Privacy Law Commons^™

How (Not) To Deal With The Bubble Effect In Cyberspace: The Case Of The Eu And Digital Services Act, João Tornada

Brooklyn Journal of International Law

Deliberative democracies are based on an ideal process of speech and dialogue that fosters an “uninhibited, robust, and wide-open” public discourse sphere. In cyberspace, social networks and search engine platforms largely operate with recommender systems that tailor content according to the users' interests and online behavior (“profiling”), thus segregating them from different points of view (“bubble effect”). While this personalization of content is particularly efficient to promote commercial goods and services, when it comes to information of common interest, especially on political matters, it undermines consensus-building dialogue and threatens democratic ideals. The theory of a free “marketplace of ideas” justifies …

The Present And Future Of Ai Usage In The Banking And Financial Decision-Making Processes Within The Developing Indian Economy, Dr. Shouvik Kumar Guha, Bash Savage-Mansary, Dr. Navyajyoti Samanta

Indian Journal of Law and Technology

In course of this paper, the authors have soght to examine the extent to which technology based on artificial intelligence (AI) have made inroads into the banking and financial sectors of a developing economy like India. The paper begins with providing a contextual background to the adoption of such technology in the global financial arena. It then proceeds to identify and categorise the forms of AI currently being used in the Indian financial sector and also considers the different channels of operation where such technology is in vogue. The advantages of using such technology and the future goals for integrating …

Liking The Intrusion Analysis In In Re Facebook, Jane R. Bambauer

UF Law Faculty Publications

In re Facebook preserved a class action brought against Facebook based on its mass collection of web browsing data. Although the plaintiffs brought several common law and statutory causes of action, I will focus on the court’s analysis of intrusion upon seclusion. This is where the case makes its greatest contribution to 21st century jurisprudence. It clears up several puzzles that had troubled the tort (and indeed my own thinking) to the great benefit of tort theory and the progress of privacy law

“Take Your Pictures, Leave Your (Digital) Footprints”: Increasing Privacy Protections For Children On Social Media, Kodie Mcginley

Golden Gate University Law Review

As the digital sphere becomes more prevalent in people’s lives, Congress has tried to keep up. First created in 1998, the Children’s Online Privacy Protection Act (COPPA) requires operators of websites directed at children to obtain consent from parents before collecting any personal information from children. COPPA also requires that operators take reasonable measures to protect the confidentiality of any personal information collected about children. Although COPPA has helped regulate online spaces, its focus is on regulating websites that collect personal information directly from children. This focus leaves a gap in the law that ignores personal data shared on social …

Integrating Nist And Iso Cybersecurity Audit And Risk Assessment Frameworks Into Cameroonian Law, Bernard Ngalim

Journal of Cybersecurity Education, Research and Practice

This paper reviews cybersecurity laws and regulations in Cameroon, focusing on cybersecurity and information security audits and risk assessments. The importance of cybersecurity risk assessment and the implementation of security controls to cure deficiencies noted during risk assessments or audits is a critical step in developing cybersecurity resilience. Cameroon's cybersecurity legal framework provides for audits but does not explicitly enumerate controls. Consequently, integrating relevant controls from the NIST frameworks and ISO Standards can improve the cybersecurity posture in Cameroon while waiting for a comprehensive revision of the legal framework. NIST and ISO are internationally recognized as best practices in information …

Table Of Contents, Seattle University Law Review

Seattle University Law Review

Table of Contents

The Eyes Beyond The Screen: Digital Media Policy And Child Health, Yahia Al-Qudah

Research Symposium

Background: Modern communication technology and digital media have provided society with a foundation for instant messaging. Pictures, videos, and texts connect individuals with families, friends, and the world. Consequently, digital media has accelerated exposure to risk in which children and adolescents are most vulnerable. This project’s objective is to 1) congregate and highlight current knowledge about the impact of digital media on child health, and 2) underline deficiencies in related laws and regulations as well as offer solutions in digital media policy.

Methods: A systematic literature review was conducted through the JAMA Pediatrics database with keywords such as “digital media,” …

A Trusted Framework For Cross-Border Data Flows, Alex Joel

Joint PIJIP/TLS Research Paper Series

The German Marshall Fund of the United States (GMF), in cooperation with the Tech, Law and Security Program (TLS) of the American University Washington College of Law, and with support from Microsoft, convened a Global Taskforce to Promote Trusted Sharing of Data comprising experts from civil society, academia, and industry to submit proposals for harmonizing approaches to global data use and sharing. Former US Ambassador to the Organisation for Economic Co-operation and Development (OECD) and GMF Distinguished Fellow Karen Kornbluh and Microsoft Chief Privacy Officer and Corporate Vice President Julie Brill co-chaired the taskforce; TLS Senior Project Director Alex Joel …

Deep Dive Into Deepfakes—Safeguarding Our Digital Identity, Yi Yan

Brooklyn Journal of International Law

Deepfake technology is becoming increasingly sophisticated, and with it, the potential to pose a significant threat to the digital community, democratic institutions, and private individuals. With the creation of highly convincing but entirely fabricated audio, video, and images, there is a pressing need for the international community to address the vulnerabilities posed by deepfake technology in the current legal landscape through unambiguous legislation. This Note explores the ethical, legal, and social implications of deepfakes, including issues of privacy, identity theft, and political manipulation. It also reviews existing international legal frameworks, i.e., the Convention on Cybercrime (“Budapest Convention”) and proposes a …

The Future Of Data Protection Enforcement In Canada: Lessons From The Gdpr, Guilda Rostama, Teresa Scassa

Canadian Journal of Law and Technology

Imagine a not-too-distant scenario in which a private sector organization in Canada is investigated by the Privacy Commissioner of Canada jointly with the Commissioners of Quebec, British Columbia (‘‘BC”), and Alberta in relation to complaints that it shared massive quantities of personal data with third parties contrary to its stated practices in its privacy policies. Imagine also that each of the commissioners is empowered under newly amended data protection legislation to issue substantial Administrative Monetary Penalties (‘‘AMPs”). If each of the commissioners finds that its respective laws were breached, should the organization be subject to four different AMPs, or just …

Slouching Toward Regulation: Assessing Bill 88 As A Solution For Workplace Surveillance Harms, Danielle E. Thompson, Adam Molnar

Canadian Journal of Law and Technology

Employee monitoring applications (‘‘EMAs”) are proliferating in Canada and provide employers with sophisticated surveillance tools for the monitoring of workers (e.g., on-device video surveillance, browser activity, and email monitoring). In response to concerns about these increasingly invasive surveillance practices, the Government of Ontario passed Bill 88, the Working for Workers Act, 2022, which requires all employers with 25 or more workers to have a written policy stating whether and how they electronically monitor their employees. Bill 88 marks a more explict attempt to regulate workplace surveillance in a modern digital context in Canada; however; however, an analysis of the Bill’s …

When Your Boss Is An Algorithm: Preserving Canadian Employment Standards In The Digital Economy, Fife Ogunde

Canadian Journal of Law and Technology

The platform or ‘‘gig” economy is a rapidly growing economy in Canada. Between 2005 and 2016, the share of gig workers among all workers in Canada rose from 5.5% to 8.2%. These include independent contractors, select freelancers and platform workers. In 2018, 28% of Canadians aged 18 and older reported making money through online platforms. Research by Payments Canada in 2021 showed gig workers as representing more than one in 10 Canadian adults with more than one in three Canadian businesses employing gig workers. As the share of platform workers in the economy has grown, so has the discussion regarding …

The Challenge Designing Intermediary Liability Laws, Emily Laidlaw

Canadian Journal of Law and Technology

The ideal framework for intermediary liability has vexed policymakers since the internet’s commercialization. The quest has taken on a frenzied pace in recent years with intense scrutiny of who they are, what they do and what they should be responsible for. Over the years a theme has emerged from my discussions about intermediaries, and its subset platforms, and it prompts me to explore it as the focus of this article. My question is simple: why is it so difficult for law and policymakers to agree on a regulatory framework?

This article tackles two parts of the regulatory challenge that are …

The Need For Cyber Resilience Of Space Assets: Law And Policy Considerations Of Ensuring Cybersecurity In Outer Space, Daniella Febbraro

Canadian Journal of Law and Technology

In 2018, NASA’s Jet Propulsion Laboratory was the subject of a data breach where over 500 megabytes of data from a major mission system was stolen by hackers. This attack affected NASA’s Deep Space Network, prompting the United States Johnson Space Center to disconnect the International Space Station from the affected gateway due to fears that mission systems could become compromised. NASA has acknowledged that its vast online presence, which includes thousands of publicly accessible datasets, offers a large potential target for cybercriminals. The 2018 incident was one of many, with NASA experiencing more than 6000 cyberattacks from 2017-2021 alone. …

What You Don’T Know Will Hurt You: Fighting The Privacy Paradox By Designing For Privacy And Enforcing Protective Technology, Perla Khattar

Washington Journal of Law, Technology & Arts

The persistence of the privacy paradox is proof that current industry regulation is insufficient to protect consumer’s privacy. Although consumer choice is essential, we argue that it should not be the main pillar of modern data privacy legislation. This article argues that legislation should aim to protect consumer’s personal data in the first place, while also giving internet users the choice to opt-in to the processing of their information. Ideally, privacy by design principles would be mandated by law, making privacy an essential component of the architecture of every tech-product and service.

Opaque Notification: A Country-By-Country Review, Lauren Mantel

Joint PIJIP/TLS Research Paper Series

No abstract provided.

From Hashtag To Hash Value: Using The Hash Value Model To Report Child Sex Abuse Material, Jessica Mcgarvie

Seattle Journal of Technology, Environmental, & Innovation Law

In the summer of 2021, Apple announced it would release a Child Safety Feature (CSF) aimed at reducing Child Sex Abuse Materials (CSAM) on its platform. The CSF would scan all images a user uploaded to their iCloud for CSAM, and Apple would report an account with 30 or more flagged images to the National Center for Missing and Exploited Children. Despite Apple’s good intentions, they received intense backlash, with many critics arguing the proposed CSF eroded a user’s privacy. This article explores the technology behind Apple’s CSF and compares it to similar features used by other prominent tech companies. …

A New Right Is The Wrong Tactic: Bring Legal Actions Against States For Internet Shutdowns Instead Of Working Towards A Human Right To The Internet (Part 1), Jay Conrad

Seattle Journal of Technology, Environmental, & Innovation Law

A New Right is the Wrong Tactic: Bring Legal Actions Against States for Internet Shutdowns Instead of Working Towards a Human Right to the Internet (Part 1) is the first of a two-part series dealing with an increasingly prevalent threat to human rights: State-sanctioned Internet shutdowns. Part 1 details the current tactics and impacts of Internet shutdowns and which human rights are most likely to be violated by or during a shutdown. Part 2 will address the deficiencies of advocating for Internet access to be a recognized human right as a means of combatting shutdowns. Despite the popularity of this …

Aclu V. Clearview Ai, Inc.,, Isra Ahmed

DePaul Journal of Art, Technology & Intellectual Property Law

No abstract provided.

Texas’ War On Social Media: Censorship Or False Flag, Leni Morales

DePaul Journal of Art, Technology & Intellectual Property Law

No abstract provided.

Your Biometric Data Is Concrete, Your Injury Is Imminent And Particularized: Articulating A Bipa Claim To Survive Article Iii Standing After Transunion V. Ramirez, Kelsey L. Kenny

Maine Law Review

Biometric data is a digital translation of self which endures in its accuracy for one’s entire lifespan. As integral elements of modern life continue to transition their operations exclusively online, the verifiable “digital self” has become indispensable. The immutable and sensitive nature of biometric data makes it peculiarly vulnerable to misappropriation and abuse. Yet the most frightening is the unknown. For an individual who has had their digital extension-of-self covertly stolen or leaked, the dangers that lie in the technology of the future are innumerable. The Illinois legislature recognized the danger associated with the cavalier collection and handling of biometric …

About-Face: How Facebook’S Restrictions On User Posts Could Violate Antitrust Law, Efrem Berk

Northwestern Journal of Technology and Intellectual Property

This Note examines whether Facebook’s restrictions on its users’ posts are subject to Sherman Act § 2. This Note looks at the economic activity generated by social media activity and argues that posts are commerce. While this piece finds that current antitrust jurisprudence likely favors Facebook, an alternative approach sought by some antitrust scholars could influence judges to preclude the platform’s restrictions.

Understanding Dark Patterns In Home Iot Devices, Monica Kowalczyk, Johanna Gunawan, David Choffnes, Daniel J. Dubois, Woodrow Hartzog, Christo Wilson

Faculty Scholarship

Internet-of-Things (IoT) devices are ubiquitous, but little attention has been paid to how they may incorporate dark patterns despite consumer protections and privacy concerns arising from their unique access to intimate spaces and always-on capabilities. This paper conducts a systematic investigation of dark patterns in 57 popular, diverse smart home devices. We update manual interaction and annotation methods for the IoT context, then analyze dark pattern frequency across device types, manufacturers, and interaction modalities. We find that dark patterns are pervasive in IoT experiences, but manifest in diverse ways across device traits. Speakers, doorbells, and camera devices contain the most …

Who Owns Data? Constitutional Division In Cyberspace, Dongsheng Zang

Articles

Privacy emerged as a concern as soon as the internet became commercial. In early 1995, Lawrence Lessig warned that the internet, though giving us extraordinary potential, was “not designed to protect individuals against this extraordinary potential for others to abuse.” The same technology can “destroy the very essence of what now defines individuality.” Lessig urged that “a constitutional balance will have to be drawn between these increasingly important interests in privacy, and the competing interest in collective security.” Lessig envisioned that creating property rights in data would help individuals by giving them control of their data. As utopian as property …

The Limitations Of Privacy Rights, Daniel J. Solove

Notre Dame Law Review

Individual privacy rights are often at the heart of information privacy and data protection laws. The most comprehensive set of rights, from the European Union’s General Data Protection Regulation (GDPR), includes the right to access, right to rectification (correction), right to erasure (deletion), right to restriction, right to data portability, right to object, and right to not be subject to automated decisions. Privacy laws around the world include many of these rights in various forms.

In this Article, I contend that although rights are an important component of privacy regulation, rights are often asked to do far more work than …

Comment: The United Nations And Robot Rights, Heather Alexander

Canadian Journal of Law and Technology

This comment predicts that robot rights under the law are likely to become a reality in the next fifty years, possibly in multiple countries, as governments pass laws granting rights to robots, including civil rights like voting. This comment calls on the United Nations (‘‘UN”) to be pro-active in guiding the emergence of robot rights by convening a working group on robot rights to better guide member states through what will be a time of momentous change.

Why are robots likely to soon gain rights in some UN member states? There have been huge advances in AI that can pass …

Regulating Uncertain States: A Risk-Based Policy Agenda For Quantum Technologies, Tina Dekker, Florian Martin-Bariteau

Canadian Journal of Law and Technology

Many countries are taking a national approach to developing quantum strategies with a strong focus on innovation. However, societal, ethical, legal, and policy considerations should not be an afterthought that is pushed aside by the drive for innovation. A responsible, global approach to quantum technologies that considers the legal, ethical, and societal dimensions of quantum technologies is necessary to avoid exacerbating existing global inequalities. Quantum technologies are expected to disrupt other transformative technologies whose legal landscape is still under development (e.g., artificial intelligence [‘‘AI”], blockchain, etc.). The shortcomings of global policies regarding AI and the digital context teach lessons that …

Cryptocurrencies And Climate Change: A Net-Zero Paradox, Jason Maclean

Canadian Journal of Law and Technology

Cryptocurrencies pose a number of complex law and policy problems, the most pressing of which are the industry’s climate and environmental impacts. This article examines the climate and environmental impacts of crypto-assets in the broader law and policy context of the UN Paris Agreement and the global goal of reaching net-zero emissions by 2050 or earlier. This approach not only illuminates the limitations and paradoxical nature of the crypto-industry’s climate commitments, but also the limitations and paradoxical nature of ‘‘net zero” itself as the predominant framing of national, subnational, and nonstate actors’ climate pledges. The article concludes by examining the …

Crowdsourcing Justice, Matthew Dylag

Canadian Journal of Law and Technology

Social media has become ubiquitous in the daily lives of Canadians. Beyond connecting with friends and family, people also turn to social media to find information and seek advice on any number of topics, be it home cooking, workout routines, or automobile purchases. Indeed, social media is a flexible vehicle that can be leveraged for communication on almost any topic. It is not surprising, therefore, that individuals are also turning to social media to help resolve their legal problems. Even a cursory examination of social media will reveal that it is not uncommon for individuals who are experiencing legal difficulties …

From Cartier To Codification: Website-Blocking Injunctions And Third-Party Internet Service Provider Respondents, Dan Mackwood

Canadian Journal of Law and Technology

In recent years, the proliferation of commercial-scale copyright infringement through unauthorized online content streaming has created persisting legal hurdles for Canadian rights holders seeking redress. John Doe defendants in online copyright disputes can easily preserve their anonymity and operate their infringing enterprises from unknown locations, undeterred by injunctions issued against them directly. These anonymized administrators of illicit streaming platforms offer users unauthorized access to content for a lower cost than or as a free alternative to the access provided by the legitimate rights holder. This form of copyright infringement has reportedly resulted in up to hundreds of thousands of lost …