Privacy Law Commons^™

Actual Harm Means It Is Too Late: How Rosenbach V. Six Flags Demonstrates Effective Biometric Information Privacy Law, Chloe Stepney

Loyola of Los Angeles Entertainment Law Review

Technology is rapidly advancing, and the law is trying to keep up. While this challenge is not new, technological advancements are impacting privacy rights in unprecedented ways. Using a fingerprint to clock in at work or face identification to unlock a smartphone provides ease and convenience, but at what cost?

Currently, there is no federal law that regulates the collection, use, and storage of biometric information in the private sector. On a local level, three states have enacted laws that specifically address biometrics. Of those, the Biometric Information Privacy Act (BIPA) in Illinois provides the strongest protections for consumers, who …

The Missing Regulatory State: Monitoring Businesses In An Age Of Surveillance, Rory V. Loo

Vanderbilt Law Review

An irony of the information age is that the companies responsible for the most extensive surveillance of individuals in history-large platforms such as Amazon, Facebook, and Google-have themselves remained unusually shielded from being monitored by government regulators. But the legal literature on state information acquisition is dominated by the privacy problems of excess collection from individuals, not businesses. There has been little sustained attention to the problem of insufficient information collection from businesses. This Article articulates the administrative state's normative framework for monitoring businesses and shows how that framework is increasingly in tension with privacy concerns. One emerging complication is …

21st Century-Style Truth Decay: Deep Fakes And The Challenge For Privacy, Free Expression, And National Security, Robert Chesney, Danielle Keats Citron

Maryland Law Review

No abstract provided.

Drone Invasion: Unmanned Aerial Vehicles And The Right To Privacy, Rebecca L. Scharf

Indiana Law Journal

Since the birth of the concept of a legally recognized right to privacy in Samuel D. Warren and Louis D. Brandeis’ influential 1890 law review article, “The Right to Privacy,” common law—with the aid of influential scholars—has massaged the concept of privacy torts into actionable claims. But now, one of the most innovative technological advancements in recent years, the unmanned aerial vehicle, or drone, has created difficult challenges for plaintiffs and courts navigating common law privacy tort claims.

This Article explores the challenges of prosecution of the specific privacy tort of intrusion upon seclusion involving nongovernmental use of drone technology. …

Cell Phones Are Orwell's Telescreen: The Need For Fourth Amendment Protection In Real-Time Cell Phone Location Information, Matthew Devoy Jones

Cleveland State Law Review

Courts are divided as to whether law enforcement can collect cell phone location information in real-time without a warrant under the Fourth Amendment. This Article argues that Carpenter v. United States requires a warrant under the Fourth Amendment prior to law enforcement’s collection of real-time cell phone location information. Courts that have required a warrant prior to the government’s collection of real-time cell phone location information have considered the length of surveillance. This should not be a factor. The growing prevalence and usage of cell phones and cell phone technology, the original intent of the Fourth Amendment, and United States …

Keep Your Friends Close And Your Medical Records Closer: Defining The Extent To Which A Constitutional Right To Informational Privacy Protects Medical Records, Lauren Newman

Journal of Law and Health

The following Article discusses the extent to which the constitutional right to informational privacy protects medical data from improper acquisition or dissemination by state agents. Part I provides background on Whalen v. Roe, the Supreme Court case that has been understood to establish the right to informational privacy. Part I also discusses the variations across the circuit courts as to what medical information is afforded protection by the right. Part II analyzes the well-established approaches adopted by the Second and Third Circuits as they present opposing interpretations of Whalen, one wholly protecting medical information and the other protecting …

Privacy, Freedom, And Technology—Or “How Did We Get Into This Mess?”, Alex Alben

Seattle University Law Review

Can we live in a free society without personal privacy? The question is worth pondering, not only in light of the ongoing debate about government surveillance of private communications, but also because new technologies continue to erode the boundaries of our personal space. This Article examines our loss of freedom in a variety of disparate contexts, all connected by the thread of erosion of personal privacy. In the scenarios explored here, privacy reducing activities vary from government surveillance, personal stalking conducted by individuals, and profiling by data-driven corporations, to political actors manipulating social media platforms. In each case, new technologies …

Footprints: Privacy For Enterprises, Processors, And Custodians…Oh My!, Blair Witzel, Carrie Mount

Seattle University Law Review

Americans’ interest in privacy—as evidenced by increasing news coverage, online searches, and new legislation—has grown over the past decade. After the European Union enacted the General Data Protection Regulation (GDPR), technologists and legal professionals have focused on primary collectors of data—known under various legal regimes as the “controller” or “custodian.” Thanks to advances in computing, many of these data collectors offload the processing of data to third parties providing data-related cloud services like Amazon, Microsoft, and Google. In addition to the data they have already collected about the data subjects themselves, these companies now “hold” that data on behalf of …

Privacy Statements Under The Gdpr, Mike Hintze

Seattle University Law Review

The need to include specific types of information in a privacy statement is a GDPR compliance obligation that does not get as much attention as some other GDPR requirements. Perhaps that is because privacy statements have been much maligned in recent years. They are too long and full of legalese. Nobody reads them. They are part of a notice and consent approach to privacy that puts an unrealistic burden on consumers to make informed choices. But despite these well-known criticisms, the GDPR doubles down on privacy statements. In fact, gauging by the roughly fourfold increase in privacy statement requirements compared …

Confiding In Con Men: U.S. Privacy Law, The Gdpr, And Information Fiduciaries, Lindsey Barrett

Seattle University Law Review

In scope, ambition, and animating philosophy, U.S. privacy law and Europe’s General Data Protection Regulation are almost diametric opposites. The GDPR’s ambitious individual rights, significant prohibitions, substantive enforcement regime, and broad applicability contrast vividly with a scattershot U.S. regime that generally prioritizes facilitating commerce over protecting individuals, and which has created perverse incentives for industry through anemic enforcement of the few meaningful limitations that do exist. A privacy law that characterizes data collectors as information fiduciaries could coalesce with the commercial focus of U.S. law, while emulating the GDPR’s laudable normative objectives and fortifying U.S. consumer privacy law with a …

Gdpr Compliance—It Takes A Village, Susy Mendoza

Seattle University Law Review

When the General Data Protection Regulation (GDPR) came into effect in May of 2018, many legal departments were confronted with the gravity of just how they were going to comply with such a wide-reaching law. If you have international customers (both direct to consumer or business to business), it is not hard to convince your general counsel that compliance with the GDPR is a must. You may even be able to get the chief technical officer (CTO) or chief operating officer (COO) onboard just by mentioning the steep fines—two to four percent of worldwide gross revenue. But how does the …

Alexa, Amazon Assistant Or Government Informant?, Julia R. Shackleton Esq.

University of Miami Business Law Review

Alexa, are you listening to me? Technology has become an integral part of one’s everyday life with voice-controlled devices pervading our most intimate interactions and spaces within the home. The answers to our questions are now at our fingertips with the simple roll of the tongue “Alexa,” your very own personal intelligence assistant. This futuristic household tool can perform tasks that range from answering simple voice commands to ordering any online shopping. However, the advent of voice technology presents a myriad of problems. Concerns arise as these new devices live in the privacy of our homes while quietly listening for …

Rights On Publicity As Remarkably Insignificant, R. George Wright

Cleveland State Law Review

This Article introduces the right of publicity through a brief consideration of high-profile cases involving, respectively, Paris Hilton, human cannonball Hugo Zacchini, and the famous actress Olivia de Havilland. With this background understanding, the Article considers the supposed risks to freedom of speech posed by recognizing rights of publicity in a private party. From there, the Article addresses the nagging concern that the publicity rights cases promote a harmful "celebrification" of culture. Finally, the Article considers whether allowing for meaningful damage recoveries in publicity rights cases appropriately compensates victims in ways promoting the broad public interest.

Cashless Societies And The Rise Of The Independent Cryptocurrencies: How Governments Can Use Privacy Laws To Compete With Independent Cryptocurrencies, Matla Garcia Chavolla

Pace International Law Review

Many individuals (including governments) envision living in a future world where physical currency is a thing of the past. Many countries have made great strides in their efforts to go cashless. At the same time, there is increasing awareness among citizens of the decreasing amount of privacy in their lives. The potential hazards cashless societies pose to financial privacy may incentivize citizens to hold some of their money in independent cryptocurrencies. This article argues that in order for governments in cashless societies to keep firm control over their money supply, they should enact stronger privacy law protections for its citizens …

Bytes Bite: Why Corporate Data Breaches Should Give Standing To Affected Individuals, Caden Hayes

Washington and Lee Journal of Civil Rights and Social Justice

High-profile data hacks are not uncommon. In fact, according to the Privacy Rights Clearinghouse, there have been at least 7,961 data breaches, exposing over 10,000,000,000 accounts in total, since 2005. These shocking numbers are not particularly surprising when taking into account the value of information stolen. For example, cell phone numbers, as exposed in a Yahoo! hack, are worth $10 a piece on the black market, meaning the hackers stood to make $30,000,000,000 from that one hack. That dollar amount does not even consider copies the hackers could make and later resell. Yet while these hackers make astronomical payoffs, the …

Younger Generations Are Infected By Continuous Socialization To Accept Diminished Privacy: A Global Analysis Of How The United States' Constitutional Doctrine Is A Main Contributor To Eroded Privacy, Tiffany Kim

Indiana Journal of Global Legal Studies

Since the nineteenth century, privacy concerns have increased with the growth of technology. The invention of instantaneous photography, coupled with the enlarged presence of press, was met with concerns of degraded privacy. Society has formed expectations of privacy, but as time passes, those expectations continue to diminish. Younger generations have been socialized to accept lessened levels of privacy in this digitalized world of mass data and connectivity.

Individual privacy expectations vary globally. The construction of China's government and culture produces a lesser expectation of individual privacy than that of the United States. As outlined in the U.S. Constitution, U.S. citizens …

Privacy In Gaming, N. Cameron Russell, Joel R. Reidenberg, Sumyung Moon

Fordham Intellectual Property, Media and Entertainment Law Journal

Video game platforms and business models are increasingly built on collection, use, and sharing of personal information for purposes of both functionality and revenue. This paper examines privacy issues and explores data practices, technical specifications, and policy statements of the most popular games and gaming platforms to provide an overview of the current privacy legal landscape for mobile gaming, console gaming, and virtual reality devices. The research observes how modern gaming aligns with information privacy notions and norms and how data practices and technologies specific to gaming may affect users and, in particular, child gamers.

After objectively selecting and analyzing …

Keeping It Off The Record: Student Social Media Monitoring And The Need For Updated Student Records Laws, Alice Haston

Vanderbilt Journal of Entertainment & Technology Law

An increasing number of school districts work with private companies to monitor public social media and to notify administrators of alarming student information. Although these services help address challenging school safety issues, the Family Educational Rights and Privacy Act (FERPA) and state law offer little guidance on how districts should store student social media data. This Note encourages states to pass student records laws similar to recent California legislation and urges the Department of Education to clarify the relationship between student social media and education records under FERPA. New state and federal initiatives would help ensure that third parties may …

The Future Of Facial Recognition Is Not Fully Known: Developing Privacy And Security Regulatory Mechanisms For Facial Recognition In The Retail Sector, Elias Wright

Fordham Intellectual Property, Media and Entertainment Law Journal

In recent years, advances in facial recognition technology have resulted in a rapid expansion in the prevalence of private sector biometric technologies. Facial recognition, while providing new potentials for safety and security and personalized marketing by retailers implicates complicated questions about the nature of consumer privacy and surveillance where a “collection imperative” incentivize corporate actors to accumulate increasingly massive reservoirs of consumer data. However, the law has not yet fully developed to address the unique risks to consumers through the use of this technology. This Note examines existing regulatory mechanisms, finding that consumer sensitivities and the opaque nature of the …

The Department Of Justice Versus Apple Inc. -- The Great Encryption Debate Between Privacy And National Security, Julia P. Eckart

Catholic University Journal of Law and Technology

This article is an attempt to objectively examine and assess legal arguments made by Apple Inc. (Apple) and the Department of Justice (DOJ) concerning the DOJ’s use of the All Writs Act[1] (AWA) to require Apple to provide technical assistance to the DOJ so that it could access the encrypted data from the locked iPhone of Syed Rizwan Farook, commonly referred to as the San Bernardino shooter. The DOJ’s initial ex parte application focused on meeting the requirements of United States v. New York Telephone Co.[2] concluding the court order was authorized and appropriate. Apple not only argued …

Face Off: An Examination Of State Biometric Privacy Statutes & Data Harm Remedies, Maya E. Rivera

Fordham Intellectual Property, Media and Entertainment Law Journal

As biometric authentication becomes an increasingly popular method of security among consumers, only three states currently have statutes detailing how such data may be collected, used, retained, and released. The Illinois Biometric Information Privacy Act is the only statute of the three that enshrines a private right of action for those who fail to properly handle biometric data. Both the Texas Capture or Use Biometric Identifier Act Information Act and the Washington Biometric Privacy Act allow for state Attorneys General to bring suit on behalf of aggrieved consumers. This Note examines these three statutes in the context of data security …

"You Have The Data"...The Writ Of Habeas Data And Other Data Protection Rights: Is The United States Falling Behind?, Sarah L. Lode

Indiana Law Journal

In Part I of this Note, I will discuss the writ of habeas data that has been developed primarily, but not exclusively, in Latin American countries. I will discuss the intricacies of the writ, how it evolved, and how it is applied today. Using Argentina as an example, I will discuss how the writ would be used by an Argentine citizen to protect her personal data. Part II summarizes the previously employed data protection scheme in the European Union, the Data Protection Directive (“the Directive”), and will also discuss the new EU data protection regulation, the General Data Protection Regulation …

Identities In Critical Condition: The Urgent Need To Reevaluate The Investigation And Resolution Of Claims Of Medical Identity Theft, Stephanie Lindgren

Mitchell Hamline Law Review

No abstract provided.

Data Protection In An Increasingly Globalized World, Nicholas F. Palmieri Iii

Indiana Law Journal

With the rise of the internet in recent decades, it has become increasingly easy for various enterprises—including retailers, advertising agencies, and service providers—to acquire, use, and even share the personal details of their users. Such a trend is unlikely to decrease in the coming years; in fact, internet usage is only likely to increase as more and more people gain access to the internet. In the wakeof recent data breaches, including the now infamous breach of Equifax as well as the scandal involving Facebook and Cambridge Analytica, people are even more aware of the need for (and the risk of …