Law Commons^™

Constitutional Confidentiality, Natalie Ram, Jorge L. Contreras, Laura M. Beskow, Leslie E. Wolf

Washington and Lee Law Review

Federal Certificates of Confidentiality (“Certificates”) protect sensitive information about human research subjects from disclosure and use in judicial, administrative, and legislative proceedings at both the state and federal levels. When they were first authorized by Congress in the 1970s, Certificates covered sensitive information collected in research about drug addiction use. Today, however, they extend to virtually all personal information gathered by biomedical research studies. The broad reach of Certificates, coupled with their power to override state subpoenas and warrants issued in the context of law enforcement, abortion regulation, and other police powers typically under state control, beg the question whether …

Stay Out Of My Head: Neurodata, Privacy, And The First Amendment, Wayne Unger

Washington and Lee Law Review

The once science-fictional idea of mind-reading is within reach as advancements in brain-computer interfaces, coupled with advanced artificial intelligence, produce neurodata—the collection of substantive thoughts as storable and processable data. But government access to individuals’ neurodata threatens personal autonomy and the right to privacy. While the Fourth Amendment is traditionally considered the source of privacy protections against government intrusion, the First Amendment provides more robust protections with respect to whether governments can access one’s substantive ideas, thoughts, and beliefs. However, many theorists assert that the concept of privacy conflicts with the First Amendment because privacy restricts the flow of information …

Gag With Malice, Shaakirrah R. Sanders

Washington and Lee Law Review

This Article brings agriculture privacy and other commercial gagging laws into the ongoing debate on the First Amendment actual malice rule announced in New York Times v. Sullivan. Despite a resurgence in contemporary jurisprudence, Justices Clarence Thomas and Neil Gorsuch have recently questioned the wisdom and viability of Sullivan, which originally applied actual malice to state law defamation claims brought by public officials. The Court later extended the actual malice rule to public figures, to claims for infliction of emotional distress, and—as discussed in this Article—to claims for invasion of privacy and to issues of public importance or concern.

United …

The Three Laws: The Chinese Communist Party Throws Down The Data Regulation Gauntlet, William Chaskes

Washington and Lee Law Review

Criticism of the Chinese Communist Party (CCP) runs a wide gamut. Accusations of human rights abuses, intellectual property theft, authoritarian domestic policies, disrespecting sovereign borders, and propaganda campaigns all have one common factor: the CCP’s desire to control information. Controlling information means controlling data. Lurking beneath the People’s Republic of China’s (PRC) tumultuous relationship with the rest of the world is the fight between nations to control their citizens’ data while also keeping it out of the hands of adversaries. The CCP’s Three Laws are its newest weapon in this data war.

One byproduct of the CCP’s emphasis on controlling …

Right Of Self, Mitchell F. Crusto

Washington and Lee Law Review

The exercise of free will against tyranny is the single principle that defines the American spirit, our history, and our culture. From the American Revolution through the Civil War, the two World Wars, the Civil Rights Movement, and up to today, Americans have embraced the fundamental rights of the individual against wrongful governmental intrusion. This is reflected in our foundational principles, including the Magna Carta, the Bill of Rights to the United States Constitution, the Reconstruction Amendments, the Nineteenth Amendment, and, more recently, in the Supreme Court’s recognition of fundamental individual rights within the Constitution’s penumbras. However, there is no …

The New State Of Surveillance: Societies Of Subjugation, Khaled Ali Beydoun

Washington and Lee Law Review

Foundational surveillance studies theory has largely been shaped in line with the experiences of white subjects in western capitalist societies. Formative scholars, most notably Michel Foucault and Gilles Deleuze, theorized that the advancement of surveillance technology tempers the State’s reliance on mass discipline and corporal punishment. Legal scholarship examining modern surveillance perpetuates this view, and popular interventions, such as the blockbuster docudrama The Social Dilemma and Shoshana Zuboff’s bestseller The Age of Surveillance Capitalism, mainstream the myth of colorblind surveillance. However, the experiences of nonwhite subjects of surveillance—pushed to or beyond the margins of these formative discourses—reflect otherwise. …

Comment: The Necessary Evolution Of State Data Breach Notification Laws: Keeping Pace With New Cyber Threats, Quantum Decryption, And The Rapid Expansion Of Technology, Beth Burgin Waller, Elaine Mccafferty

Washington and Lee Law Review

The legal framework that was built almost two decades ago now struggles to keep pace with the rapid expansion of technology, including quantum computing and artificial intelligence, and an ever-evolving cyber threat landscape. In 2002, California passed the first data breach notification law, with all fifty states following suit to require notice of unauthorized access to and acquisition of an individual’s personal information.1 These data breach notification laws, originally designed to capture one-off unauthorized views of data in a computerized database, were not built to address PowerShell scripts by cyber terrorists run across thousands of servers, leaving automated accessed data …

Making Privacy Injuries Concrete, Peter Ormerod

Washington and Lee Law Review

In recent years, the U.S. Supreme Court has repeatedly said that the doctrine of Article III standing deprives the federal courts of jurisdiction over some lawsuits involving intangible injuries. The lower federal courts are carrying out the Supreme Court’s instructions, and privacy injuries have borne the brunt of the Court’s directive. This Article identifies two incoherencies in the Court’s recent intangible injury decisions and builds on the work of privacy scholars to fashion a solution.

The first incoherency is a line-drawing problem: the Court has never explained why some intangible injuries create an Article III injury in fact while others …

Data Breach Notification Laws And The Quantum Decryption Problem, Phillip Harmon

Washington and Lee Law Review

In the United States, state data breach notification laws protect citizens by forcing businesses to notify those citizens when their personal information has been compromised. These laws almost universally include an exception for encrypted personal data. Modern encryption methods make encrypted data largely useless, and the notification laws aim to encourage good encryption practices.

This Note challenges the wisdom of laws that place blind faith in the continued infallibility of encryption. For decades, Shor’s algorithm has promised polynomial-time factoring once a sufficiently powerful quantum computer can be built. Competing laboratories around the world steadily continue to march toward this end. …

The “P” Isn’T For Privacy: The Conflict Between Bankruptcy Rules And Hipaa Compliance, Sophie R. Rogers Churchill

Washington and Lee Law Review

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) included a now-ubiquitous provision designed to protect the privacy of patients’ protected health information. The provision prohibits covered entities, including health care providers and their agents, from disclosing any demographic information that may identify a patient and that relates to that patient’s medical care. The provision is broad and can include such simple information as which doctor a patient consults or the date of a patient’s consultation with a physician.

Unfortunately, such protections become impracticable in the bankruptcy setting. When a health care provider files bankruptcy, it files a host …

Taxonomy Of The Snowden Disclosures, Margaret Hu

Washington and Lee Law Review

This brief Essay offers a proposed taxonomy of the Snowden Disclosures. An informed discussion on the legality and constitutionality of the emerging cybersurveillance and mass dataveillance programs revealed by former NSA contractor Edward Snowden necessitates the furtherance of cybersurveillance aptitude. This Essay contends, therefore, that a detailed examination of the Snowden disclosures requires not just a careful inquiry into the legal and constitutional framework that guides the oversight of these programs. A close interrogation also requires a careful inquiry into the big data architecture that guides them. This inquiry includes examining the underlying theories of data science and the rationales …

State Labs Of Federalism And Law Enforcement "Drone" Use, Chris Jenks

Washington and Lee Law Review

No abstract provided.

Cybersurveillance In A Free Society, Russell L. Weaver

Washington and Lee Law Review

No abstract provided.

Surveillance As Loss Of Obscurity, Woodrow Hartzog, Evan Selinger

Washington and Lee Law Review

No abstract provided.

The Fisa Court And Article Iii, Stephen I. Vladeck

Washington and Lee Law Review

No abstract provided.

Spying Inc., Danielle Keats Citron

Washington and Lee Law Review

The latest spying craze is the “stalking app.” Once installed on someone’s cell phone, the stalking app can provide continuous access to the phone owner’s calls, texts, snapchats, photos, calendar updates, and movements. Stalking apps destroy the privacy and confidentiality of cell phone activities. Domestic abusers and stalkers frequently turn to stalking apps because they are undetectable even to sophisticated phone owners.

Business is booming for stalking app providers, even though their entire enterprise is arguably illegal. Federal and state wiretapping laws ban the manufacture, sale, or advertisement of devices knowing their design makes them primarily useful for the surreptitious …

Defining "Foreign Affairs" In Section 702 Of The Fisa Amendments Act: The Virtues And Deficits Of Post-Snowden Dialogue On U.S. Surveillance Policy, Peter Margulies

Washington and Lee Law Review

No abstract provided.

Banning Bulk: Passage Of The Usa Freedom Act And Ending Bulk Collection, Bart Forsyth

Washington and Lee Law Review

No abstract provided.

I Spy: The New Self-Cybersurveillance And The "Internet Of Things", Steven I. Friedland

Washington and Lee Law Review

Prior to the digital age, surveillance generally meant a government agent or private investigator engaged in a stakeout or observation detail that involved physical work, expense, and time. The digital age changed surveillance fundamentally. Today, we not only generate mountains of data for others, we also effectively surveil ourselves through digitally-connected, multifunctional smart devices, collectively described as the “Internet of Things.”

Cybersurveillance accessed by the government, even when started as self-surveillance, raises complex and uncertain legal issues, especially when related to the Constitution. In United States v. Kyllo, the Supreme Court was reticent to allow government agents to use …