Privacy Law Commons^™

Healthy Data Protection, Lothar Determann

Michigan Technology Law Review

Modern medicine is evolving at a tremendous speed. On a daily basis, we learn about new treatments, drugs, medical devices, and diagnoses. Both established technology companies and start-ups focus on health-related products and services in competition with traditional healthcare businesses. Telemedicine and electronic health records have the potential to improve the effectiveness of treatments significantly. Progress in the medical field depends above all on data, specifically health information. Physicians, researchers, and developers need health information to help patients by improving diagnoses, customizing treatments and finding new cures.

Yet law and policymakers are currently more focused on the fact that health …

Who Gets To Operate On Herbie? Right To Repair Legislation In The Context Of Automated Vehicles, Jennifer J. Huseby

Journal of Law and Mobility

You bought it, you own it, but do you have the right to repair it? As right-to-repair remains a hot topic in the context of consumer electronics such as smartphones, one must consider the ramifications it may have for the automated vehicle (“AV”) industry. As the backdrop for one of the first legislative victories for right-to-repair, the automobile industry has continued to push for the expansion of right-to-repair to cover increased access to telematics and exceptions to proprietary software controls. However, as we revisit the issue for more highly connected and automated vehicles, it is important to assess the unique …

Secret Searches: The Sca's Standing Conundrum, Aviv S. Halpern

Michigan Law Review

The Stored Communications Act (“SCA”) arms federal law enforcement agencies with the ability to use a special type of warrant to access users’ electronically stored communications. In some circumstances, SCA warrants can require service providers to bundle and produce a user’s electronically stored communications without ever disclosing the existence of the warrant to the individual user until charges are brought. Users that are charged will ultimately receive notice of the search after the fact through their legal proceedings. Users that are never charged, however, may never know that their communications were obtained and searched. This practice effectively makes the provisions …

Automating Threat Sharing: How Companies Can Best Ensure Liability Protection When Sharing Cyber Threat Information With Other Companies Or Organizations, Ari Schwartz, Sejal C. Shah, Matthew H. Mackenzie, Sheena Thomas, Tara Sugiyama Potashnik, Bri Law

University of Michigan Journal of Law Reform

This Article takes an in-depth look at the evolution of cybersecurity information sharing legislation, leading to the recent passage of the Cybersecurity Information Sharing Act (CISA) and offers insights into how automated information sharing mechanisms and associated requirements implemented pursuant to CISA can be leveraged to help ensure liability protections when engaging in cyber threat information sharing with and amongst other non-federal government entities.

The Effect Of Legislation On Fourth Amendment Protection, Orin S. Kerr

Michigan Law Review

When judges interpret the Fourth Amendment, and privacy legislation regulates the government’s conduct, should the legislation have an effect on the Fourth Amendment? Courts are split three ways. Some courts argue that legislation provides the informed judgment of a coequal branch that should influence the Fourth Amendment. Some courts contend that the presence of legislation should displace Fourth Amendment protection to prevent constitutional rules from interfering with the legislature’s handiwork. Finally, some courts treat legislation and the Fourth Amendment as independent and contend that the legislation should have no effect. This Article argues that courts should favor interpreting the Fourth …

Protecting Personal Information: Achieving A Balance Between User Privacy And Behavioral Targeting, Patrick Myers

University of Michigan Journal of Law Reform

Websites and mobile applications provide immeasurable benefits to both users and companies. These services often collect vast amounts of personal information from the individuals that use them, including sensitive details such as Social Security numbers, credit card information, and physical location. Personal data collection and dissemination leave users vulnerable to various threats that arise from the invasion of their privacy, particularly because users are often ignorant of the existence or extent of these practices. Current privacy law does not provide users with adequate protection from the risks attendant to the collection and dissemination of their personal information. This Note advocates …

The Politics Of Privacy In The Criminal Justice System: Information Disclosure, The Fourth Amendment, And Statutory Law Enforcement Exemptions, Erin Murphy

Michigan Law Review

When criminal justice scholars think of privacy, they think of the Fourth Amendment. But lately its domain has become far less absolute. The United States Code currently contains over twenty separate statutes that restrict both the acquisition and release of covered information. Largely enacted in the latter part of the twentieth century, these statutes address matters vital to modern existence. They control police access to driver's licenses, educational records, health histories, telephone calls, email messages, and even video rentals. They conform to no common template, but rather enlist a variety of procedural tools to serve as safeguards - ranging from …

Limits Of The Federal Wiretap Act's Ability To Protect Against Wi-Fi Sniffing, Mani Potnuru

Michigan Law Review

Adoption of Wi-Fi wireless technology continues to see explosive growth. However many users still operate their home Wi-Fi networks in unsecured mode or use publicly available unsecured Wi-Fi networks, thus exposing their communications to the dangers of "packet sniffing," a technique used for eavesdropping on a network. Some have argued that communications over unsecured Wi-Fi networks are "readily accessible to the general public" and that such communications are therefore excluded from the broad protections of the Federal Wiretap Act against intentional interception of electronic communications. This Note examines the Federal Wiretap Act and argues that the current Act's treatment of …

Gina's Genotypes, David H. Kaye

Michigan Law Review First Impressions

In August 2009, the Board of Trustees of the University of Akron added to the university's employment policy the following proviso: "any applicant may be asked to submit fingerprints or DNA sample for purpose of a federal criminal background check." Although the federal government does not do background checks with DNA, the policy is significant because it highlights a largely unexplored feature of the Genetic Information Nondiscrimination Act of 2008 ("GINA"). Hailed by the late Senator Edward Kennedy as "the first civil rights bill of the new century of life sciences," GINA generally prohibits employers from asking for "genetic information." …

Confidentiality Of Educational Records And Child Protective Proceedings, Frank E. Vandervort

Book Chapters

The Federal Family Education Rights and Privacy Act (FERPA), which provides funding for state educational programming, requires that student records be disclosed to a nonparent only with the written consent of the child’s parent, unless the disclosure falls within one of the several exceptions detailed in the statute. One of the exemptions provided for in the federal law permits a school to disclose information to “state or local officials or authorities to whom [that] information is allowed to be reported or disclosed pursuant to state statute,” if that official certifies in writing “that the information will not be disclosed to …

Hipaa-Cracy, Carl E. Schneider

Articles

The Department of Health and Human Services has recently been exercising its authority under the (wittily named) "administrative simplification" part of the Health Insurance Portability and Accountability Act to regulate the confidentiality of medical records. I love the goal; I loathe the means. The benefits are obscure; the costs are onerous. Putatively, the regulations protect my autonomy; practically, they ensnarl me in red tape and hijack my money for services I dislike. HIPAA (a misnomer-HIPAA is the statute, not the regulations) is too lengthy, labile, complex, confused, unfinished, and unclear to be summarized intelligibly or reliably. (Brevis esse laboro, …

The Need For Revisions To The Law Of Wiretapping And Interception Of Email, Robert A. Pikowsky

Michigan Telecommunications & Technology Law Review

I argue that a person's privacy interest in his email is the same as his privacy interest in a telephone conversation. Moreover, the privacy interest in email remains unchanged regardless of whether it is intercepted in transmission or covertly accessed from the recipient's mailbox. If one accepts this assumption, it follows that the level of protection against surveillance by law enforcement officers should be the same[...] As technology continues to blur the distinction between wire and electronic communication, it becomes apparent that a new methodology must be developed in order to provide logical and consistent protection to private communications. The …

The Constitutionality Of Employer-Accessible Child Abuse Registries: Due Process Implications Of Governmental Occupational Blacklisting, Michael R. Phillips

Michigan Law Review

This Note discusses the due process implications of permitting employer access to state child abuse registries when disclosure affects registry members' employment.

Collective Bargaining In The Federal Public Sector: Disclosing Employee Names And Addresses Under Exemption 6 Of The Freedom Of Information Act, Trina Jones

Michigan Law Review

This Note examines the application of FOIA and the Privacy Act to union requests for employee names and addresses under the Fed. LM Statute. Part I briefly explores the importance of employee names and addresses to collective bargaining. This Part also examines the increasingly significant role of public sector unions due to the growth in federal public sector employment and the decline of private sector unionization. Part II analyzes the various circuit court decisions supporting disclosure in the federal public sector. Part III examines Reporters Committee and Department of the Treasury and discusses the potential policy implications resulting from the …

Threshold Requirements For The Fbi Under Exemption 7 Of The Freedom Of Information Act, Richard A. Kaba

Michigan Law Review

This Note examines Exemption 7 of the FOIA as it relates to FBP0 information and seeks to determine the appropriate rule for the first prong of the Abramson test. Part I of this Note examines Exemption 7 in the 1966, 1974, and 1986 FOIAs, the judicial opinions interpreting this exemption, and the legislative histories of the 1966, 1974, and 1986 FOIAs as they relate to Exemption 7. Part II compares the per se and threshold tests in view of their practical effects and concludes that neither test is clearly superior. Part III proposes adoption of a per se rule with …

Narrowing The "Routine Use" Exemption To The Privacy Act Of 1974, John W. Finger

University of Michigan Journal of Law Reform

This article suggests a balancing test to determine which routine uses of information legitimately fall within the Privacy Act. Part I briefly examines the background of the Act, concentrating on the legislative history of the routine use exemption, and examining problems the exemption presents. Part II then proposes a balancing test, based on notice and need for data, as a means of ascertaining proper routine uses.

The Right To Financial Privacy Act Of 1978-The Congressional Response To United States V. Miller: A Procedural Right To Challenge Government Access To Financial Records, Nancy M. Kirschner

University of Michigan Journal of Law Reform

This article will review the factors leading to the Miller decision and the legislative response to that decision. Part I will examine the bank customer's expectation of privacy and the way Miller affects this expectation. Part II will discuss the congressional response to Miller and the competing interests which led to the Right to Financial Privacy Act. The Act itself will be discussed in detail in Part III. Part IV will evaluate the Act, and offer recommendations for reform. The article concludes that the Act, by adopting a purely procedural approach, fails to provide adequate protection to bank customers.

Scope Of Disclosure Of Internal Revenue Communications And Information Files Under The Freedom Of Information Act, Peter R. Spanos

University of Michigan Journal of Law Reform

This article will discuss the proper scope of disclosure under the Freedom of Information Act of the files and administrative and policy materials of the IRS, with particular attention to the following currently contested issues: (1) the extent to which IRS guideline documents and private letter rulings are subject to disclosure; (2) the proper scope of the FOIA exemption for "interagency or intra-agency memorandums or letters which would not be available by law to a party other than an agency in litigation with the agency" as applied to the IRS; and (3) the scope of the exemption for "investigatory records …

Note And Comment, Michigan Law Review

Michigan Law Review

A Lesson in Patriotism from Pennsylvania; The Effect of a Motion by Each Party for a Directed Verdict; The Right of Privacy; Mutual Mistake as to the Quantity of Land Conveyed; The Privilege; Riparian Owner's Title to Contiguous Islands;