Law Commons^™

Data In Distress: Effectuating State Data Privacy Laws During Bankruptcy, Cameron Love

Emory Law Journal

In 2000, an online toy retailer, Toysmart.com, attempted to liquidate consumer data to pay creditors in its bankruptcy case. The attempted sale drew objections from the Federal Trade Commission and forty-seven state attorneys general. Five years later, Congress attempted to resolve privacy concerns in bankruptcy, amending the Bankruptcy Code to provide clear procedures for the liquidation of “personally identifiable information.” Recently, scholars have criticized these amendments, characterizing them as “limited,” “outdated,” and “privacy theater.” This Comment adds to these criticisms, arguing the amendments’ failure to mandate consideration of relevant nonbankruptcy law puts these permissive sales procedures on a collision course …

Hired By A Machine: Can A New York City Law Enforce Algorithmic Fairness In Hiring Practices?, Lindsey Fuchs

Fordham Journal of Corporate & Financial Law

Workplace antidiscrimination laws must adapt to address today’s technological realities. If left underregulated, the rapidly expanding role of Artificial Intelligence (“AI”) in hiring practices has the danger of creating new, more obscure modes of discrimination. Companies use these tools to reduce the duration and costs of hiring and potentially attract a larger pool of qualified applicants for their open positions. But how can we guarantee that these hiring tools yield fair outcomes when deployed? These issues are just starting to be addressed at the federal, state, and city levels. This Note tackles whether a new city law can be improved …

Inadequate Privacy: The Necessity Of Hipaa Reform In A Post-Dobbs World, Katherine Robertson

Seattle University Law Review

Part I of this Comment will provide an overview of HIPAA and the legal impacts of Dobbs. Part II will discuss the anticipatory response to the impacts of Dobbs on PHI by addressing the response from (1) the states, (2) the Biden Administration, and (3) the medical field. Part III will discuss the loopholes that exist in HIPAA and further address the potential impacts on individuals and the medical field if reform does not occur. Finally, Part IV will argue that the reform of HIPAA is the best avenue for protecting PHI related to reproductive healthcare.

Dismantling The “Black Opticon”: Privacy, Race Equity, And Online Data-Protection Reform, Anita L. Allen

All Faculty Scholarship

African Americans online face three distinguishable but related categories of vulnerability to bias and discrimination that I dub the “Black Opticon”: discriminatory oversurveillance, discriminatory exclusion, and discriminatory predation. Escaping the Black Opticon is unlikely without acknowledgement of privacy’s unequal distribution and privacy law’s outmoded and unduly race-neutral façade. African Americans could benefit from race-conscious efforts to shape a more equitable digital public sphere through improved laws and legal institutions. This Essay critically elaborates the Black Opticon triad and considers whether the Virginia Consumer Data Protection Act (2021), the federal Data Protection Act (2021), and new resources for the Federal Trade …

The Rise Of 5g Technology: How Internet Privacy And Protection Of Personal Data Is A Must In An Evolving Digital Landscape, Justin Rabine

Catholic University Journal of Law and Technology

No abstract provided.

Passcodes, Protection, And Legal Practicality: The Necessity Of A Digital Fifth Amendment, Ethan Swierczewski

Catholic University Journal of Law and Technology

No abstract provided.

Illusory Privacy, Thomas Haley

Indiana Law Journal

For decades, regulators, consumer advocates, and privacy theorists have grappled with one of privacy’s most important questions: how to protect private information that consumers unwittingly give away with the click of an “I accept” button. Reform efforts remain mired in a morass of text, focusing on the increasing volume and complexity of firms’ terms of service and privacy policies. This Article moves beyond such existing approaches. By analyzing terms of service and privacy policies from hundreds of top websites—which this Article calls “platform terms”—this Article demonstrates that the prevailing “notice and consent” paradigm of privacy regulation cannot provide meaningful protection. …

Personal Data Privacy And Protective Federal Legislation: An Exploration Of Constituent Position On The Need For Legislation To Control Data Reliant Organizations Collecting And Monetizing Internet-Obtained Personal Data, Giovanni De Meo

Dissertations

In the past twenty years, the business of online personal data collection has grown at the same rapid pace as the internet itself, fostering a multibillion-dollar personal data collection and commercialization industry. Unlike many other large industries, there has been no major federal legislation enacted to monitor or control the activities of organizations dealing in this flourishing industry. The combination of these factors together with the lack of prior research encouraged this research designed to understand how much voters know about this topic and whether there is interest in seeing legislation enacted to protect individual personal data privacy.

To address …

Cyber-Security, Privacy, And The Covid-19 Attenuation?, Vincent J. Samar

Journal of Legislation

Large-scale data brokers collect massive amounts of highly personal consumer information to be sold to whoever will pay their price, even at the expense of sacrificing individual privacy and autonomy in the process. In this Article, I will show how a proper understanding and justification for a right to privacy, in context to both protecting private acts and safeguarding information and states of affairs for the performance of such acts, provides a necessary background framework for imposing legal restrictions on such collections. This problem, which has already gained some attention in literature, now becomes even more worrisome, as government itself …

Regulating Data Breaches: A Data Superfund Statute, Kyle Mckibbin

Vanderbilt Journal of Entertainment & Technology Law

Collecting and processing large amounts of personal data has become a fundamental feature of the modern economy. Personal data, combined with good data analytics, are valuable to businesses as they can provide highly detailed information about individual preferences and behaviors. This data collection can also be valuable to the consumer as it generates innovative products and digital platforms. The era of big data promises great rewards, but it is not without its costs. Data breaches, or the release of personal data into unwanted hands, are pervasive and increasingly massive in scale. Despite the personal privacy harm caused by data breaches, …

The United States: Big Data, Little Regulation, Megan Valent

University of Miami Business Law Review

In the United States today, there is no single law to address the privacy concerns associated with the collection of consumer data. Lawmakers have introduced policies that seek to address data privacy at the federal level, but Congress has not yet acted to create a comprehensive law to protect consumers. On the contrary, in 2016, the European Union passed its General Data Protection Regulation to address the dangers associated with “Big Data” and to give consumers control over their data.

Unfortunately, in the United States consumers are often unaware of how their data is being handled and what is done …

Modern Privacy Advocacy: An Approach At War With Privacy Itself?, Justin "Gus" Hurwitz, Jamil N. Jaffer

Pepperdine Law Review

This Article argues that the modern concept of privacy itself, particularly as framed by some of its most ardent advocates today, is fundamentally incoherent. The Article highlights that many common arguments made in support of privacy, while initially seeming to protect this critical value, nonetheless undermine it in the long run. Using both recent and older examples of applying classic privacy advocacy positions to key technological innovations, the authors demonstrate how these positions, while seemingly privacy-enhancing at the time, actually resulted in outcomes that were less beneficial for consumers and citizens, including from a purely privacy-focused perspective. As a result, …

Saving America’S Privacy Rights: Why Carpenter V. United States Was Wrongly Decided And Why Courts Should Be Promoting Legislative Reform Rather Than Extending Existing Privacy Jurisprudence, David Stone

St. Mary's Law Journal

Privacy rights are under assault, but the Supreme Court’s judicial intervention into the issue, starting with Katz v. United States and leading to the Carpenter v. United States decision has created an inconsistent, piecemeal common law of privacy that forestalls a systematic public policy resolution by Congress and the states. In order to reach a satisfactory and longlasting resolution of the problem consistent with separation of powers principles, the states should consider a constitutional amendment that reduces the danger of pervasive technologyaided surveillance and monitoring, together with a series of statutes addressing each new issue posed by technological change as …

The Path To Standing: Asserting The Inherent Injury Of The Data Breach, Jennifer M. Joslin

Utah Law Review

Data breaches are on the rise as consumers continue to exchange personally identifiable information for goods and services in sectors from retail to healthcare. In the aftermath of a data breach, it has been difficult for victims of the breach to establish Article III standing to sue in federal courts. The primary hurdle for those seeking a remedy for the theft of their data has been showing that they have suffered an injury-in-fact. Plaintiffs typically assert an injury based on the increased risk of identity theft following a breach. However, courts have divided on whether such an injury satisfies the …

Consumer Protection—Exploring Private Causes Of Action For Victims Of Data Breaches, Justin H. Dion, Nicholas M. Smith

Faculty Scholarship

Data breaches are becoming a norm in modern life. Every year it seems that bigger and bigger attacks are launched, and more and more individuals are harmed. The law has responded by increasing states’ ability to prosecute cybercriminals. A glaring hole exists in this protection though. The state is largely an unharmed party. The real harm is done to individual citizens affected by the breaches. Their data is compromised, their identities are stolen, and their livelihoods are placed at risk. This Article will analyze the issue and propose a solution for increased consumer protection in addition to the current criminal …

Identities In Critical Condition: The Urgent Need To Reevaluate The Investigation And Resolution Of Claims Of Medical Identity Theft, Stephanie Lindgren

Mitchell Hamline Law Review

No abstract provided.

Technology Regulation By Default: Platforms, Privacy, And The Cfpb, Rory Van Loo

Faculty Scholarship

In the absence of a technology-focused regulator, diverse administrative agencies have been forced to develop regulatory models for governing their sphere of the data economy. These largely uncoordinated efforts offer a laboratory of regulatory experimentation on governance architecture. This symposium essay explores what the Consumer Financial Protection Bureau (CFPB) has done in its first several years to regulate financial technology (“fintech”), in the context of broader technology-related concerns identified in the literature. It begins with a survey of what the CFPB has undertaken using more traditional administrative agency tools—enforcement and rulemaking—in areas such as privacy, consumer control over data, and …

How Different Are Young Adults From Older Adults When It Comes To Information Privacy Attitudes & Policies?, Chris Jay Hoofnagle, Jennifer King, Su Li, Joseph Turow

Chris Jay Hoofnagle

Media reports teem with stories of young people posting salacious photos online, writing about alcohol-fueled misdeeds on social networking sites, and publicizing other ill-considered escapades that may haunt them in the future. These anecdotes are interpreted as representing a generation-wide shift in attitude toward information privacy. Many commentators therefore claim that young people “are less concerned with maintaining privacy than older people are.” Surprisingly, though, few empirical investigations have explored the privacy attitudes of young adults. This report is among the first quantitative studies evaluating young adults’ attitudes. It demonstrates that the picture is more nuanced than portrayed in the …

The Gdpr’S Version Of Algorithmic Accountability, Margot Kaminski

Publications

No abstract provided.

Cancelled Credit Cards: Substantial Risk Of Future Injury As A Basis For Standing In Data Breach Cases, Jennifer Wilt

SMU Law Review

No abstract provided.

Consumer Bitcredit And Fintech Lending, Christopher K. Odinet

Christopher K. Odinet

Yershov V. Gannett: Rethinking The Vppa In The 21st Century, Ariel A. Pardee

Maine Law Review

Almost anyone with a smartphone can recall a time when an online advertisement followed them from webpage to webpage, or mobile browser to mobile application, or even jumped from a mobile device to a desktop web browser. While some people see it as a harmless—or even helpful—quirk of the online world, others find it creepy and intrusive. In the absence of significant government regulation of online advertising practices, particularly aggrieved individuals have sought relief in the courts by alleging violations of ill-fitting statutes drafted decades ago. This note explores just such a case, Yershov v. Gannett, in which the First …

Comments To The Federal Trade Commission On The Can-Spam Rule Review, 16 C.F.R. Part 316, Project No. R711010, Roger Allan Ford

Law Faculty Scholarship

These comments respond to the Federal Trade Commission’s request for public comment on the CAN-SPAM Rule, 16 C.F.R. Part 316.

The CAN-SPAM Act set a minimum baseline for consumer protections that senders of unsolicited commercial email must respect. These protections have been largely effective at giving consumers the ability to manage how a large group of companies uses their email addresses for marketing. At the same time, the Act has had little effect on the volume of unsolicited commercial email or on the amount of email sent by scammers and fraudsters. The Act and its implementing Rule, then, have been …

Ispy: Threats To Individual And Institutional Privacy In The Digital World, Lori Andrews

All Faculty Scholarship

What type of information is collected, who is viewing it, and what law librarians can do to protect their patrons and institutions.

Ispy: Threats To Individual And Institutional Privacy In The Digital World, Lori Andrews

Lori B. Andrews

Social Data Discovery And Proportional Privacy, Agnieszka Mcpeak

Cleveland State Law Review

Social media platforms aggregate large amounts of personal information as "social data" that can be easily downloaded as a complete archive. Litigants in civil cases increasingly seek out broad access to social data during the discovery process, often with few limits on the scope of such discovery. But unfettered access to social data implicates unique privacy concerns—concerns that should help define the proper scope of discovery.

The Federal Rules of Civil Procedure, as amended in 2015, already contain the tools for crafting meaningful limits on intrusive social data discovery. In particular, the proportionality test under Rule 26 weighs the burdens …

Paying For Privacy And The Personal Data Economy, Stacy-Ann Elvy

Articles & Chapters

Growing demands for privacy and increases in the quantity and variety of consumer data have engendered various business offerings to allow companies, and in some instances consumers, to capitalize on these developments. One such example is the emerging “personal data economy” (PDE) in which companies, such as Datacoup, purchase data directly from individuals. At the opposite end of the spectrum, the “pay-for-privacy” (PFP) model requires consumers to pay an additional fee to prevent their data from being collected and mined for advertising purposes. This Article conducts a simultaneous in-depth exploration of the impact of burgeoning PDE and PFP models. It …

Newsroom: Freedman On Credit Reports 02-12-2016, Roger Williams University School Of Law

Life of the Law School (1993- )

No abstract provided.

The Sixth Pillar Of Anti-Money Laundering Compliance: Balancing Effective Enforcement With Financial Privacy, Maria A. De Dios

Brooklyn Journal of Corporate, Financial & Commercial Law

The U.S. government has responded to the increase of financial crimes, including money laundering and terrorist financing, by requiring that financial institutions implement anti-money laundering compliance programs within their institutions. Most recently, the Financial Crimes Enforcement Network exercised its regulatory powers, as authorized by the Treasury Department, by proposing regulations that now explicitly add customer due diligence to the preexisting anti-money laundering regime. The policy behind the government’s legislative and regulatory measures is clear—financial institutions must ensure that they are protected from and not aiding in the illegal efforts of criminals. The complexity and insidiousness of these financial crimes makes …

Use Of Facial Recognition Technology For Medical Purposes: Balancing Privacy With Innovation, Seema Mohapatra

Faculty Scholarship

No abstract provided.