Privacy Law Commons^™

Research Access To Social Media Data: Lessons From Clinical Trial Data Sharing, Christopher J. Morten, Gabriel Nicholas, Salomé Vilgoen

Articles

For years, social media companies have sparred with lawmakers over how much independent access to platform data they should provide researchers. Sharing data with researchers allows the public to better understand the risks and harms associated with social media, including areas such as misinformation, child safety, and political polarization. Yet researcher access is controversial. Privacy advocates and companies raise the potential privacy threats of researchers using such data irresponsibly. In addition, social media companies raise concerns over trade secrecy: the data these companies hold and the algorithms powered by that data are secretive sources of competitive advantage. This Article shows …

Who Owns Data? Constitutional Division In Cyberspace, Dongsheng Zang

Articles

Privacy emerged as a concern as soon as the internet became commercial. In early 1995, Lawrence Lessig warned that the internet, though giving us extraordinary potential, was “not designed to protect individuals against this extraordinary potential for others to abuse.” The same technology can “destroy the very essence of what now defines individuality.” Lessig urged that “a constitutional balance will have to be drawn between these increasingly important interests in privacy, and the competing interest in collective security.” Lessig envisioned that creating property rights in data would help individuals by giving them control of their data. As utopian as property …

Cybersecurity Stovepiping, David Thaw

Articles

Most readers of this Article probably have encountered – and been frustrated by – password complexity requirements. Such requirements have become a mainstream part of contemporary culture: "the more complex your password is, the more secure you are, right?" So the cybersecurity experts tell us… and policymakers have accepted this "expertise" and even adopted such requirements into law and regulation.

This Article asks two questions. First, do complex passwords actually achieve the goals many experts claim? Does using the password "Tr0ub4dor&3" or the passphrase "correcthorsebatterystaple" actually protect your account? Second, if not, then why did such requirements become so widespread? …

Ancient Worries And Modern Fears: Different Roots And Common Effects Of U.S. And Eu Privacy Regulation, David Thaw, Pierluigi Perri

Articles

Much legal and technical scholarship discusses the differing views of the United States and European Union toward privacy concepts and regulation. A substantial amount of effort in recent years, in both research and policy, focuses on attempting to reconcile these viewpoints searching for a common framework with a common level of protection for citizens from both sides of Atlantic. Reconciliation, we argue, misunderstands the nature of the challenge facing effective cross-border data flows. No such reconciliation can occur without abdication of some sovereign authority of nations, that would require the adoption of an international agreement with typical tools of international …

"Revenge Porn" Reform: A View From The Front Lines, Mary Anne Franks

Articles

The legal and social landscape of "revenge porn" has changed dramatically in the last few years. Before 2013, only three states criminalized the unauthorized disclosure of sexually explicit images of adults and few people had ever heard the ternm "revenge porn." As of July 2017, thirty-eight states and Washington, D.C. had criminalized the conduct; federal criminal legislation on the issue had been introduced in Congress; Google, Facebook, and Twitter had banned nonconsensual pornography from their platforms; and the term "revenge porn" had been added to the Merriam- Webster Dictionary. I have had the privilege of playing a role in many …

Authority And Authors And Codes, Michael J. Madison

Articles

Contests over the meaning and application of the federal Computer Fraud and Abuse Act (“CFAA”) expose long-standing, complex questions about the sources and impacts of the concept of authority in law and culture. Accessing a computer network “without authorization” and by “exceeding authorized access” is forbidden by the CFAA. Courts are divided in their interpretation of this language in the statute. This Article first proposes to address the issue with an insight from social science research. Neither criminal nor civil liability under the CFAA should attach unless the alleged violator has transgressed some border or boundary that is rendered visible …

Mapping Online Privacy, Jacqueline D. Lipton

Articles

Privacy scholars have recently outlined difficulties in applying existing concepts of personal privacy to the maturing Internet. With Web 2.0 technologies, more people have more opportunities to post information about themselves and others online, often with scant regard for individual privacy. Shifting notions of 'reasonable expectations of privacy' in the context of blogs, wikis, and online social networks create challenges for privacy regulation. Courts and commentators struggle with Web 2.0 privacy incursions without the benefit of a clear regulatory framework. This article offers a map of privacy that might help delineate at least the outer boundaries of Web 2.0 privacy. …

Are "Better" Security Breach Notification Laws Possible?, Jane K. Winn

Articles

This Article will evaluate the provisions of California's pioneering security breach notification law (SBNL) in light of "better regulation" or "smart regulation" criteria in order to highlight the costs of taking a narrowly focused, piecemeal approach and the benefits of taking a more comprehensive perspective to the problems of identity theft and information security. Just as the basic structure of SBNLs was borrowed from environmental law, this Article will borrow from decades of analysis of the impact of environmental regulation to evaluate the likely impact of SBNLs.

Just as environmental laws can be used to reduce externalities created through the …

The Constitution And Encryption Regulation: Do We Need A "New Privacy"?, A. Michael Froomkin

Articles

No abstract provided.

It Came From Planet Clipper: The Battle Over Cryptographic Key "Escrow", A. Michael Froomkin

Articles

No abstract provided.

Flood Control On The Information Ocean: Living With Anonymity, Digital Cash, And Distributed Databases, A. Michael Froomkin

Articles

No abstract provided.