Privacy Law Commons^™

Race And Regulation Podcast Episode 5 - Racial Equity And Data Privacy, Anita L. Allen

Penn Program on Regulation Podcasts

In this episode, Anita Allen, an internationally renowned expert on the philosophical dimensions of privacy and data protection law, reveals how race-neutral privacy laws in the U.S. have failed to address the unequal burdens faced online by Black Americans, whose personal data are used in racially discriminatory ways. Professor Allen articulates what she terms an African American Online Equity Agenda to guide the development of race-conscious privacy regulations that can better promote racial justice in the modern digital economy.

Comment: The Necessary Evolution Of State Data Breach Notification Laws: Keeping Pace With New Cyber Threats, Quantum Decryption, And The Rapid Expansion Of Technology, Beth Burgin Waller, Elaine Mccafferty

Washington and Lee Law Review

The legal framework that was built almost two decades ago now struggles to keep pace with the rapid expansion of technology, including quantum computing and artificial intelligence, and an ever-evolving cyber threat landscape. In 2002, California passed the first data breach notification law, with all fifty states following suit to require notice of unauthorized access to and acquisition of an individual’s personal information.1 These data breach notification laws, originally designed to capture one-off unauthorized views of data in a computerized database, were not built to address PowerShell scripts by cyber terrorists run across thousands of servers, leaving automated accessed data …

Delineating The Legal Framework For Data Protection: A Fundamental Rights Approach Or Data Propertization?, Efe Lawrence Ogbeide

Canadian Journal of Law and Technology

The Charter of Fundamental Rights of the European Union, like other key legal instruments around the globe, grants citizens the right to privacy in Article 7. The Charter, however, further provides for the right to data protection in Article 8. Simply put, the implication of Article 8 of the Charter is that the right to data protection is a fundamental right. The central question in this article is whether data protection indeed qualifies to be categorized as a fundamental right. If not, what other approach(es) to data protection may be implemented?

Data Breach Notification Laws And The Quantum Decryption Problem, Phillip Harmon

Washington and Lee Law Review

In the United States, state data breach notification laws protect citizens by forcing businesses to notify those citizens when their personal information has been compromised. These laws almost universally include an exception for encrypted personal data. Modern encryption methods make encrypted data largely useless, and the notification laws aim to encourage good encryption practices.

This Note challenges the wisdom of laws that place blind faith in the continued infallibility of encryption. For decades, Shor’s algorithm has promised polynomial-time factoring once a sufficiently powerful quantum computer can be built. Competing laboratories around the world steadily continue to march toward this end. …