Law Commons^™

In Sickness, Health, And Cyberspace: Protecting The Security Of Electronic Private Health Information, Sharona Hoffman, Andy Podgurski

ExpressO

The electronic processing of health information provides considerable benefits to patients and health care providers at the same time that it creates serious risks to the confidentiality, integrity, and availability of the data. The Internet provides a conduit for rapid and uncontrolled dispersion and trafficking of illicitly-obtained private health information, with far-reaching consequences to the unsuspecting victims. In order to address such threats to electronic private health information, the U.S. Department of Health and Human Services enacted the HIPAA Security Rule, which thus far has received little attention in the legal literature. This article presents a critique of the Security …

Privacy And Access To Public Records In The Information Age, Sol Bermann

ExpressO

Online public record access brings a wealth of benefits ranging from greater government access and accountability to increased cost-savings and efficiencies. However, due to the presence of highly sensitive, personal data, an increase in public records access also brings potential dangers, including heightened risk of identity theft and frivolous snooping into the affairs of others.

Historically, public records have had some measure of public accessibility in order to empower citizens with the ability to observe the goings-on of government, leading to greater government accountability. Until the rise of the internet, citizens have had their privacy protected through practical obscurity (the …

‘Code’ And The Slow Erosion Of Privacy, Ronald Leenes, Bert-Jaap Koops

ExpressO

The notion of software code replacing legal code as a mechanism to control human behavior – ‘code as law’ – is often illustrated with examples in intellectual property and freedom of speech. This article examines the neglected issue of the impact of ‘code as law’ on privacy. To what extent is privacy-related ‘code’ being used, either to undermine or to enhance privacy? On the basis of cases in the domains of law enforcement, national security, E-government, and commerce, it is concluded that technology rarely incorporates specific privacy-related norms. At the same time, however, technology very often does have clear effects …

Material Vulnerabilities: Data Privacy, Corporate Information Security And Securities Regulation, Andrea M. Matwyshyn

ExpressO

This article undertakes a normative and empirical legal inquiry into the manner information security vulnerabilities are being addressed through law and in the marketplace. Specifically, this article questions the current legislative paradigm for information security regulation by presenting a critique grounded in information security and cryptography theory. Consequently, this article advocates shifting our regulatory approach to a process-based security paradigm that focuses on improving security of our system as a whole. Finally, this article argues that in order to accomplish this shift with least disruption to current legal and economic processes, expanding an existing set of well-functioning legal structures is …

Cyberspace Cartography: The Case Of On-Line Territorial Privacy, Daniel Benoliel

ExpressO

Territorial privacy, one of the central categories of privacy protection, involves setting limit boundaries on intrusion into an explicit space or locale. Initially, the Restatement (Second) of Torts, which defined the privacy tort of intrusion, as applied by courts, most notably designated two classes of excluded areas: “private” places in which the individual can expect to be free from intrusion, and “non-private” places, in which the individual does not have a recognized expectation of privacy. In the physical world, courts ultimately held almost uniformly that the tort of intrusion could not occur in a public place or in a place …

A Gradual Shift In U.S. Privacy Laws Towards A Comprehensive Regime , Kamaal R. Zaidi

ExpressO

This paper examines the current trends in a predominantly sectoral U.S. privacy regime that appears to be becoming more comprehensive in nature with respect to data privacy protection. This trend has been greatly attributed to the European Union's comprehensive position on data privacy protection. This paper investigates the growth in U.S. data privacy protection in relation to federal and state legislative history, federal administrative procedures, and private industry efforts. This shift from sectoral to comprehensive regimes is significant in the backdrop of U.S-EU trade relations.