Open Access. Powered by Scholars. Published by Universities.®
Articles 1 - 7 of 7
Full-Text Articles in Law
The Privacy Policymaking Of State Attorneys General, Danielle K. Citron
The Privacy Policymaking Of State Attorneys General, Danielle K. Citron
Faculty Scholarship
Accounts of privacy law have focused on legislation, federal agencies, and the self-regulation of privacy professionals. Crucial agents of regulatory change, however, have been ignored: the state attorneys general. This article is the first in-depth study of the privacy norm entrepreneurship of state attorneys general. Because so little has been written about this phenomenon, I engaged with primary sources — first interviewing state attorneys general and current and former career staff, and then examining documentary evidence received through FOIA requests submitted to AG offices around the country.
Much as Justice Louis Brandeis imagined states as laboratories of the law, offices …
Taking Trust Seriously In Privacy Law, Neil Richards, Woodrow Hartzog
Taking Trust Seriously In Privacy Law, Neil Richards, Woodrow Hartzog
Faculty Scholarship
Trust is beautiful. The willingness to accept vulnerability to the actions of others is the essential ingredient for friendship, commerce, transportation, and virtually every other activity that involves other people. It allows us to build things, and it allows us to grow. Trust is everywhere, but particularly at the core of the information relationships that have come to characterize our modern, digital lives. Relationships between people and their ISPs, social networks, and hired professionals are typically understood in terms of privacy. But the way we have talked about privacy has a pessimism problem – privacy is conceptualized in negative terms, …
Anonymization And Risk, Ira S. Rubinstein, Woodrow Hartzog
Anonymization And Risk, Ira S. Rubinstein, Woodrow Hartzog
Faculty Scholarship
Perfect anonymization of data sets that contain personal information has failed. But the process of protecting data subjects in shared information remains integral to privacy practice and policy. While the deidentification debate has been vigorous and productive, there is no clear direction for policy. As a result, the law has been slow to adapt a holistic approach to protecting data subjects when data sets are released to others. Currently, the law is focused on whether an individual can be identified within a given set. We argue that the best way to move data release policy past the alleged failures of …
The Scope And Potential Of Ftc Data Protection, Woodrow Hartzog, Daniel J. Solove
The Scope And Potential Of Ftc Data Protection, Woodrow Hartzog, Daniel J. Solove
Faculty Scholarship
For more than fifteen years, the FTC has regulated privacy and data security through its authority to police deceptive and unfair trade practices as well as through powers conferred by specific statutes and international agreements. Recently, the FTC’s powers for data protection have been challenged by Wyndham Worldwide Corp. and LabMD. These recent cases raise a fundamental issue, and one that has surprisingly not been well explored: How broad are the FTC’s privacy and data security regulatory powers? How broad should they be?
In this Article, we address the issue of the scope of FTC authority in the areas of …
Unfair And Deceptive Robots, Woodrow Hartzog
Unfair And Deceptive Robots, Woodrow Hartzog
Faculty Scholarship
Robots, like household helpers, personal digital assistants, automated cars, and personal drones are or will soon be available to consumers. These robots raise common consumer protection issues, such as fraud, privacy, data security, and risks to health, physical safety and finances. Robots also raise new consumer protection issues, or at least call into question how existing consumer protection regimes might be applied to such emerging technologies. Yet it is unclear which legal regimes should govern these robots and what consumer protection rules for robots should look like.
The thesis of the Article is that the FTC’s grant of authority and …
The Ftc And Privacy And Security Duties For The Cloud, Daniel J. Solove
The Ftc And Privacy And Security Duties For The Cloud, Daniel J. Solove
Faculty Scholarship
Third-party data service providers, especially providers of cloud computing services, present unique and difficult privacy and data security challenges. While many companies that directly collect data from consumers are bound by the promises they make to individuals in their privacy policies, cloud service providers are usually not a part of this arrangement. It is not entirely clear what, if any, obligations cloud service providers have to protect the data of individuals with whom they have no contractual relationship. This problem is especially acute because many institutions sharing personal data with cloud service providers fail to include significant privacy and security …
The Ftc And The New Common Law Of Privacy, Daniel J. Solove, Woodrow Hartzog
The Ftc And The New Common Law Of Privacy, Daniel J. Solove, Woodrow Hartzog
Faculty Scholarship
One of the great ironies about information privacy law is that the primary regulation of privacy in the United States has barely been studied in a scholarly way. Since the late 1990s, the Federal Trade Commission (FTC) has been enforcing companies’ privacy policies through its authority to police unfair and deceptive trade practices. Despite over fifteen years of FTC enforcement, there is no meaningful body of judicial decisions to show for it. The cases have nearly all resulted in settlement agreements. Nevertheless, companies look to these agreements to guide their privacy practices. Thus, in practice, FTC privacy jurisprudence has become …