Law Commons^™

The Kids Are Not Alright: Negative Consequences Of Student Device And Account Surveillance, Ashley Peterson

Washington Law Review

In recent years, student surveillance has rapidly grown. As schools have experimented with new technologies, transitioned to remote and hybrid instruction, and faced pressure to protect student safety, they have increased surveillance of school accounts and school-issued devices. School surveillance extends beyond school premises to monitor student activities that occur off-campus. It reaches students’ most intimate data and spaces, including things students likely believe are private: internet searches, emails, and messages. This Comment focuses on the problems associated with off-campus surveillance of school accounts and school-issued devices, including chilling effects that fundamentally alter student behavior, reinforcement of the school-to-prison pipeline, …

The Data Heist: Protecting Consumers And Their Information Through Opt-In Consent, John A. Hudson

Arkansas Law Review

This Comment will: (1) compare and contrast the data privacy laws in the United States and the European Union; (2) demonstrate the significant risk American consumers are subject to under the United States’ current laws and regulations; and (3) address the protections provided by the European Union’s explicit opt-in consent requirement that would ensure safer conditions for American consumers.

The Trade Origins Of Privacy Law, Anupam Chander

Indiana Law Journal

The desire for trade propelled the growth of data privacy law across the world. Countries with strong privacy laws sought to ensure that their citizens’ privacy would not be compromised when their data traveled to other countries. Even before this vaunted Brussels Effect pushed privacy law across the world through the enticement of trade with the European Union, Brussels had to erect privacy law within the Union itself. And as the Union itself expanded, privacy law was a critical condition for accession.

But this coupling of privacy and trade leaves a puzzle: how did the U.S. avoid a comprehensive privacy …

Continuous Reproductive Surveillance, Michael Ulrich, Leah R. Fowler

Faculty Scholarship

The Dobbs opinion emphasizes that the state’s interest in the fetus extends to “all stages of development.” This essay briefly explores whether state legislators, agencies, and courts could use the “all stages of development” language to expand reproductive surveillance by using novel developments in consumer health technologies to augment those efforts.

Aadhaar: India’S National Identification System And Consent-Based Privacy Rights, Anvitha S. Yalavarthy

Vanderbilt Journal of Transnational Law

India’s national identification program, Aadhaar, created the largest national biometric database in the world. While the program is touted as voluntary, the increasing dependence on it, and the laws surrounding it, make it de facto mandatory. This Note examines the social and legal landscapes surrounding the Aadhaar program along with the principles of data privacy and biometric data collection in the European Union and the United States to show how those principles can and should apply to the Aadhaar system.

This Note suggests that the way to strengthen the Aadhaar system’s privacy regime is by balancing the principles of necessity …

What A Data Privacy Law Should Look Like In West Virginia: Balancing Competing Interests Of Consumers And Businesses, Harrison Enright

West Virginia Law Review

Today’s businesses invariably leverage consumer data to create business insights, such as marketing strategies and consumer behavior analyses. As a result, consumers have placed an emphasis on data privacy and security. In response, many states have proposed comprehensive legislation aspiring to regulate the collection and usage of consumer data by businesses, grant individual rights to consumers, and provide for a method of enforcement. House Bill 3159 represents West Virginia’s most recent attempt at doing so, serving as an indication that the state is working diligently to enhance the data privacy of its residents.

Although enacting a comprehensive data privacy law …

The Need For Curtains Of The Soul: Privacy Versus Transparency In The Instrumented World Of Algorithmic Artificial Intelligence, Michael Martin Losavio

FIU Law Review

We approach a privacy singularity in pervasive data collection and inference that may reveal all about our lives. While privacy might not yet be dead, we struggle to maintain its shield for personal autonomy. Part of this contemporary challenge comes from the massive data sets generated every day everywhere. And then the powerful analytics that reveal all. This is further challenged by efforts at data transparency that may reveal too much of one’s life. Preservation of privacy, if we deem it important enough to preserve, must have a robust set of technical and legislative implementations on collection, storage, transmission and …

Privacy In The Wild: Why Animals' Informational Privacy Matters, Christopher Wlach

Animal Law Review

As data privacy and security come increasingly into focus among lawmakers, regulators, companies, and consumers, concerns about animals’ privacy have gone largely unmentioned. This Article examines how both wild and domestic animals have informational privacy interests—that is, interests in protecting information about themselves. The Article discusses three examples of how informational privacy for animals is not merely a theoretical concept but directly relates to animals’ broader welfare interests. Finally, this Article discusses why privacy provides a helpful theoretical framework and vocabulary for addressing these animals’ interests.

Dobbs In A Technologized World: Implications For Us Data Privacy, Jheel Gosain, Jason D. Keune, Michael S. Sinha

All Faculty Scholarship

In June of 2022, the U.S. Supreme Court issued its opinion in Dobbs v. Jackson Women’s Health Organization, overturning 50 years of precedent by eliminating the federal constitutional right to abortion care established by the Court’s 1973 decision in Roe v. Wade. The Dobbs decision leaves the decision about abortion services in the hands of the states, which created an immediately variegated checkerboard of access to women’s healthcare across the country. This in turn laid bare a profusion of privacy issues that emanate from our technologized world. We review these privacy issues, including healthcare data, financial data, website tracking and …

Data Privacy In The Time Of Plague, Cason Schmit, Brian N. Larson, Hye-Chung Kum

Faculty Scholarship

Data privacy is a life-or-death matter for public health. Beginning in late fall 2019, two series of events unfolded, one everyone talked about and one hardly anyone noticed: The greatest world-health crisis in at least 100 years, the COVID-19 pandemic; and the development of the Personal Data Protection Act Committee by the Uniform Law Commissioners (ULC) in the United States. By July 2021, each of these stories had reached a turning point. In the developed, Western world, most people who wanted to receive the vaccine against COVID- 19 could do so. Meanwhile, the ULC adopted the Uniform Personal Data Protection …

Race And Regulation Podcast Episode 5 - Racial Equity And Data Privacy, Anita L. Allen

Penn Program on Regulation Podcasts

In this episode, Anita Allen, an internationally renowned expert on the philosophical dimensions of privacy and data protection law, reveals how race-neutral privacy laws in the U.S. have failed to address the unequal burdens faced online by Black Americans, whose personal data are used in racially discriminatory ways. Professor Allen articulates what she terms an African American Online Equity Agenda to guide the development of race-conscious privacy regulations that can better promote racial justice in the modern digital economy.

Gauging The Acceptance Of Contact Tracing Technology: An Empirical Study Of Singapore Residents’ Concerns With Sharing Their Information And Willingness To Trust, Ee-Ing Ong, Wee Ling Loo

Research Collection Yong Pung How School Of Law

In response to the COVID-19 pandemic, governments began implementing various forms of contact tracing technology. Singapore’s implementation of its contact tracing technology, TraceTogether, however, was met with significant concern by its population, with regard to privacy and data security. This concern did not fit with the general perception that Singaporeans have a high level of trust in its government. We explore this disconnect, using responses to our survey (conducted pre-COVID-19) in which we asked participants about their level of concern with the government and business collecting certain categories of personal data. The results show that respondents had less concern with …

Investing In Human Futures: How Big Tech And Social Media Giants Abuse Privacy And Manipulate Consumerism, Brett Dembrow

University of Miami Business Law Review

Social media companies such as Facebook, Twitter, and Instagram originated with one seemingly innocent goal: “to bring the world closer together.”1 Now, these Big Tech giants own and operate some of the most powerful platforms in the world simply because of their unethical yet effective strategies to maintain their users’ attention. Social media companies have monetized the amount of time their users spend on their platforms by honing in on the individual preferences of each user and selling that access to advertisers. This heightened access to potential consumers and their preferences has become the most valuable marketing tool for digital …

Big Data, Both Friend And Foe: The Intersection Of Privacy And Trade On The Transatlantic Stage, Gabrielle C. Craft

University of Miami International and Comparative Law Review

This Note analyzes the data privacy protection initiatives implemented by the European Union and the United States and their effects on international trade. As technology develops, the feasibility of data collection increases, allowing for the collecting of inconceivable amounts of data information. Consequently, this data includes personal information, thus implicating privacy concerns and the need for data privacy protection regulations. Data privacy focuses on the use and governance of personal data and how the data is gathered, collected, and stored. In 2018, the European Union enacted the General Data Protection Regulation (GDPR), which sets out highly stringent standards for how …

Me, Myself And My Digital Double: Extending Sara Greene’S Stealing (Identity) From The Poor To The Challenges Of Identity Verification, Michele E. Gilman

All Faculty Scholarship

Identity is an essential part of the human condition. When one’s identity is stolen or when a state rejects a citizen’s identity, the consequences can be devastating to one’s notion of selfhood as well as undermine their economic security. In Stealing (Identity) from the Poor, Sara Greene explores the serious harms suffered by low-income people who are victimized by identity theft. She explains that our plutocratic regime of identity theft laws serves the interests of wealthier Americans at the expense of those experiencing poverty.

This Essay extends Greene’s analysis and framing to the harms of identity verification systems, particularly in …

The Crimes Of Digital Capitalism, Aitor Jiménez, J.C. Oleson

Mitchell Hamline Law Review

No abstract provided.

Data Transfers After Schrems Ii: The Eu-Us Disagreements Over Data Privacy And National Security, Monika Zalnieriute

Vanderbilt Journal of Transnational Law

In the long-awaited Schrems II decision, the Court of Justice of the European Union (CJEU) took a radical, although not an unexpected, step in invalidating the Privacy Shield Agreement, which facilitated data transfers between the European Union and the United States. Schrems II illuminates long-lasting international disagreements between the EU and the United States over data protection, national security, and the fundamental differences between the public and private approaches to the protection of human rights in the data-driven economy and modern state. This Article approaches the decision via an interdisciplinary lens of international law and international relations and situates it …

The Anomaly That Is Privacy: Data Privacy Concerns Related To The Rise Of Microchip Implants In Humans, Kendra Lobban

Catholic University Journal of Law and Technology

No abstract provided.

Privacy Pretexts, Rory Van Loo

Faculty Scholarship

Data privacy’s ethos lies in protecting the individual from institutions. Increasingly, however, institutions are deploying privacy arguments in ways that harm individuals. Platforms like Amazon, Facebook, and Google wall off information from competitors in the name of privacy. Financial institutions under investigation justify withholding files from the Consumer Financial Protection Bureau by saying they must protect sensitive customer data. In these and other ways, the private sector is exploiting privacy to avoid competition and accountability. This Article highlights the breadth of privacy pretexts and uncovers their moral structure. Like most pretexts, there is an element of truth to the claims. …

Uncertain Terms, Leah R. Fowler, Jim Hawkins, Jessica L. Roberts

Notre Dame Law Review

Health apps collect massive amounts of sensitive consumer data, including information about users’ reproductive lives, mental health, and genetics. As a result, consumers in this industry may shop for privacy terms when they select a product. Yet our research reveals that many digital health tech companies reserve the right to unilaterally amend their terms of service and their privacy policies. This ability to make one-sided changes undermines the market for privacy, leaving users vulnerable. Unfortunately, the current law generally tolerates unilateral amendments, despite fairness and efficiency concerns. We therefore propose legislative, regulatory, and judicial solutions to better protect consumers of …

Note: Facial Recognition Technology And The Constitution, Mark Simonitis

Notre Dame Journal on Emerging Technologies

Over the past several years, we have seen an increase in the adoption and use of facial recognition technology (FRT). Both private corporations and government organizations have increasingly used this technology over the past several years, and law enforcement agencies have been just as eager to utilize FRT in their operations. The potential uses for this technology in a law enforcement capacity are numerous. For example, FRT could be used to identify criminals whose faces were caught on surveillance footage, or it could be used to help identify citizens during border crossings. However, it is easy to imagine how an …

Data Privacy Issues In West Virginia And Beyond: A Comprehensive Overview, Jena Martin

Consumer Law Scholarship

This white paper was commissioned by the Center for Consumer Law and Education, a joint initiative launched by West Virginia University and Marshall University to “coordinate the development of consumer law, policy, and education research to support and serve consumers.”

As such, this paper has a dual purpose. First, it provides a comprehensive overview of the many different legal issues that affect data privacy concerns (both nationally and in West Virginia). Second, it documents and discusses the result of a survey and specific focus groups that were undertaken throughout the fall of 2019 into January 2020 where individuals within the …

Developing A Measure Of Social, Ethical, And Legal Content For Intelligent Cognitive Assistants, Clovia Hamilton, William Swart, Gerald M. Stokes

Technology & Society Faculty Publications

We address the issue of consumer privacy against the backdrop of the national priority of maintaining global leadership in artificial intelligence, the ongoing research in Artificial Cognitive Assistants, and the explosive growth in the development and application of Voice Activated Personal Assistants (VAPAs) such as Alexa and Siri, spurred on by the needs and opportunities arising out of the COVID-19 global pandemic. We first review the growth and associated legal issues of the of VAPAs in private homes, banks, healthcare, and education. We then summarize the policy guidelines for the development of VAPAs. Then, we classify these into five major …

Privacy Losses As Wrongful Gains, Bernard Chao

Sturm College of Law: Faculty Scholarship

Perhaps nowhere has the pace of technology placed more pressure on the law than in the area of data privacy. Huge data breaches fill our headlines. Companies often violate their own privacy policies by selling customer data, or by using the information in ways that fall outside their policy. Yet, even when there is indisputable misconduct, the law generally does not hold these companies accountable. That is because traditional legal claims are poorly suited for handling privacy losses.

Contract claims fail when privacy policies are not considered contractual obligations. Misrepresentation claims cannot succeed when customers never read and rely on …

Outsourcing The Police: How Reliance On The Private Sector For Law Enforcement Threatens Privacy Legislation Around The World, Karl Colbary

Northwestern Journal of International Law & Business

Data privacy is an increasingly important issue in the world today. People are increasingly aware of, and concerned about, their digital footprint. As a result, many jurisdictions around the world—the United States excluded—have enacted legislation with an eye towards giving their citizens greater control over their data. However, the movement to give individuals greater control over how their data is used by tech providers often overlooks the fact that the government is one of the biggest consumers of the data that tech providers collect. Therefore, data privacy regimes that allow the flow of personal information to the government do not …

Contracting For Algorithmic Accountability, Cary Coglianese, Erik Lampmann

All Faculty Scholarship

As local, state, and federal governments increase their reliance on artificial intelligence (AI) decision-making tools designed and operated by private contractors, so too do public concerns increase over the accountability and transparency of such AI tools. But current calls to respond to these concerns by banning governments from using AI will only deny society the benefits that prudent use of such technology can provide. In this Article, we argue that government agencies should pursue a more nuanced and effective approach to governing the governmental use of AI by structuring their procurement contracts for AI tools and services in ways that …

Forging A Path Towards Meaningful Digital Privacy: Data Monetization And The Ccpa, Rebecca Harris

Loyola of Los Angeles Law Review

The California Consumer Privacy Act (CCPA) was passed in response to a number of newsworthy data breaches with widespread impacts, and which revealed how little digital privacy consumers actually have. Despite the large market for consumer data, individual consumers generally do not earn money when their personal data are sold. Further, consumers have very little control over who collects their data, what information is collected, and with whom it is shared. To place control back in the hands of the consumer, affirmative consent should be required to collect and sell consumer’s data, and consumers should have the ability to sell …

U.S.-U.K. Executive Agreement: Case Study Of Incidental Collection Of Data Under The Cloud Act, Eddie B. Kim

Washington Journal of Law, Technology & Arts

In March 2018, Congress passed the Clarifying Lawful Overseas Use of Data Act, also known as the CLOUD Act, in order to expedite the process of cross-border data transfers for the purposes of criminal investigations. The U.S. government entered into its first Executive Agreement, the main tool to achieve the goals of the statute, with the United Kingdom in October 2019. While the CLOUD Act requires the U.S. Attorney General to consider whether the foreign government counterpart has a certain level of robust data privacy laws, the relevant laws of the United Kingdom have generally been questioned numerous times for …

Untangling The Privacy Law Web: Why The California Consumer Privacy Act Furthers The Need For Federal Preemptive Legislation, Jordan Yallen

Loyola of Los Angeles Law Review

No abstract provided.

Regulating Personal Data Usage In Covid-19 Control Conditions, Mark Findlay, Nydia Remolina

Centre for AI & Data Governance

As the COVID-19 health pandemic ebbs and flows world-wide, governments and private companies across the globe are utilising AI-assisted surveillance, reporting, mapping and tracing technologies with the intention of slowing the spread of the virus. These technologies have capacity to amass and share personal data for community control and citizen safety motivations that empower state agencies and inveigle citizen co-operation which could only be imagined outside times of real and present personal danger. While not cavilling with the short-term necessity for these technologies and the data they control, process and share in the health regulation mission (provided that the technology …