Law Commons^™

Fourth Amendment Limits On Extensive Quarantine Surveillance, Benjamin Wolters

Duke Journal of Constitutional Law & Public Policy Sidebar

The devastation wreaked by the COVID-19 pandemic spurred innovations in technology and public policy. Many countries rushed to implement extensive quarantines, and some introduced disease surveillance, including location tracking to enforce quarantines. Though the United States has never implemented high-tech quarantine surveillance, such technology will certainly be available for the next disease outbreak.

Absent significant doctrinal change, the Fourth Amendment likely bars some, but not all, forms of quarantine surveillance. Quarantine surveillance probably constitutes a Fourth Amendment “search” that generally must be backed by probable cause. This probable cause requirement, and its subcomponent of individualized suspicion, likely applies differently to …

Ferpa And State Open Records Laws: What The North Carolina Supreme Court Got Wrong In Dth Media Corp. V. Folt, And How Courts & Congress Can Take Measures To Reconcile Privacy And Access Interests, Danielle Siegel

Duke Journal of Constitutional Law & Public Policy Sidebar

Over the past few years, courts across the country have confronted a common scenario. Members of the public and media request records from a public university pertaining to its investigations of sexual assault and misconduct on campus. Then, media outlets contend they have a right to access these records under state open records laws. But the university claims that it cannot, or will not, disclose the records under the Family Educational Rights and Privacy Act of 1974 ("FERPA").

The media outlet then files suit to compel disclosure. This Note explores the competing privacy and access interests at stake in this …

Individuals As Gatekeepers Against Data Misuse, Ying Hu

Michigan Technology Law Review

This article makes a case for treating individual data subjects as gatekeepers against misuse of personal data. Imposing gatekeeper responsibility on individuals is most useful where (a) the primary wrongdoers engage in data misuse intentionally or recklessly; (b) misuse of personal data is likely to lead to serious harm; and (c) one or more individuals are able to detect and prevent data misuse at a reasonable cost.

As gatekeepers, individuals should have a legal duty to take reasonable measures to prevent data misuse where they are aware of facts indicating that the person seeking personal data from them is highly …

From The Golden Gate To London: Bridging The Gap Between Data Privacy And The Right Of Publicity, Kristin Kuraishi

Brooklyn Journal of International Law

Currently, there is no global standard or recognition for the right of publicity. Even within the United States, the recognition, scope, and protections vary by state. As the world becomes increasingly reliant on social media for news, information, communication, and recommendations, micro-influencers and non-celebrities require a way to control their developed and curated name, image, and likeness from unauthorized commercial uses by others. Advertising is occurring more frequently online, and brands recognize the power that micro-influencers have on commerce. Some countries, like the United Kingdom, do not recognize the right of publicity, potentially leaving many individuals without recourse for the …

Uncertain Terms, Leah R. Fowler, Jim Hawkins, Jessica L. Roberts

Notre Dame Law Review

Health apps collect massive amounts of sensitive consumer data, including information about users’ reproductive lives, mental health, and genetics. As a result, consumers in this industry may shop for privacy terms when they select a product. Yet our research reveals that many digital health tech companies reserve the right to unilaterally amend their terms of service and their privacy policies. This ability to make one-sided changes undermines the market for privacy, leaving users vulnerable. Unfortunately, the current law generally tolerates unilateral amendments, despite fairness and efficiency concerns. We therefore propose legislative, regulatory, and judicial solutions to better protect consumers of …

Compulsory Dna Testing In Argentina: The Right To Truth Versus The Right To Privacy, Margaret Foster

Brooklyn Journal of International Law

During the Dirty War—a seven year repression by the Argentinian junta of political dissidents and alleged subversives—an estimated 500 babies were stolen from their mothers while imprisoned and given to leading military officials as "adopted" children. These children had their true identities erased and replaced with a false one covering up their true origins. This Note will explore Argentina's response to the Dirty War. Namely, it will consider the tension between the right to truth—an international right right often associated with enforced disappearances—and the right to privacy. In particular, it will consider cases in which adults resisted DNA testing to …

Digital Privacy Rights And Cloud Act Agreements, Tim Cochrane

Brooklyn Journal of International Law

The United States (US) and United Kingdom (UK) will soon bring into force a new international law enforcement data sharing ‘CLOUD Act agreement’ (US-UK Agreement), the first of its kind under the Clarifying Lawful Overseas Use of Data Act 2018 (CLOUD Act). These agreements enable law enforcement in one state to directly request data from service providers based in the other state. They respond to long-standing concerns with the main mechanism for obtaining overseas data, mutual legal assistance (MLA). The US and UK claim the US-UK Agreement will significantly speed up data access relative to MLA while “respecting privacy and …

The Technologization Of Insurance: An Empirical Analysis Of Big Data And Artificial Intelligence’S Impact On Cybersecurity And Privacy, Shauhin A. Talesh, Bryan Cunningham

Utah Law Review

This Article engages one of the biggest issues debated among privacy and technology scholars by offering an empirical examination of how big data and emerging technologies influence society. Although scholars explore the ways that code, technology, and information regulate society, existing research primarily focuses on the theoretical and normative challenges of big data and emerging technologies. To our knowledge, there has been very little empirical analysis of precisely how big data and technology influence society. This is not due to a lack of interest but rather a lack of disclosure by data providers and corporations that collect and use these …

You Are Not A Commodity: A More Efficient Approach To Commercial Privacy Rights, Benjamin T. Pardue

Washington Law Review

United States common law provides four torts for privacy invasion: (1) disclosure of private facts, (2) intrusion upon seclusion, (3) placement of a person in a false light, and (4) appropriation of name or likeness. Appropriation of name or likeness occurs when a defendant commandeers the plaintiff’s recognizability, typically for a commercial benefit. Most states allow plaintiffs who establish liability to recover defendants’ profits as damages from the misappropriation under an “unjust enrichment” theory. By contrast, this Comment argues that such an award provides a windfall to plaintiffs and contributes to suboptimal social outcomes. These include overcompensating plaintiffs and incentivizing …

Biometric Data Collection: Market Necessity Or Unconstitutional Overkill?, Thomas Langtry

GGU Law Review Blog

Congress should pass, and the President should sign into law, the National Biometric Information Privacy Act of 2020 (National BIPA). Introduced by Senators Jeff Merkley (D-OR) and Bernie Sanders (I-VT), this bill limits the ability of private entities to collect biometric data and requires them to ensure the privacy and security of data they do collect. Unlike most federal regulatory legislation, it also provides for a private right of action through which individuals can seek meaningful remedies.

Critics argue that the bill will deprive consumers of online shopping services and convenient digital security, and that employers and retailers may retaliate …

Deepfake Privacy: Attitudes And Regulation, Matthew B. Kugler, Carly Pace

Northwestern University Law Review

Using only a series of images of a person’s face and publicly available software, it is now possible to insert the person’s likeness into a video and show them saying or doing almost anything. This “deepfake” technology has permitted an explosion of political satire and, especially, fake pornography. Several states have already passed laws regulating deepfakes, and more are poised to do so. This Article presents three novel empirical studies that assess public attitudes toward this new technology. In our main study, a representative sample of the U.S. adult population perceived nonconsensually created pornographic deepfake videos as extremely harmful and …

Problematic Interactions Between Ai And Health Privacy, W. Nicholson Price Ii

Articles

Problematic Interactions Between AI and Health Privacy Nicholson Price, University of Michigan Law SchoolFollow Abstract The interaction of artificial intelligence (AI) and health privacy is a two-way street. Both directions are problematic. This Essay makes two main points. First, the advent of artificial intelligence weakens the legal protections for health privacy by rendering deidentification less reliable and by inferring health information from unprotected data sources. Second, the legal rules that protect health privacy nonetheless detrimentally impact the development of AI used in the health system by introducing multiple sources of bias: collection and sharing of data by a small set …

How To Make The Perfect Citizen? Lessons From China's Social Credit System, Liav Orgad, Wessel Reijers

Vanderbilt Journal of Transnational Law

"How to make the perfect citizen?" This has been one of the questions driving the construction of the Chinese Social Credit System: a technology-driven project that aims to assess, evaluate, and steer the behavior of Chinese citizens. After presenting social credit systems in China's public and private sectors (Part II), the Article provides normative standards to distinguish the Chinese system from comparable systems in liberal democracies (Part III). It then discusses the concept of civic virtue, as implemented by the Social Credit System, claiming that it creates a new form of governance, "cybernetic citizenship," which fundamentally changes the essence of …

Gdpr, Pipl & Lgpd: Privacy Regulations & Policies Across The Globe, Raymond H. Geistel

Cybersecurity Undergraduate Research Showcase

Several privacy laws around the world are adopting similar regulations to the GPDR; this has effects on privacy policies of companies providing services in across multiple countries & continents. While these regulations share many attributes, their differing requirements can make things difficult for companies regarding said policies. Automation could be a potential solution to both analyze and compare regulations from different nations & international organizations, analyze and monitor privacy policy adherence to said regulations.

The Right To Delete: Protecting Consumer Autonomy In Direct-To-Consumer Genetic Testing, Angela S. Gassner

UC Irvine Law Review

We often think of DNA as a unique personal identifier. Yet, as of 2019, direct-to-consumer (DTC) genetic testing companies have amassed the genetic data of more than twenty-six million consumers. This raises the concern that companies do not uniformly protect consumers’ genetic privacy. Substantiating such concerns are complaints that companies permit law enforcement access to their databases, sell consumer genetic information to third parties, pursue drug development, and suffer data breaches.

Regulators have been slow to respond to this emerging privacy issue. The current legal framework is largely inadequate: there is no federal data-privacy law; courts and agencies are ill-equipped …

Certificates Of Confidentiality: Mind The Gap, Leslie E. Wolf, Laura M. Beskow

Utah Law Review

Certificates of Confidentiality (“Certificates”) are a federal mechanism designed to protect sensitive, identifiable research data from compelled disclosure in any legal proceeding. The 21st Century Cures Act revised the authorizing statute to address criticisms raised about the Certificates’ coverage and protections. Despite many changes that expanded the scope and reinforced the protection of Certificates, questions remain concerning the robustness of the protection Certificates afford. Here, we briefly review the legal evolution of Certificates and then examine the gaps in protections that remain and their implications. We conclude with recommendations for areas of clarification and future research.

Proceedings Of The 2020 Lee E. Teitelbaum Utah Law Review Symposium, Utah Law Review

Utah Law Review

In the autumn of 2020, the Utah Law Review, in cooperation with the S.J. Quinney College of Law Center for Law and Biomedical Sciences, convened a twoday virtual symposium exploring “The Law and Ethics of Medical Research.” On November 13th, leading scholars from across the country joined us for a panel discussion titled “Sharing Medical Research Data: Privacy and Confidentiality.” On November 20th, a second set of distinguished scholars and practitioners gathered virtually for three more panel discussions: “Clinical Trials—Legal and Ethical Issues in the Age of COVID-19,” “Intellectual Property and Medical Research,” and “Medical Research as a Public Health …

Alexa Hears With Her Little Ears—But Does She Have The Privilege?, Lauren Chlouber Howell

St. Mary's Law Journal

Abstract forthcoming.

Closing The Data Gap: Protecting Biometric Information Under The Biometric Information Privacy Act And The California Consumer Protection Act, Eva-Maria Ghelardi

St. John's Law Review

(Excerpt)

Between May and June of 2014, Stacy Rosenbach bought her son, Alexander, a Six Flags season pass online. She submitted Alexander’s personal information and read that Alexander would complete the sign-up process at the park. No details described what the sign-up process would entail.

After showing his online receipt at Six Flags, Alexander was brought to an office to provide the customary thumb scan. Alexander’s thumb scan, along with the season pass card, was required to permit him to enter the various rides. He was not given any information about how his thumb scan would be stored or used …

Right To Informational Self-Determination As A General Civil Right: Analytical Study Of The European Regulation For The Protection Of Personal Data And The Provisions Of European Judiciary, Dr. Mohammed Hasson Ali

UAEU Law Journal

The research discussed the right to informational self-determination as a general civil right, which was inaugurated through the work analyzed by the European regulation of personal data protection under the European judiciary.

It was defined as the human right to control and monitor the processing of his personal data under a contractual or legal bond.

It included many properties, the highest of the importance of which:

The right of the subject to access his processed data, The right to transfer it, The right to correct it, The right to delete it ( the right to be forgotten), The right to …

Winter Is Here: The Impossibility Of Schrems Ii For U.S.-Based Direct-To-Consumer Companies, Vanessa Zimmer

Northwestern Journal of International Law & Business

In this paper, Vanessa Zimmer exposes the precarious position of Direct-to-Consumer (DTC) companies that are physically located in the United States but still subject to the European General Data Protection Regulation (GDPR) under Article 3(2) because they offer goods or services to European consumers online. Standard Contractual Clauses (SCCs) and supplementary measures have dominated privacy conversions in the year since the European Court of Justice invalidated the EU-U.S. Privacy Shield framework with its Schrems II decision.

However, Zimmer argues that the greater issue for U.S.-based DTC companies is the lack of clarity over what constitutes an international, or restricted, transfer …

Comparative Limitations On Abortions: The United States Supreme Court V. The European Court Of Human Rights, Sunaya Padmanabhan

Northwestern Journal of Law & Social Policy

This Note compares the balancing tests implemented by the United States Supreme Court and the European Court of Human Rights to determine the legal status of abortion within their jurisdictions. This Note will argue that the Supreme Court’s balancing test better protects a woman’s legal path to an abortion because it A) limits states’ restrictions to specific categories and B) regulates the extent to which states can restrict a woman’s pre-viability abortion.

This Note will also examine the ways in which each court’s abortion jurisprudence substantively restricts a woman’s ability to obtain an abortion, even where legal avenues to the …

Ua45/1 Registrar Updates, Wku Registrar

WKU Archives Records

Newsletter created by and about the WKU Registrar's Office.

Schrems's Slippery Slope: Strengthening Governance Mechanisms To Rehabilitate Eu-U.S. Cross-Border Data Transfers After Schrems Ii, Edward W. Mclaughlin

Fordham Law Review

In July 2020, the Court of Justice of the European Union (CJEU) invalidated the Privacy Shield Framework, the central data governance mechanism that once governed cross-border data transfers from the European Union (EU) to the United States. For the second time in five years, Europe’s top court invalidated the primary method of cross-border data transfers. Both times the CJEU found that the United States’s surveillance laws were, and remain, overbroad and fail to provide EU citizens with protections that are essentially equivalent to those guaranteed under the EU’s General Data Protection Regulation (GDPR) in light of the Charter of Fundamental …

Effects Of Cloud Computing In The Workforce, Kevin Rossi Acosta

Cybersecurity Undergraduate Research Showcase

In recent years, the incorporation of cloud computing and cloud services has increased in many different types of organizations and companies. This paper will focus on the philosophical, economical, and political factors that cloud computing and cloud services have in the workforce and different organizations. Based on various scholarly articles and resources it was observed that organizations used cloud computing and cloud services to increase their overall productivity as well as decrease the overall cost of their operations, as well as the different policies that were created by lawmakers to control the realm of cloud computing. The results of this …

Deep Fakes: The Algorithms That Create And Detect Them And The National Security Risks They Pose, Nick Dunard

James Madison Undergraduate Research Journal (JMURJ)

The dissemination of deep fakes for nefarious purposes poses significant national security risks to the United States, requiring an urgent development of technologies to detect their use and strategies to mitigate their effects. Deep fakes are images and videos created by or with the assistance of AI algorithms in which a person’s likeness, actions, or words have been replaced by someone else’s to deceive an audience. Often created with the help of generative adversarial networks, deep fakes can be used to blackmail, harass, exploit, and intimidate individuals and businesses; in large-scale disinformation campaigns, they can incite political tensions around the …

Information Privacy In An Age Of Invisible Shopper Tracking: Who Will Pay The Price For Stores Of The Future?, Kristin Harripaul

Georgia State University Law Review

Explosive growth in technology has brought a unique opportunity to the doors of brick-and-mortar retail—a nearly $3.38 trillion industry struggling to regain relevance among modern, digitally enabled shoppers. Specifically, in-store analytics, or shopper tracking technologies, are allowing these retailers to better compete with online stores by tapping into consumer data unprecedented in the brick-and-mortar context. With these technologies, stores now have access to detailed metrics, like consumer dwell times, journeys, product engagement, product views, and demographic data such as age and gender, which can be used to optimize store operations and marketing and promotions.

Recent events, however, including a string …

How The World's Largest Economies Regulate Data Privacy: Drawbacks, Benefits, & Proposed Solutions, Alexander J. Pantos

Indiana Journal of Global Legal Studies

National data privacy regimes are quickly gaining traction and ubiquity around the globe. Moving forward, countries will face a range of difficult decisions surrounding how best to engage internationally in cross border data flow, particularly in the context of personal information (PI).

This article takes a bird's-eye view of the current state of data privacy regimes in the world's four highest GDP regions. In part, this article hopes to provide a succinct analysis of these data privacy regimes, with a focus on the balance they strike between granting individuals rights in their data and placing responsibilities on businesses that deal …

Personal Data Privacy And Protective Federal Legislation: An Exploration Of Constituent Position On The Need For Legislation To Control Data Reliant Organizations Collecting And Monetizing Internet-Obtained Personal Data, Giovanni De Meo

Dissertations

In the past twenty years, the business of online personal data collection has grown at the same rapid pace as the internet itself, fostering a multibillion-dollar personal data collection and commercialization industry. Unlike many other large industries, there has been no major federal legislation enacted to monitor or control the activities of organizations dealing in this flourishing industry. The combination of these factors together with the lack of prior research encouraged this research designed to understand how much voters know about this topic and whether there is interest in seeing legislation enacted to protect individual personal data privacy.

To address …

The Development And The Future Of Privacy In Maine, Scott P. Bloomberg

Maine Law Review

In the United States, privacy law has traditionally developed in concert with intrusions created by newfangled technologies. This pattern has held true in Maine. Beginning in the late 1960s, the state has experienced three eras of privacy reform that track the technological advances of the mid-century, the internet era, and the new era of social media and big data. This Article details these three eras of reform and advances several proposals for responding to the challenges posed by the era that we are living through today. Indeed, at the beginning of the 2020s, there is much work on the horizon …