Privacy Law Commons^™

Data Flow Maps—Increasing Data Processing Transparency And Privacy Compliance In The Enterprise, Jeremy Berkowitz, Michael Mangold, Stephen Sharon

Washington and Lee Law Review Online

In recent years, well-known cyber breaches have placed growing pressure on organizations to implement proper privacy and data protection standards. Attacks involving the theft of employee and customer personal information have damaged the reputations of well-known brands, resulting in significant financial costs. As a result, governments across the globe are actively examining and strengthening laws to better protect the personal data of its citizens. The General Data Protection Regulation (GDPR) updates European privacy law with an array of provisions that better protect consumers and require organizations to focus on accounting for privacy in their business processes through “privacy-by-design” and “privacy …

The Market’S Law Of Privacy: Case Studies In Privacy/Security Adoption, Chetan Gupta

Washington and Lee Law Review Online

This paper examines the hypothesis that it may be possible for individual actors in a marketplace to drive the adoption of particular privacy and security standards. It aims to explore the diffusion of privacy and security technologies in the marketplace. Using HTTPS, Two-Factor Authentication, and End-to-End Encryption as case studies, it tries to ascertain which factors are responsible for successful diffusion which improves the privacy of a large number of users. Lastly, it explores whether the FTC may view a widely diffused standard as a necessary security feature for all actors in a particular industry.

Based on the case studies …

Privacy In The Age Of Autonomous Vehicles, Ivan L. Sucharski, Philip Fabinger

Washington and Lee Law Review Online

To prepare for the age of the intelligent, highly connected, and autonomous vehicle, a new approach to concepts of granting consent, managing privacy, and dealing with the need to interact quickly and meaningfully is needed. Additionally, in an environment where personal data is rapidly shared with a multitude of independent parties, there exists a need to reduce the information asymmetry that currently exists between the user and data collecting entities. This Article rethinks the traditional notice and consent model in the context of real-time communication between vehicles or vehicles and infrastructure or vehicles and other surroundings and proposes a re-engineering …

From The National Surveillance State To The Cybersurveillance State, Margaret Hu

Scholarly Articles

This article anchors the phenomenon of bureaucratized cybersurveillance around the concept of the National Surveillance State, a theory attributed to Professor Jack Balkin of Yale Law School and Professor Sanford Levinson of the University of Texas School of Law. Pursuant to the theory of the National Surveillance State, because of the routinized and administrative nature of government-led surveillance, normalized mass surveillance is viewed as justified under crime and counterterrorism policy rationales. This article contends that the Cybersurveillance State is the successor to the National Surveillance State. The Cybersurveillance State harnesses technologies that fuse biometric and biographic data for risk assessment, …

Peeling Back The Student Privacy Pledge, Alexi Pfeffer-Gillett

Scholarly Articles

Education software is a multi-billion dollar industry that is rapidly growing. The federal government has encouraged this growth through a series of initiatives that reward schools for tracking and aggregating student data. Amid this increasingly digitized education landscape, parents and educators have begun to raise concerns about the scope and security of student data collection.

Industry players, rather than policymakers, have so far led efforts to protect student data. Central to these efforts is the Student Privacy Pledge, a set of standards that providers of digital education services have voluntarily adopted. By many accounts, the Pledge has been a success. …