Privacy Law Commons^™

Managing And Monitoring The Menopausal Body, Naomi R. Cahn, Bridget J. Crawford, Emily Gold Waldman

Elisabeth Haub School of Law Faculty Publications

This Essay explores how menopausal bodies are managed and monitored through both menopausal hormone therapy (MHT) and the burgeoning market for technology-driven menopause products and services. While each of these allegedly improves the menopause experience, a closer investigation reveals a more complex interaction of profit motives and traditional notions of gender identity. The Essay identifies problems with—and suggests some solutions for reforming—current practices of monitoring and managing the menopausal body.

Careful consideration of menopause brings this Essay into ongoing conversations about theorizing beyond the gender binary and stereotypical notions of femininity. Purveyors of both MHT and menopause-related digital products and …

Privacy, Network Effects, And Law Enforcement: The Gap Between Technology And The Law, Adriena Clifton

Seattle Journal for Social Justice

No abstract provided.

Making Privacy Injuries Concrete, Peter Ormerod

Washington and Lee Law Review

In recent years, the U.S. Supreme Court has repeatedly said that the doctrine of Article III standing deprives the federal courts of jurisdiction over some lawsuits involving intangible injuries. The lower federal courts are carrying out the Supreme Court’s instructions, and privacy injuries have borne the brunt of the Court’s directive. This Article identifies two incoherencies in the Court’s recent intangible injury decisions and builds on the work of privacy scholars to fashion a solution.

The first incoherency is a line-drawing problem: the Court has never explained why some intangible injuries create an Article III injury in fact while others …

Data Breach Notification Laws And The Quantum Decryption Problem, Phillip Harmon

Washington and Lee Law Review

In the United States, state data breach notification laws protect citizens by forcing businesses to notify those citizens when their personal information has been compromised. These laws almost universally include an exception for encrypted personal data. Modern encryption methods make encrypted data largely useless, and the notification laws aim to encourage good encryption practices.

This Note challenges the wisdom of laws that place blind faith in the continued infallibility of encryption. For decades, Shor’s algorithm has promised polynomial-time factoring once a sufficiently powerful quantum computer can be built. Competing laboratories around the world steadily continue to march toward this end. …

Face The Facts, Or Is The Face A Fact?: Biometric Privacy In Publicly Available Data, Daniel Levin

Fordham Intellectual Property, Media and Entertainment Law Journal

Recent advances in biometric technologies have caused a stir among the privacy community. Specifically, facial recognition technologies facilitated through data scraping practices have called into question the basic precepts we had around exercising biometric privacy. Yet, in spite of emerging case law on the permissibility of data scraping, comparatively little attention has been given to the privacy implications endemic to such practices.

On the one hand, privacy proponents espouse the view that manipulating publicly available data from, for example, our social media profiles, derogates from users’ expectations around the kind of data they share with platforms (and the obligations such …

The New Bailments, Danielle D'Onfro

Scholarship@WashULaw

The rise of cloud computing has dramatically changed how consumers and firms store their belongings. Property that owners once managed directly now exists primarily on infrastructure maintained by intermediaries. Consumers entrust their photos to Apple instead of scrapbooks; businesses put their documents on Amazon’s servers instead of in file cabinets; seemingly everything runs in the cloud. Were these belongings tangible, the relationship between owner and intermediary would be governed by the common-law doctrine of bailment. Bailments are mandatory relationships formed when one party entrusts their property to another. Within this relationship, the bailees owe the bailors a duty of care …

A Proportionality-Based Framework For Government Regulation Of Digital Tracing Apps In Times Of Emergency, Sharon Bassan

Dickinson Law Review (2017-Present)

Times of emergency present an inherent conflict between the public interest and the preservation of individual rights. Such times require granting emergency powers to the government on behalf of the public interest and relaxing safeguards against government actions that infringe rights. The lack of theoretical framework to assess governmental decisions in times of emergency leads to a polarized and politicized discourse about potential policies, and often, to public distrust and lack of compliance.

Such a discourse was evident regarding Digital Tracing Apps (“DTAs”), which are apps installed on cellular phones to alert users that they were exposed to people who …

The Surprising Virtues Of Data Loyalty, Woodrow Hartzog, Neil M. Richards

Faculty Scholarship

Lawmakers in the United States and Europe are seriously considering imposing duties of data loyalty that implement ideas from privacy law scholarship, but critics claim such duties are unnecessary, unworkable, overly individualistic, and indeterminately vague. This paper takes those criticisms seriously, and its analysis of them reveals that duties of data loyalty have surprising virtues. Loyalty, it turns out, can support collective well-being by embracing privacy’s relational turn; it can be a powerful state of mind for reenergizing privacy reform; it prioritizes human values rather than potentially empty formalism; and it offers solutions that are flexible and clear rather than …

Legislating Data Loyalty, Woodrow Hartzog, Neil Richards

Faculty Scholarship

Lawmakers looking to embolden privacy law have begun to consider imposing duties of loyalty on organizations trusted with people’s data and online experiences. The idea behind loyalty is simple: organizations should not process data or design technologies that conflict with the best interests of trusting parties. But the logistics and implementation of data loyalty need to be developed if the concept is going to be capable of moving privacy law beyond its “notice and consent” roots to confront people’s vulnerabilities in their relationship with powerful data collectors.

In this short Essay, we propose a model for legislating data loyalty. Our …

Navigating The Identity Thicket: Trademark's Lost Theory Of Personality, The Right Of Publicity, And Preemption, Jennifer E. Rothman

All Faculty Scholarship

Both trademark and unfair competition laws and state right of publicity laws protect against unauthorized uses of a person’s identity. Increasingly, however, these rights are working at odds with one another, and can point in different directions with regard to who controls a person’s name, likeness, and broader indicia of identity. This creates what I call an "identity thicket" of overlapping and conflicting rights over a person’s identity. Current jurisprudence provides little to no guidance on the most basic questions surrounding this thicket, such as what right to use a person’s identity, if any, flows from the transfer of marks …