Open Access. Powered by Scholars. Published by Universities.®

Law Commons

Open Access. Powered by Scholars. Published by Universities.®

Data security

Discipline
Institution
Publication Year
Publication
Publication Type
File Type

Articles 1 - 30 of 68

Full-Text Articles in Law

“Smart” Lawyering: Integrating Technology Competence Into The Legal Practice Curriculum, Dyane L. O'Leary May 2021

“Smart” Lawyering: Integrating Technology Competence Into The Legal Practice Curriculum, Dyane L. O'Leary

The University of New Hampshire Law Review

Technology has changed modern law practice. Ethics rules obligate lawyers to understand whether, when, and how to use it to deliver services. But most law schools do not incorporate the so-called “Duty of Technology Competence” into the required curriculum. Despite broad calls for legal education to make students more practice-ready, there is no clear path forward for how to weave this valuable professional skill into coursework for all students. This Article supplies one.

The legal practice course should pair technology competence with traditional legal writing and research work. Lawyers do not draft memos or perform legal research or manage caseloads ...


Smart Cities And Sustainability: A New Challenge To Accountability?, Iria Giuffrida Apr 2021

Smart Cities And Sustainability: A New Challenge To Accountability?, Iria Giuffrida

William & Mary Environmental Law and Policy Review

From 1800 to today, the global population has shifted from only three percent living in an urban environment to well over fifty percent in 2020. As a result of urbanization, cities around the world struggle to manage traffic and waste, efficiently distribute utilities, and lower pollution to slow the progression of global warming. Smart city technologies have emerged as a tool to process cities’ various forms of data collected through networks of precisely placed sensors and map solutions to many of the environmental and social issues created by urbanization. For swelling metropolitan areas in the United States, China, and Europe ...


Gauging The Acceptance Of Contact Tracing Technology: An Empirical Study Of Singapore Residents’ Concerns With Sharing Their Information And Willingness To Trust, Ee-Ing Ong, Wee Ling Loo Apr 2021

Gauging The Acceptance Of Contact Tracing Technology: An Empirical Study Of Singapore Residents’ Concerns With Sharing Their Information And Willingness To Trust, Ee-Ing Ong, Wee Ling Loo

Research Collection School Of Law

In response to the COVID-19 pandemic, governments began implementing various forms of contact tracing technology. Singapore’s implementation of its contact tracing technology, TraceTogether, however, was met with significant concern by its population, with regard to privacy and data security. This concern did not fit with the general perception that Singaporeans have a high level of trust in its government. We explore this disconnect, using responses to our survey (conducted pre-COVID-19) in which we asked participants about their level of concern with the government and business collecting certain categories of personal data. The results show that respondents had less concern ...


Protection Of Data In Armed Conflict, Robin Geiss, Henning Lahmann Feb 2021

Protection Of Data In Armed Conflict, Robin Geiss, Henning Lahmann

International Law Studies

This article presents a novel way to conceptualize the protection of data in situations of armed conflict. Although the question of the targeting of data through adversarial military cyber operations and its implications for the qualification of such conduct under International Humanitarian Law has been on scholars’ and states’ radar for the last few years, there remain a number of misunderstandings as to how to think about the notion of “data.” Based on a number of fictional scenarios, the article clarifies the pertinent terminology and makes some expedient distinctions between various types of data. It then analyzes how existing international ...


Hipaa-Phobia Hampers Efforts To Track And Contain Covid-19, Lee Hiromoto M.D., J.D. Jan 2021

Hipaa-Phobia Hampers Efforts To Track And Contain Covid-19, Lee Hiromoto M.D., J.D.

SLU Law Journal Online

The Health Insurance Portability and Accountability Act (HIPAA), enacted by the US Congress 1996, laudably protects medical privacy in healthcare settings. However, this federal law has created a culture of fear that limits current efforts to address the COVID-19 pandemic. Healthcare providers, who are covered by HIPAA, may be reluctant to disclose information about outbreak clusters for fear of violating the law. Healthcare organizations, who are also covered by the law, still rely on fax machines to avoid violating HIPAA’s data security requirements. And the scrupulous rule-following in healthcare has given independent life to a HIPAA boogeyman. Thus, officials ...


Regulating The Sixth Sense: The Growing Need For Forward-Looking Data Privacy And Device Security Policy As Illustrated By Brain-Computer Interfaces, Hannah Gallagher Jan 2021

Regulating The Sixth Sense: The Growing Need For Forward-Looking Data Privacy And Device Security Policy As Illustrated By Brain-Computer Interfaces, Hannah Gallagher

Washington University Journal of Law & Policy

Many of today’s consumers are skeptical of the vast amounts of information technology companies are capable of gathering. Methods of collecting such data have become more invasive over time and have the potential to become compromised or abused. Gallagher urges policymakers to consider the regulations necessary to address privacy and security risks associated with emerging biotechnology such as brain-computer interfaces (“BCI”) without disrupting innovation incentives.This Note analyzes the current state of augmentative BCI technology, the trend of increasingly invasive technology, and proposed policy solutions for governing data privacy. Since BCIs will be collecting data on consumers’ neural signals ...


Data Security Using Armstrong Numbers, S. Belose, M. Malekar, S. Dhamal, G. Dharmawat, N.J. Kulkarni Aug 2020

Data Security Using Armstrong Numbers, S. Belose, M. Malekar, S. Dhamal, G. Dharmawat, N.J. Kulkarni

Undergraduate Academic Research Journal

In the real world, it is difficult to transmit data from one place to another with security. To ensure secured data transmission, universal technique called cryptography is used, which provides confidentiality of the transmitted data. In this paper Encryption and decryption process uses Armstrong number which is referred as a secret key. To make the Authentication between two intended users along with the security, server is used. With the help of server, both sender and receiver will get validated. Then actual data could be transmitted by any of the means.


Healthy Data Protection, Lothar Determann May 2020

Healthy Data Protection, Lothar Determann

Michigan Technology Law Review

Modern medicine is evolving at a tremendous speed. On a daily basis, we learn about new treatments, drugs, medical devices, and diagnoses. Both established technology companies and start-ups focus on health-related products and services in competition with traditional healthcare businesses. Telemedicine and electronic health records have the potential to improve the effectiveness of treatments significantly. Progress in the medical field depends above all on data, specifically health information. Physicians, researchers, and developers need health information to help patients by improving diagnoses, customizing treatments and finding new cures.

Yet law and policymakers are currently more focused on the fact that health ...


Exploring Lawful Hacking As A Possible Answer To The "Going Dark" Debate, Carlos Liguori May 2020

Exploring Lawful Hacking As A Possible Answer To The "Going Dark" Debate, Carlos Liguori

Michigan Technology Law Review

The debate on government access to encrypted data, popularly known as the “going dark” debate, has intensified over the years. On the one hand, law enforcement authorities have been pushing for mandatory exceptional access mechanisms on encryption systems in order to enable criminal investigations of both data in transit and at rest. On the other hand, both technical and industry experts argue that this solution compromises the security of encrypted systems and, thus, the privacy of their users. Some claim that other means of investigation could provide the information authorities seek without weakening encryption, with lawful hacking being one of ...


Protecting The States From Electoral Invasions, Drew Marvel Jan 2020

Protecting The States From Electoral Invasions, Drew Marvel

William & Mary Bill of Rights Journal

Since the 2016 U.S. presidential election, the threat of foreign interference in U.S. elections has loomed large in the minds of the American public. During the 2016 campaign season, Russian government-backed hackers infiltrated the networks and computers of the Democratic National Committee (DNC), the Democratic Congressional Campaign Committee (DCCC), and various campaign officials, harvesting private information and installing spyware and malware for ongoing intelligence purposes. U.S. intelligence officials have indicated that, using similar tactics, the Russian hackers also targeted election systems and officials in all fifty states, successfully breaching at least two of those states’ election systems ...


Trimming The Fat: The Gdpr As A Model For Cleaning Up Our Data Usage, Kassandra Polanco Jan 2020

Trimming The Fat: The Gdpr As A Model For Cleaning Up Our Data Usage, Kassandra Polanco

Touro Law Review

No abstract provided.


A New Frontier Facing Attorneys And Paralegals: The Promise & Challenges Of Artificial Intelligence As Applied To Law & Legal Decision-Making, Marissa Moran Jan 2020

A New Frontier Facing Attorneys And Paralegals: The Promise & Challenges Of Artificial Intelligence As Applied To Law & Legal Decision-Making, Marissa Moran

Publications and Research

Artificial Intelligence/AI invisibly navigates and informs our lives today and may also be used to determine a client’s legal fate. Through executive order, statements by a U.S. Supreme Court justice and a Congressional Commission on AI, all three branches of the United States government have addressed the use of AI to resolve societal and legal matters. Pursuant to the American Bar Association Model Rules of Professional Conduct[i] and New York Rules of Professional Conduct (NYRPC), [ii] the legal profession recognizes the need for competency in technology which requires both substantive knowledge of law and competent use ...


Breaches Within Breaches: The Crossroads Of Erisa Fiduciary Responsibilities And Data Security, Gregg Moran Feb 2019

Breaches Within Breaches: The Crossroads Of Erisa Fiduciary Responsibilities And Data Security, Gregg Moran

University of Miami Law Review

Although the drafters of the Employee Retirement Income Security Act of 1974 (“ERISA”) likely could not have anticipated the data security issues of the twenty-first century, ERISA’s duty of prudence almost certainly requires employee benefit plan fiduciaries to protect sensitive participant data in at least some manner. This Article suggests the Department of Labor should issue a regulation clarifying fiduciaries’ data security obligations. Given that fiduciaries are in the best positions to recognize their plans’ individual security needs and capabilities, the regulation should not attempt to micromanage fiduciaries’ substantive data security policies; rather, it should focus on the procedures ...


A Skeptical View Of Information Fiduciaries, Lina M. Khan, David E. Pozen Jan 2019

A Skeptical View Of Information Fiduciaries, Lina M. Khan, David E. Pozen

Faculty Scholarship

The concept of "information fiduciaries" has surged to the forefront of debates on online platform regulation. Developed by Professor Jack Balkin, the concept is meant to rebalance the relationship between ordinary individuals and the digital companies that accumulate, analyze, and sell their personal data for profit. Just as the law imposes special duties of care, confidentiality, and loyalty on doctors, lawyers, and accountants vis- à -vis their patients and clients, Balkin argues, so too should it impose special duties on corporations such as Facebook, Google, and Twitter vis-à-vis their end users. Over the past several years, this argument has garnered ...


A Skeptical View Of Information Fiduciaries, Lina Khan, David E. Pozen Jan 2019

A Skeptical View Of Information Fiduciaries, Lina Khan, David E. Pozen

Faculty Scholarship

The concept of “information fiduciaries” has surged to the forefront of debates on online-platform regulation. Developed by Professor Jack Balkin, the concept is meant to rebalance the relationship between ordinary individuals and the digital companies that accumulate, analyze, and sell their personal data for profit. Just as the law imposes special duties of care, confidentiality, and loyalty on doctors, lawyers, and accountants vis-à-vis their patients and clients, Balkin argues, so too should it impose special duties on corporations such as Facebook, Google, and Twitter vis-à-vis their end users. Over the past several years, this argument has garnered remarkably broad support ...


Who Are The Real Cyberbullies: Hackers Or The Ftc? The Fairness Of The Ftc’S Authority In The Data Security Context, Jaclyn K. Haughom Nov 2017

Who Are The Real Cyberbullies: Hackers Or The Ftc? The Fairness Of The Ftc’S Authority In The Data Security Context, Jaclyn K. Haughom

Catholic University Law Review

As technology continues to be an integral part of daily life, there lies an ever-increasing threat of the personally identifiable information of consumers being lost, stolen, or accessed without authorization. The Federal Trade Commission (FTC) is the U.S. government’s primary consumer protection agency and the country’s lead enforcer against companies subject to data breaches. Although the FTC lacks explicit statutory authority to enforce against data breaches, the Commission has successfully relied on Section 5 of the FTC Act (FTCA) to exercise its consumer protection power in the data security context. However, as the FTC continues to take ...


Disruptive Platforms, Margot Kaminski Jan 2017

Disruptive Platforms, Margot Kaminski

Articles

No abstract provided.


Health Information Equity, Craig Konnoth Jan 2017

Health Information Equity, Craig Konnoth

Articles

In the last few years, numerous Americans’ health information has been collected and used for follow-on, secondary research. This research studies correlations between medical conditions, genetic or behavioral profiles, and treatments, to customize medical care to specific individuals. Recent federal legislation and regulations make it easier to collect and use the data of the low-income, unwell, and elderly for this purpose. This would impose disproportionate security and autonomy burdens on these individuals. Those who are well-off and pay out of pocket could effectively exempt their data from the publicly available information pot. This presents a problem which modern research ethics ...


Standing After Snowden: Lessons On Privacy Harm From National Security Surveillance Litigation, Margot E. Kaminski Jan 2017

Standing After Snowden: Lessons On Privacy Harm From National Security Surveillance Litigation, Margot E. Kaminski

Articles

Article III standing is difficult to achieve in the context of data security and data privacy claims. Injury in fact must be "concrete," "particularized," and "actual or imminent"--all characteristics that are challenging to meet with information harms. This Article suggests looking to an unusual source for clarification on privacy and standing: recent national security surveillance litigation. There we can find significant discussions of what rises to the level of Article III injury in fact. The answers may be surprising: the interception of sensitive information; the seizure of less sensitive information and housing of it in a database for analysis ...


Cybersecurity Stovepiping, David Thaw Jan 2017

Cybersecurity Stovepiping, David Thaw

Articles

Most readers of this Article probably have encountered – and been frustrated by – password complexity requirements. Such requirements have become a mainstream part of contemporary culture: "the more complex your password is, the more secure you are, right?" So the cybersecurity experts tell us… and policymakers have accepted this "expertise" and even adopted such requirements into law and regulation.

This Article asks two questions. First, do complex passwords actually achieve the goals many experts claim? Does using the password "Tr0ub4dor&3" or the passphrase "correcthorsebatterystaple" actually protect your account? Second, if not, then why did such requirements become so widespread?

Through ...


The Privacy Policymaking Of State Attorneys General, Danielle K. Citron Dec 2016

The Privacy Policymaking Of State Attorneys General, Danielle K. Citron

Faculty Scholarship

Accounts of privacy law have focused on legislation, federal agencies, and the self-regulation of privacy professionals. Crucial agents of regulatory change, however, have been ignored: the state attorneys general. This article is the first in-depth study of the privacy norm entrepreneurship of state attorneys general. Because so little has been written about this phenomenon, I engaged with primary sources — first interviewing state attorneys general and current and former career staff, and then examining documentary evidence received through FOIA requests submitted to AG offices around the country.

Much as Justice Louis Brandeis imagined states as laboratories of the law, offices of ...


A Day In Court For Data Breach Plaintiffs: Preserving Standing Based On Increased Risk Of Identity Theft After Clapper V. Amnesty International Usa, Thomas Martecchini Jun 2016

A Day In Court For Data Breach Plaintiffs: Preserving Standing Based On Increased Risk Of Identity Theft After Clapper V. Amnesty International Usa, Thomas Martecchini

Michigan Law Review

Following a data breach, consumers suffer an increased risk of identity theft because of the exposure of their personal information. Limited protection by data-breach statutes has made it difficult for consumers to seek compensation for these injuries and penalize the companies that fail to protect their information, leading consumers to bring common law claims in court. Yet courts have disagreed about whether an increased risk of identity theft qualifies as an injury-in-fact under Article III standing principles: the Seventh and Ninth Circuits have approved of increased risk standing, while the Third Circuit has rejected it. The Supreme Court has further ...


Moving Beyond “Reasonable”: Clarifying The Ftc’S Use Of Its Unfairness Authority In Data Security Enforcement Actions, Timothy E. Deal Apr 2016

Moving Beyond “Reasonable”: Clarifying The Ftc’S Use Of Its Unfairness Authority In Data Security Enforcement Actions, Timothy E. Deal

Fordham Law Review

Data security breaches, which compromise private consumer information, seem to be an ever-increasing threat. To stem this tide, the Federal Trade Commission (FTC) has relied upon its authority to enforce the prohibition against unfair business practices under section 5 of the Federal Trade Commission Act (“section 5”) to hold companies accountable when they fail to employ data security measures that could prevent breaches. Specifically, the FTC brings enforcement actions when it finds that companies have failed to implement “reasonable” data security measures. However, companies and scholars argue that the FTC has not provided adequate notice of which data security practices ...


Just What The Doctor Ordered: Protecting Privacy Without Impeding Development Of Digital Pills, Amelia R. Montgomery Jan 2016

Just What The Doctor Ordered: Protecting Privacy Without Impeding Development Of Digital Pills, Amelia R. Montgomery

Vanderbilt Journal of Entertainment & Technology Law

Using technology, humans are receiving more and more information about the world around them via the Internet of Things, and the next area of connection will be the inside of the human body. Several forms of "digital pills" that send information from places like the human digestive tract or bloodstream are being developed, with a few already in use. These pills could stand to provide information that could drastically improve the lives of many people, but they also have privacy and data security implications that could put consumers at great risk. This Note analyzes these risks and suggests that short-term ...


Implications For The Future Of Global Data Security And Privacy: The Territorial Application Of The Stored Communications Act And The Microsoft Case, Russell Hsiao Dec 2015

Implications For The Future Of Global Data Security And Privacy: The Territorial Application Of The Stored Communications Act And The Microsoft Case, Russell Hsiao

Catholic University Journal of Law and Technology

No abstract provided.


Exposure Without Redress: A Proposed Remedial Tool For The Victimns Who Were Set Aside, Elizabeth T. Isaacs Jan 2015

Exposure Without Redress: A Proposed Remedial Tool For The Victimns Who Were Set Aside, Elizabeth T. Isaacs

Oklahoma Law Review

No abstract provided.


Data Breach (Regulatory) Effects, David Thaw Jan 2015

Data Breach (Regulatory) Effects, David Thaw

Articles

No abstract provided.


Should The Ftc Kill The Password? The Case For Better Authentication, Daniel J. Solove, Woodrow Hartzog Jan 2015

Should The Ftc Kill The Password? The Case For Better Authentication, Daniel J. Solove, Woodrow Hartzog

GW Law Faculty Publications & Other Works

Data security breaches are occurring at an alarming frequency, and one of the main causes involves problems authenticating the identity of account holders. The most common approach to authentication is the use of passwords, but passwords are a severely flawed means of authentication. People are being asked to do a nearly impossible task – create unique, long, and complex passwords for each of the numerous accounts they hold, change them frequently, and remember them all. People do very poorly in following these practices, and even if they manage to do so, hackers and phishers can readily trick people into revealing their ...


An Overview Of Privacy Law, Daniel J. Solove, Paul M. Schwartz Jan 2015

An Overview Of Privacy Law, Daniel J. Solove, Paul M. Schwartz

GW Law Faculty Publications & Other Works

Chapter 2 of PRIVACY LAW FUNDAMENTALS provides a brief overview of information privacy law – the scope and types of law. The chapter contains an historical timeline of major developments in the law of privacy and data security.

PRIVACY LAW FUNDAMENTALS is a distilled guide to the essential elements of U.S. data privacy law. In an easily-digestible format, the book covers core concepts, key laws, and leading cases.

Professors Daniel Solove and Paul Schwartz clearly and concisely distill all relevant information about privacy law into this short volume. PRIVACY LAW FUNDAMENTALS is designed to be like Strunk and White’s ...


Hacking Health Care: Authentication Security In The Age Of Meaningful Use , Gordon Gantt Jr. Jan 2014

Hacking Health Care: Authentication Security In The Age Of Meaningful Use , Gordon Gantt Jr.

Journal of Law and Health

The rapid adoption of EHRs (Electronic Health Records), to store and communicate highly personal data, raises serious concerns in terms of privacy, security, and civil and criminal liability. This note will examine the current statutory framework for addressing electronic breaches in the health care context, examine the vulnerabilities of EHRs, and look to the established world of online banking for possible legislative and practical solutions to the challenge of keeping private health information private. Finally, this note will propose key amendments to the Health Insurance Portability and Accountability Act (HIPAA) regulations to enhance authentication security.