Law Commons^™

Privacy Law Issues In Public Blockchains: An Analysis Of Blockchain, Pipeda, The Gdpr, And Proposals For Compliance, Noah Walters

Canadian Journal of Law and Technology

Proponents of blockchain proclaim that the technology’s greatest innovation is trust. Blockchain create trust by serving as an indispensable ledger (a central point of truth), for all stakeholders to a transaction. Instead of companies managing and reconciling records of the same transaction in privately held databases, both sides of a transaction are recorded simultaneously on a shared ledger — the blockchain. As a result, the crypto economic environment is characterized by the decentralized coordination of business processes and transactions. Proponents of crypto-economics regard decentralized coordination as an opportunity for new forms of economic innovation, forms designed to increase value for …

Digital Colonialism: The 21st Century Scramble For Africa Through The Extraction And Control Of User Data And The Limitations Of Data Protection Laws, Danielle Coleman

Michigan Journal of Race and Law

As Western technology companies increasingly rely on user data globally, extensive data protection laws and regulations emerged to ensure ethical use of that data. These same protections, however, do not exist uniformly in the resource-rich, infrastructure-poor African countries, where Western tech seeks to establish its presence. These conditions provide an ideal landscape for digital colonialism.

Digital colonialism refers to a modern-day “Scramble for Africa” where largescale tech companies extract, analyze, and own user data for profit and market influence with nominal benefit to the data source. Under the guise of altruism, large scale tech companies can use their power and …

The Gdpr: It Came, We Saw, But Did It Conquer?, Leila Javanshir

Seattle University Law Review

On February 1, 2019, the Seattle University Law Review held its annual symposium at the Seattle University School of Law. Each year, the Law Review hosts its symposium on a topic that is timely and meaningful. This year, privacy and data security professionals from around the globe gathered to discuss the current and future effects of the General Data Protection Regulation (GDPR) that was implemented on May 25, 2018. The articles and essays that follow this Foreword are the product of this year’s symposium.

Footprints: Privacy For Enterprises, Processors, And Custodians…Oh My!, Blair Witzel, Carrie Mount

Seattle University Law Review

Americans’ interest in privacy—as evidenced by increasing news coverage, online searches, and new legislation—has grown over the past decade. After the European Union enacted the General Data Protection Regulation (GDPR), technologists and legal professionals have focused on primary collectors of data—known under various legal regimes as the “controller” or “custodian.” Thanks to advances in computing, many of these data collectors offload the processing of data to third parties providing data-related cloud services like Amazon, Microsoft, and Google. In addition to the data they have already collected about the data subjects themselves, these companies now “hold” that data on behalf of …

Confiding In Con Men: U.S. Privacy Law, The Gdpr, And Information Fiduciaries, Lindsey Barrett

Seattle University Law Review

In scope, ambition, and animating philosophy, U.S. privacy law and Europe’s General Data Protection Regulation are almost diametric opposites. The GDPR’s ambitious individual rights, significant prohibitions, substantive enforcement regime, and broad applicability contrast vividly with a scattershot U.S. regime that generally prioritizes facilitating commerce over protecting individuals, and which has created perverse incentives for industry through anemic enforcement of the few meaningful limitations that do exist. A privacy law that characterizes data collectors as information fiduciaries could coalesce with the commercial focus of U.S. law, while emulating the GDPR’s laudable normative objectives and fortifying U.S. consumer privacy law with a …

Privacy Statements Under The Gdpr, Mike Hintze

Seattle University Law Review

The need to include specific types of information in a privacy statement is a GDPR compliance obligation that does not get as much attention as some other GDPR requirements. Perhaps that is because privacy statements have been much maligned in recent years. They are too long and full of legalese. Nobody reads them. They are part of a notice and consent approach to privacy that puts an unrealistic burden on consumers to make informed choices. But despite these well-known criticisms, the GDPR doubles down on privacy statements. In fact, gauging by the roughly fourfold increase in privacy statement requirements compared …

Privacy Preserving Social Norm Nudges, Yifat Nahmias

Michigan Technology Law Review

Nudges comprise a key component of the regulatory toolbox. Both the public and private sectors use nudges extensively in various domains, ranging from environmental regulation to health, food and financial regulation. This article focuses on a particular type of nudge: social norm nudges. It discusses, for the first time, the privacy risks of such nudges. Social norm nudges induce behavioral change by capitalizing on people’s desire to fit in with others, on their predisposition to social conformity, and on their susceptibility to the way information is framed. In order to design effective social norm nudges, personal information about individuals and …

"You Have The Data"...The Writ Of Habeas Data And Other Data Protection Rights: Is The United States Falling Behind?, Sarah L. Lode

Indiana Law Journal

In Part I of this Note, I will discuss the writ of habeas data that has been developed primarily, but not exclusively, in Latin American countries. I will discuss the intricacies of the writ, how it evolved, and how it is applied today. Using Argentina as an example, I will discuss how the writ would be used by an Argentine citizen to protect her personal data. Part II summarizes the previously employed data protection scheme in the European Union, the Data Protection Directive (“the Directive”), and will also discuss the new EU data protection regulation, the General Data Protection Regulation …

The Exclusionary Rule In The Age Of Blue Data, Andrew Ferguson

Articles in Law Reviews & Other Academic Journals

In Herring v. United States, Chief Justice John Roberts reframed the Supreme Court’s understanding of the exclusionary rule: “As laid out in our cases, the exclusionary rule serves to deter deliberate, reckless, or grossly negligent conduct, or in some circumstances recurring or systemic negligence.” The open question remains: how can defendants demonstrate sufficient recurring or systemic negligence to warrant exclusion? The Supreme Court has never answered the question, although the absence of systemic or recurring problems has figured prominently in two recent exclusionary rule decisions. Without the ability to document recurring failures, or patterns of police misconduct, courts can dismiss …

Privacy In Gaming, N. Cameron Russell, Joel R. Reidenberg, Sumyung Moon

Fordham Intellectual Property, Media and Entertainment Law Journal

Video game platforms and business models are increasingly built on collection, use, and sharing of personal information for purposes of both functionality and revenue. This paper examines privacy issues and explores data practices, technical specifications, and policy statements of the most popular games and gaming platforms to provide an overview of the current privacy legal landscape for mobile gaming, console gaming, and virtual reality devices. The research observes how modern gaming aligns with information privacy notions and norms and how data practices and technologies specific to gaming may affect users and, in particular, child gamers.

After objectively selecting and analyzing …

Forensic Border Searches After Carpenter Require Probable Cause And A Warrant, Christopher I. Pryby

Michigan Law Review

Under the border search doctrine, courts have upheld the federal government's practice of searching people and their possessions upon entry into or exit from the United States, without any requirement of suspicion, as reasonable under the Fourth Amendment. Since the advent of electronic devices with large storage capacities, courts have grappled with whether this definition of reasonableness continues to apply. So far, courts have consistently characterized “nonforensic” border inspections of electronic devices (for example, paging through photos on a phone) as “routine” searches that, like inspecting luggage brought across international lines, require no suspicion. But there is a circuit split …