Law Commons^™

Use Of Facial Recognition Technology For Medical Purposes: Balancing Privacy With Innovation, Seema Mohapatra

Faculty Scholarship

No abstract provided.

The Notion And Practice Of Reputation And Professional Identity In Social Networking: From K-12 Through Law School, Roberta Bobbie Studwell

Faculty Scholarship

No abstract provided.

When The Default Is No Penalty: Negotiating Privacy At The Ntia, Margot E. Kaminski

Publications

Consumer privacy protection is largely within the purview of the Federal Trade Commission. In recent years, however, the National Telecommunications and Information Administration (NTIA) at the Department of Commerce has hosted multistakeholder negotiations on consumer privacy issues. The NTIA process has addressed mobile apps, facial recognition, and most recently, drones. It is meant to serve as a venue for industry self-regulation. Drawing on the literature on co-regulation and on penalty defaults, I suggest that the NTIA process struggles to successfully extract industry expertise and participation against a dearth of federal data privacy law and enforcement. This problem is most exacerbated …

Sacrificing Privacy For Convenience: The Need For Stricter Ftc Regulations In An Age Of Smartphone Surveillance, Ashton Mckinnon

Journal of the National Association of Administrative Law Judiciary

This comment aims to focus on the most frequently used connector that consumers treasure not only for convenience but also as a lifelong necessity - the smartphone. The FTC needs to enforce federally mandated guidelines that will allow the consumer to use technology without the technology using the consumer. Part II of this comment focuses on the type of information that can be collected by various companies, service providers, and agencies from an individual's smartphone, and the intentions of these collectors behind use of this information. Part III evaluates how applications (apps) contribute to this scheme, and, specifically, apps' recordkeeping …

Data Breach (Regulatory) Effects, David Thaw

Articles

No abstract provided.

Reasonable Expectations Of Privacy Settings: Social Media And The Stored Communications Act, David Thaw, Christopher Borchert, Fernando Pinguelo

Articles

In 1986, Congress passed the Stored Communications Act (“SCA”) to provide additional protections for individuals’ private communications content held in electronic storage by third parties. Acting out of direct concern for the implications of the Third-Party Records Doctrine — a judicially created doctrine that generally eliminates Fourth Amendment protections for information entrusted to third parties — Congress sought to tailor the SCA to electronic communications sent via and stored by third parties. Yet, because Congress crafted the SCA with language specific to the technology of 1986, courts today have struggled to apply the SCA consistently with regard to similar private …

Robots In The Home: What Will We Have Agreed To?, Margot E. Kaminski

Publications

A new technology can expose the cracks in legal doctrine. Sometimes a technology resists analogy. Sometimes, through analogies, it reveals inconsistencies in the law, or basic flaws in framing, or in the fit between different parts of the legal system. This Essay addresses robots in the home, and what they reveal about U.S. privacy law. Household robots might not themselves uproot U.S. privacy law, but they will reveal its inconsistencies, and show where it is most likely to fracture. Just as drones are serving as a legislative “privacy catalyst” — encouraging the enactment of new privacy laws as people realize …

Surveillance At The Source, David Thaw

Articles

Contemporary discussion concerning surveillance focuses predominantly on government activity. These discussions are important for a variety of reasons, but generally ignore a critical aspect of the surveillance-harm calculus – the source from which government entities derive the information they use. The source of surveillance data is the information "gathering" activity itself, which is where harms like "chilling" of speech and behavior begin.

Unlike the days where satellite imaging, communications intercepts, and other forms of information gathering were limited to advanced law enforcement, military, and intelligence activities, private corporations now play a dominant role in the collection of information about individuals' …

Regulating The Internet Of Things: First Steps Toward Managing Discrimination, Privacy, Security, And Consent, Scott R. Peppet

Publications

The consumer "Internet of Things" is suddenly reality, not science fiction. Electronic sensors are now ubiquitous in our smartphones, cars, homes, electric systems, health-care devices, fitness monitors, and workplaces. These connected, sensor-based devices create new types and unprecedented quantities of detailed, high-quality information about our everyday actions, habits, personalities, and preferences. Much of this undoubtedly increases social welfare. For example, insurers can price automobile coverage more accurately by using sensors to measure exactly how you drive (e.g., Progressive 's Snapshot system), which should theoretically lower the overall cost of insurance. But the Internet of Things raises new and difficult questions …

What Do We Worry About When We Worry About Price Discrimination? The Law And Ethics Of Using Personal Information For Pricing, Akiva A. Miller

Akiva A Miller

New information technologies have dramatically increased sellers’ ability to engage in retail price discrimination. Debates over using personal information for price discrimination frequently treat it as a single problem, and are not sufficiently sensitive to the variety of price discrimination practices, the different kinds of information they require in order to succeed, and the different ethical concerns they raise. This paper explores the ethical and legal debate over regulating price discrimination facilitated by consumers’ personal information. Various kinds of “privacy remedies”—self-regulation, technological fixes, state regulation, and legislating private causes of legal action—each have their place. By drawing distinctions between various …

Flawed Transparency: Shared Data Collection And Disclosure Challenges For Google Glass And Similar Technologies, Jonathan I. Ezor

Jonathan I. Ezor

Current privacy law and best practices assume that the party collecting the data is able to describe and disclose its practices to those from and about whom the data are collected. With emerging technologies such as Google Glass, the information being collected by the wearer may be automatically shared to one or more third parties whose use may be substantially different from that of the wearer. Often, the wearer may not even know what information is being uploaded, and how it may be used. This paper will analyze the current state of U.S. law and compliance regarding personal information collection …

Snopa And The Ppa: Do You Know What It Means For You? If Snopa (Social Networking Online Protection Act) Or Ppa (Password Protection Act) Do Not Pass, The Snooping Could Cause You Trouble, Angela Goodrum

Angela Goodrum

No abstract provided.

Privacy, Transparency & Google's Blurred Glass, Jonathan I. Ezor

Jonathan I. Ezor

No matter the context or jurisdiction, one concept underlies every view of the best practices in data privacy: transparency. The mandate to disclose what personal information is collected, how it is used, and with whom and for what purpose it is shared, is essential to enable informed consent to the collection, along with the other user rights that constitute privacy best practices. Google, which claims to support and offer transparency, is increasingly opaque about its many products and services and the information they collect for it, posing a significant privacy concern.

After Privacy: The Rise Of Facebook, The Fall Of Wikileaks, And Singapore’S Personal Data Protection Act 2012, Simon Chesterman

Simon Chesterman

This article discusses the changing ways in which information is produced, stored, and shared — exemplified by the rise of social-networking sites like Facebook and controversies over the activities of WikiLeaks — and the implications for privacy and data protection. Legal protections of privacy have always been reactive, but the coherence of any legal regime has also been undermined by the lack of a strong theory of what privacy is. There is more promise in the narrower field of data protection. Singapore, which does not recognise a right to privacy, has positioned itself as an e-commerce hub but had no …

Implementación De Políticas Corporativas Sobre Internet Y Redes Sociales En México, Rodolfo C. Rivas Rea Esq.

Rodolfo C. Rivas

The author analyzes and describes the necessary elements of a successful social media and Internet corporate policy; through citing common pitfalls and learning lessons from different jurisdictions across the world. The author then offers general guidelines on policies for Mexican enterprises under Mexican legislation.///////////////////////////////////////////////////////////////////////////////////////El autor analiza y describe los elementos necesarios de una política corporativa sobre internet y redes sociales exitosa, citando los errores más comunes y aprendiendo lecciones de las legislaciones de distintos países.

Information Revolution: “Choice Of Control” To “Choice And Control”, Subhajit Basu, Christina Munns

Subhajit Basu

Please do not cite without permission of the authors.

In this article, we critically analyse whether the ‘privacy framework’ for health records is ‘fit-for-purpose’ for the NHS’s ‘information revolution’ and argue that the NHS’s ‘proxy-individual’ information-guardian role could inadvertently mask individuals’ intended roles, effectively circumventing autonomy-based laws by limiting the power of individuals to be autonomous. We suggest that moving ‘choice of control’ to individuals will render ‘privacy’ redundant whilst validating ‘confidentiality’ via consent from empowered individuals. This power shift would expose the overdue need for options to increase levels of individual ‘control/privacy,’ moving from the NHS’s paternal ‘proxy-individual’ conception …

Privacy & The Personal Prospectus: Should We Introduce Privacy Agents Or Regulate Privacy Intermediaries, Scott R. Peppet

Publications

No abstract provided.

Cybercrime, Ronald C. Griffin

Journal Publications

This essay recounts campaigns against privacy; the fortifications erected against them; and hi-jinx attributable to hackers, crackers, and miscreants under the Fair Credit Reporting Act.

Personal Data Protection In The Era Of Cloud Computing. New Challenges For European Regulators., Panagiotis Kitsos, Paraskevi Pappas

Panagiotis Kitsos

It is widely aknowledged that we are entering in an era of revolutionary changes in the field of Information and Communication Technologies . The spread of broadband internet connections has led internet to function not only as a communications network but also as a platform for new computing applications. The most recent application is the so called "cloud computing", which permits the running of software applications or the storage of data to be performed at remote servers which are connected to our computers through the Internet. Examples of these applications are the web-based email services, online computer back up, data …

Biometrics, Retinal Scanning, And The Right To Privacy In The 21st Century, Stephen Hoffman

Stephen P. Hoffman

Biometric identification techniques such as retinal scanning and fingerprinting have now become commonplace, but near-future improvements on these methods present troubling issues for personal privacy. For example, retinal scanning can be used to diagnose certain medical conditions, even ones for which the patient has no symptoms or has any other way of detecting the problem. If a health insurance company scans the retinas of potential clients before they purchase coverage, they could be charged higher premiums for conditions that do not present any issues. Not only is this unfair, but the ease with which these scans can be conducted—including scanning …

Coding Privacy, Lilian Edwards

Chicago-Kent Law Review

Lawrence Lessig famously and usefully argues that cyberspace is regulated not just by law but also by norms, markets and architecture or "code." His insightful work might also lead the unwary to conclude, however, that code is inherently anti-privacy, and thus that an increasingly digital world must therefore also be increasingly devoid of privacy. This paper argues briefly that since technology is a neutral tool, code can be designed as much to fight for privacy as against it, and that what matters now is to look at what incentivizes the creation of pro- rather than anti-privacy code in the mainstream …

Student Comprehension Of Privacy Issues In Sns, Collaborative Project

Dyson College- Seidenberg School of CSIS : Collaborative Projects and Presentations

This entry adheres to the use of the quad chart template to provide for a succint description only of the current research project undertaken by the participants. It provides for the following information:

1. Participant/s
2. Overall project goals
3. Illustrative picture/s
4.Specific research/artistic/pedagogic foci

Leave Me Alone! The Delicate Balance Of Privacy And Commercial Speech In The Evolving Do-Not-Call Registry, Andrew L. Sullivant

Federal Communications Law Journal

In 2004, the Tenth Circuit held that although the newly enacted do-not-call registry restricted commercial speech, the restriction was narrowly tailored and thus fell within the bounds of the Constitution. Since that decision, the Federal Trade Commission has amended the do-not-call registry to abolish the provision that required individuals to re-register every five years, and in 2008, Congress passed the amendment. This Note argues that the five-year reregistration requirement is a substantial factor in the registry's narrow tailoring. By removing the requirement, questions as to the restriction's constitutionality reemerge.

The Microsoft-Yahoo Merger: Yes, Privacy Is An Antitrust Concern, Robert H. Lande

All Faculty Scholarship

Privacy and antitrust? Isn't antitrust only supposed to be concerned with price? Well, no. Antitrust is actually about consumer choice, and price is only one type of choice. The ultimate purpose of the antitrust laws is to help ensure that the free market will bring to consumers everything they want from competition. This starts with competitive prices, of course, but consumers also want an optimal level of variety, innovation, quality, and other forms of non-price competition. Including, in the Google-Doubleclick and Microsoft-Yahoo transactions, privacy protection.

Nevada Needs A Privacy Act: How Nevadans Are Particularly At Risk For Identity Theft, Amy S. Scarborough

Nevada Law Journal

No abstract provided.

In Sickness, Health, And Cyberspace: Protecting The Security Of Electronic Private Health Information, Sharona Hoffman, Andy Podgurski

ExpressO

The electronic processing of health information provides considerable benefits to patients and health care providers at the same time that it creates serious risks to the confidentiality, integrity, and availability of the data. The Internet provides a conduit for rapid and uncontrolled dispersion and trafficking of illicitly-obtained private health information, with far-reaching consequences to the unsuspecting victims. In order to address such threats to electronic private health information, the U.S. Department of Health and Human Services enacted the HIPAA Security Rule, which thus far has received little attention in the legal literature. This article presents a critique of the Security …

The Privacy Gambit: Toward A Game Theoretic Approach To International Data Protection, Horace E. Anderson

ExpressO

“Privacy” is one of the fastest growing areas of the law, due in part to the explosion of the Internet over the past decade. When we speak of privacy in the Internet age, we typically mean data protection, the regulation of the use of personal information about individuals by private interests, such as corporations. Unfortunately, much of the discourse on the subject adopts a framework more suitable to traditional privacy, an inviolable “right to be let alone” by the state. Rather than create a sacrosanct right against the government, the modern incarnation of privacy actually creates a quasi-property right, where …

Material Vulnerabilities: Data Privacy, Corporate Information Security And Securities Regulation, Andrea M. Matwyshyn

ExpressO

This article undertakes a normative and empirical legal inquiry into the manner information security vulnerabilities are being addressed through law and in the marketplace. Specifically, this article questions the current legislative paradigm for information security regulation by presenting a critique grounded in information security and cryptography theory. Consequently, this article advocates shifting our regulatory approach to a process-based security paradigm that focuses on improving security of our system as a whole. Finally, this article argues that in order to accomplish this shift with least disruption to current legal and economic processes, expanding an existing set of well-functioning legal structures is …

Radio Frequency Id And Privacy With Information Goods, Laura Quilter, Nathan Good, John Han, Elizabeth Miles, David Molnar, Deirdre Mulligan, Jennifer M. Urban, David Wagner

Laura Quilter

No abstract provided.

Radio Frequency Id And Privacy With Information Goods, Laura Quilter, Nathan Good, John Han, Elizabeth Miles, David Molnar, Deirdre Mulligan, Jennifer M. Urban, David Wagner

Jennifer M. Urban

No abstract provided.