier, Alex Stamos, Vincent Stewart

Joint PIJIP/TLS Research Paper Series

No abstract provided.

Brain-Computer-Interfacing & Respondeat Superior: Algorithmic Decisions, Manipulation, And Accountability In Armed Conflict, Salahudin Ali

Catholic University Journal of Law and Technology

This article examines the impact that brain-computer-interfacing platforms will have on the international law of armed conflict’s respondeat superior legal regime. Major Ali argues that the connection between the human brain and this nascent technology’s underlying technology of artificial intelligence and machine learning will serve as a disruptor to the traditional mental prerequisites required to impart culpability and liability on commanders for actions of their troops. Anticipating that BCI will become increasingly ubiquitous, Major Ali’s article offers frameworks for solution to BCI’s disruptive potential to the internal law of armed conflict.

Seeing (Platforms) Like A State: Digital Legibility And Lessons For Platform Governance, Neil Chilson

Catholic University Journal of Law and Technology

The growing backlash against Big Tech companies is a symptom of digital technology increasing the world’s legibility. James C. Scott’s book, Seeing Like a State: How Certain Schemes to Improve the Human Condition Have Failed, explores how past governments responded to increased legibility – for good and for ill. This article shows how Scott’s historical lessons can guide governments and tech platforms as they seek to improve the human condition online.

Good Health And Good Privacy Go Hand-In-Hand (Originally Published By Jnslp), Jennifer Daskal

Joint PIJIP/TLS Research Paper Series

No abstract provided.

The Threat Of Data Misuse As An Injury-In-Fact: Establishing A Uniform Framework For Constitutional Standing In The Privacy Era, Isabella Anderson

West Virginia Law Review

No abstract provided.

Privacy In Pandemic: Law, Technology, And Public Health In The Covid-19 Crisis, Tiffany Li

Faculty Scholarship

The COVID-19 pandemic has caused millions of deaths and disastrous consequences around the world, with lasting repercussions for every field of law, including privacy and technology. The unique characteristics of this pandemic have precipitated an increase in use of new technologies, including remote communications platforms, healthcare robots, and medical AI. Public and private actors are using new technologies, like heat sensing, and technologically-influenced programs, like contact tracing, alike in response, leading to a rise in government and corporate surveillance in sectors like healthcare, employment, education, and commerce. Advocates have raised the alarm for privacy and civil liberties violations, but the …

Wire(Less) Tapping: Protecting Arkansans' Fourth Amendment Right In The Era Of The Cloud, Erin James

Arkansas Law Review

Every day we surround ourselves with dozens of devices that monitor our every move, every request, all connecting with one another and sending massive amounts of data back to the device manufacturers. The idea of the prosecution placing the little black cylinder of your Amazon Alexa on the witness stand and asking Alexa to testify against you seems like something pulled from an Orwellian nightmare. But, in reality, it is already occurring.

Modern Privacy Advocacy: An Approach At War With Privacy Itself?, Justin "Gus" Hurwitz, Jamil N. Jaffer

Pepperdine Law Review

This Article argues that the modern concept of privacy itself, particularly as framed by some of its most ardent advocates today, is fundamentally incoherent. The Article highlights that many common arguments made in support of privacy, while initially seeming to protect this critical value, nonetheless undermine it in the long run. Using both recent and older examples of applying classic privacy advocacy positions to key technological innovations, the authors demonstrate how these positions, while seemingly privacy-enhancing at the time, actually resulted in outcomes that were less beneficial for consumers and citizens, including from a purely privacy-focused perspective. As a result, …

When Considering Federal Privacy Legislation, Neil Chilson

Pepperdine Law Review

Legislators, advocates, and business interests are proposing federal privacy legislation with new urgency. The United States has a long-established federal framework for addressing commercial privacy concerns, including general consumer protection law and sector-specific legislation. But the calls to expand or replace this approach have grown louder since Europe’s General Data Protection Regulation went into effect and since California adopted detailed and prescriptive privacy legislation. Should we create a U.S. federal privacy law, and if so, how? When considering any kind of privacy regulation, three concepts are fundamental. First, no one can control all information about them. Second, all privacy laws …

The Limits And Possibilities Of Data-Driven Antitrafficking Efforts, Jennifer Musto Ph.D.

Georgia State University Law Review

An examination of technology in the countertrafficking space reveals recurring tensions between law enforcement and rights-based approaches. It also illuminates assumptions, such as the one that posits more law enforcement-focused, nonstate-actor-supported data-driven efforts are necessary to securing justice for people in trafficking situations. However, a closer look at how technology is used and by whom also invites us to ask different questions and to leverage the power of our all-too-human creative potential in thinking about how to value and prioritize data ethics, transparency, and accountability in future countertrafficking work.

Gdpr And The Importance Of Data To Ai Startups, James Bessen, Stephen Michael Impink, Lydia Reichensperger, Robert Seamans

Faculty Scholarship

What is the impact of the European Union’s General Data Protection Regime (“GDPR”) and data regulation on AI startups? How important is data to AI product development? We study these questions using unique survey data of commercial AI startups. AI startups rely on data for their product development. Given the scale and scope of their business models, these startups are particularly susceptible to policy changes impacting data collection, storage and use. We find that training data and frequent model refreshes are particularly important for AI startups that rely on neural nets and ensemble learning algorithms. We also find that firms …

Investments And Security: Balancing International Commerce And National Security With Expanded Authority For The Committee On Foreign Investment In The United States, Christopher Jusuf

Catholic University Journal of Law and Technology

What happens when the interests of international trade conflict with those of national security? This article analyzes this question within the context of the Committee on Foreign Investment in the United States (CFIUS), an obscure but increasingly powerful executive panel that exercises the president's broad authority to unilaterally interfere with and stop international mergers and acquisitions. With the passage of the Foreign Investment Risk Review Modernization Act (FIRRMA), CFIUS is more powerful now than it has ever been, and should be a key consideration for any company seeking to do business with foreign investors. This is especially true as America …

A Dangerous Inheritance: A Child’S Digital Identity, Kate Hamming

Seattle University Law Review

This Comment begins with one family’s story of its experience with social media that many others can relate to in today’s ever-growing world of technology and the Internet. Technology has made it possible for a person’s online presence to grow exponentially through continuous sharing by other Internet users. This ability to communicate and share information amongst family, friends, and strangers all over the world, while beneficial in some regard, comes with its privacy downfalls. The risks to privacy are elevated when children’s information is being revealed, which often stems from a child’s own parents conduct online. Parents all over the …

Protecting Online Privacy In The Digital Age: Carpenter V. United States And The Fourth Amendment’S Third-Party Doctrine, Cristina Del Rosso, Carol M. Bast

Catholic University Journal of Law and Technology

The goal of this paper is to examine the future of the third-party doctrine with the proliferation of technology and the online data we are surrounded with daily, specifically after the Supreme Court’s decision in Carpenter v. United States. It is imperative that individuals do not forfeit their Constitutional guarantees for the benefit of living in a technologically advanced society. This requires an understanding of the modern-day functional equivalents of “papers” and “effects.”

Looking to the future, this paper contemplates solutions on how to move forward in this technology era by scrutinizing the relevancy of the third-party doctrine due …

The Fourth Amendment And New Technologies: Constitutional Myths And The Case For Caution, Orin S. Kerr

Orin Kerr

To one who values federalism, federal preemption of state law may significantly threaten the autonomy and core regulatory authority of The Supreme Court recently considered whether a1mmg an infrared thermal imaging device at a suspect's home can violate the Fourth Amendment. Kyllo v. United States announced a new and comprehensive rule: the government's warrantless use of senseenhancing technology that is "not in general use" violates the Fourth Amendment when it yields "details of the home that would previously have been unknowable without physical intrusion." Justice Scalia's majority opinion acknowledged that the Court's rule was not needed to resolve the case …

Digital Colonialism: The 21st Century Scramble For Africa Through The Extraction And Control Of User Data And The Limitations Of Data Protection Laws, Danielle Coleman

Michigan Journal of Race and Law

As Western technology companies increasingly rely on user data globally, extensive data protection laws and regulations emerged to ensure ethical use of that data. These same protections, however, do not exist uniformly in the resource-rich, infrastructure-poor African countries, where Western tech seeks to establish its presence. These conditions provide an ideal landscape for digital colonialism.

Digital colonialism refers to a modern-day “Scramble for Africa” where largescale tech companies extract, analyze, and own user data for profit and market influence with nominal benefit to the data source. Under the guise of altruism, large scale tech companies can use their power and …

Regulating The Gdpr: Perspectives From The United Kingdom, Hannah Mccausland

Seattle University Law Review

Hannah McCausland leads the international group at the UK Information Commissioner’s Office (ICO). The ICO’s International Engagement functions as the gateway to other data protection and privacy authorities on international matters. She’s involved in the work of the EU European Data Protection Board advising the commissioner and the deputy commissioner on international positioning of the ICO, and she has played a key role over the past six years in the ICO’s strategy on navigating the EU’s data protection framework. Hannah has also played a major role at the global level and advancing the practical tools that data protection and privacy …

Younger Generations Are Infected By Continuous Socialization To Accept Diminished Privacy: A Global Analysis Of How The United States' Constitutional Doctrine Is A Main Contributor To Eroded Privacy, Tiffany Kim

Indiana Journal of Global Legal Studies

Since the nineteenth century, privacy concerns have increased with the growth of technology. The invention of instantaneous photography, coupled with the enlarged presence of press, was met with concerns of degraded privacy. Society has formed expectations of privacy, but as time passes, those expectations continue to diminish. Younger generations have been socialized to accept lessened levels of privacy in this digitalized world of mass data and connectivity.

Individual privacy expectations vary globally. The construction of China's government and culture produces a lesser expectation of individual privacy than that of the United States. As outlined in the U.S. Constitution, U.S. citizens …

Recording As Heckling, Scott Skinner-Thompson

Publications

A growing body of authority recognizes that citizen recording of police officers and public space is protected by the First Amendment. But the judicial and scholarly momentum behind the emerging “right to record” fails to fully incorporate recording’s cost to another important right that also furthers First Amendment principles: the right to privacy.

This Article helps fill that gap by comprehensively analyzing the First Amendment interests of both the right to record and the right to privacy in public while highlighting the role of technology in altering the First Amendment landscape. Recording information can be critical to future speech and, …

How I Learned To Stop Worrying And Love The Bots, And How I Learned To Start Worrying About Democracy Instead, Antonio F. Perez

Catholic University Journal of Law and Technology

This essay reviewing Striking Power, John Yoo and Jeremy Rabkin's new book on the legal and policy implications of autonomous weapons, takes issue with the book’s assumptions and; therefore its conclusions. The essay argues that, because of technological and ethical limitations, discriminate and effective use of autonomous weapons may not serve as an adequate substitute for traditional manpower-based military forces. It further argues that traditional conceptions of international law could prove more durable than Yoo and Rabkin suggest, and finally it concludes by suggesting that a grand strategy relying primarily on technological elites managing autonomous weapons actually threatens to …

Smart Devices In Criminal Investigations: How Section 8 Of The Canadian Charter Of Rights And Freedoms Can Better Protect Privacy In The Search Of Technology And Seizure Of Information, Lee-Ann Conrod

LLM Theses

This thesis examines the jurisprudence from the Supreme Court of Canada (SCC) on informational privacy under section 8 of the Canadian Charter of Rights and Freedoms as it relates to searches of technology in the context of criminal investigations. The development and use of technology in criminal investigations will be detailed along with an overview of the current state of the law in this area. Challenges with the interpretation of section 8 demonstrate a prevalent uncertainty. This thesis proposes a new approach for the SCC to apply to cases where technology intersects with section 8 of the Charter. The proposal …

The Fight Over Encryption: Reasons Why Congress Must Block The Government From Compelling Technology Companies To Create Backdoors Into Their Devices, Shannon Lear

Cleveland State Law Review

Advances in technology in the past decade have blurred the line between individuals’ privacy rights and the government’s ability to access information. How should this issue be handled in a manner that balances the privacy rights of individuals and the government’s access to information in the interest of national security?

This Note proposes a bright-line rule that would continue to allow the government to obtain specific information from a data service provider without forcing the company to circumvent its own security features. Under this rule, a company shall relinquish specific information in its control or possession only by court order …