Your search keyword '"Data security -- Laws, regulations and rules"' showing total 21,806 results

1. Unchecked Checkpoints: Why TSA's Facial Recognition Plan May Need Congressional Approval.

Author

Lowell, Robert Taft

Subjects

Privacy, Right of -- Laws, regulations and rules, Delegation of powers -- Laws, regulations and rules, Data security -- Laws, regulations and rules, Legislative oversight -- Laws, regulations and rules, Airport security -- Technology application -- Laws, regulations and rules, Administrative discretion -- Laws, regulations and rules, Delegated legislation -- Laws, regulations and rules, Judicial review of administrative acts -- Laws, regulations and rules, Personal information -- Access control -- Laws, regulations and rules, Chevron U.S.A., Inc. v. Natural Resources Defense Council (467 U.S. 837 (1984)), United States. Transportation Security Administration -- Powers and duties, Government regulation, Data security issue, Technology application, Administrative Procedure Act, Aviation and Transportation Security Act of 2001

Abstract

TABLE OF CONTENTS I. BACKGROUND 837 II. THE SIGNIFICANCE OF TSA'S FACIAL RECOGNITION 841 PROGRAM III. HISTORICAL DEFERENCE TO AGENCY INTERPRETATIONS 845 IV. HOW THE COURT MIGHT REVIEW THE TSA'S [...], The Transportation Security Administration (TSA) has begun using facial recognition technology (FRT) to screen passengers at airports. Although travelers can currently opt out, it is not clear that this will continue to be an option as the program expands. This raises significant concerns about the amount of personally identifiable information being collected by the agency, as well as the level of discretion the agency has to implement this increasingly invasive technology without input from Congress. This Note proposes that, in light of the United States Supreme Court's shift away from its deferential Chevron standard for reviewing agency action, litigators can and should argue that the TSA's program ought to be struck down. Furthermore, it concludes that, regardless of whether the TSA's program would be invalidated in court, Congress should step in and pass legislation guiding the agency's adoption of FRT. Although much has been written about the Court's evolving Chevron-deference jurisprudence, this Note contributes to the discussion by applying this analysis to the TSA's potentially problematic new FRT program.

Published

2024

2. Revisiting Code-as-Law: Regulation and Extended Reality.

Author

Heller, Brittan

Subjects

Privacy, Right of -- Laws, regulations and rules, Harm principle (Ethics) -- Analysis, Data security -- Laws, regulations and rules, Augmented Reality -- History -- Laws, regulations and rules, Cyberlaw -- History -- Evaluation, Online services -- Laws, regulations and rules, Virtual reality -- History -- Laws, regulations and rules, Source code -- Usage -- Laws, regulations and rules, Government regulation, Cable television/data services, Virtual reality technology, Online services, Data security issue

Abstract

TABLE OF CONTENTS I. INTRODUCTION 657 II. "THE LAW OF THE HORSE" 660 III. COMPUTING SYSTEMS OF THE 1990S AND TODAY 662 A. Internet of the 1990s-2000s 663 B. Spatial [...], In the wake of Judge Frank Easterbrook's critique of the development of specific laws for cyberspace, Lawrence Lessig's 1998 proposition of "code-as-law" framed the internet's regulatory landscape through the interplay of four modalities--law, norms, market, and architecture. Today, at the start of the era of spatial computing, also known as extended reality (XR), it is timely to reassess Lessig's insights for this burgeoning digital frontier. This Article seeks to (1) update Lessig's framework to suit 3D computing, (2) envision governance for these novel systems, and (3) reimagine technological governance amidst failing traditional institutions. Revisiting code-as-law, the dynamic interplay of Lessig's modalities in digital governance shows how norms have played a central role. The internet's formative years echo today's nascent XR landscape in terms of legal ambiguity and technical volatility, as the parallel between the 1990s internet and current XR statistics underscores. Leading corporations' large investments in XR suggests that immersive technology will dominate future computing. XR demands new governance models due to its layering of digital environments onto real spaces, its profound sensory and psychological impact on users, and the commercial drive for content within virtual worlds, contrasting with the origins of the internet, with the impetus coming from outside the private sector. The uniqueness of XR, and more explicitly the differences from traditional flat screen computing, presents new governance challenges. When traditional modalities fail, society often reverts to hard law for intervention. This Article ponders the inflection points that could lead to such demands within XR pertaining to privacy concerns and the reemergence of online harms in a new medium. It questions the adequacy of Lessig's model in addressing systemic inefficiencies and the renegotiation of modalities in light of power imbalances. In sum, the study of cyberspace--and by extension, spatial computing--should transcend technical specifics and consider how emerging technologies can become inclusive or exclusionary. Drawing parallels with the early internet, this Article advocates for deliberate creation of networked spaces that embrace new modes of governance, thereby shaping a more equitable digital future.

Published

2024

3. Towards Future-Proof, Rights-Respecting Automated Data Collection: An Examination of European Jurisprudence.

Author

Kokoulina, Olga

Subjects

Privacy, Right of -- Laws, regulations and rules, Data security -- Laws, regulations and rules, Harm principle (Ethics) -- Analysis, Web scraping -- Laws, regulations and rules, Data entry -- Safety and security measures -- Laws, regulations and rules, Computer crimes -- Prevention -- Laws, regulations and rules, Application Programming Interface -- Usage -- Laws, regulations and rules, Personal information -- Access control -- Laws, regulations and rules, Government regulation, Application programming interface, Data security issue, Computer crime, European Union. General Data Protection Regulation, European Convention on Human Rights

Abstract

TABLE OF CONTENTS I. INTRODUCTION 708 II. DEFINING "PUBLICLY ACCESSIBLE ONLINE DATA" 714 A. On a Baseline of Public Accessibility 715 B. Public Accessibility as a Technological Construct: 718 Automating [...], The data scraping and data collection that Application Programming Interfaces (APIs) enable are ubiquitous means of automatically and instantaneously gathering large amounts of online data. Anyone can leverage the capabilities of internet infrastructure to engage in data collection, yet the subjects of the data collection are often unaware of the full extent to which this personal data harvesting occurs. The accessibility and discreetness of large-scale automated online data collection test the overall fitness of the European data protection framework, the General Data Protection Regulation (GDPR), to provide control to individuals over their personal data while promoting innovation and ensuring legal certainty for all parties concerned. This Article explores the extent to which the jurisprudence of the Court of Justice of the European Union (CJEU) and the guidance of data protection authorities have accommodated this technological transformation. Data controllers have been the apparent focal point of institutional responses. Absent further clarification, however, an approach focused on data controllers is likely both insufficient and unsustainable. This Article outlines areas for further clarification and additional focus--namely, the concept of "public accessibility" of online data, the notion of "reasonable expectations," the capacity of the "fairness" principle, and an increased emphasis on technological infrastructure and rights-respecting AI development.

Published

2024

4. The Privacy Paradox in Discovery.

Author

Stuart, Allyson Haynes

Subjects

Privacy, Right of -- Laws, regulations and rules, Data security -- Laws, regulations and rules, Electronic surveillance -- Laws, regulations and rules, Confidential communications -- Laws, regulations and rules, Work product privilege (Law) -- Laws, regulations and rules, Discovery abuse -- Laws, regulations and rules, Electronic records -- Access control -- Laws, regulations and rules, Discovery (Law) -- Technology application -- Laws, regulations and rules, Personal information -- Access control -- Laws, regulations and rules, Government regulation, Data security issue, Technology application, Federal Rules of Civil Procedure (Fed R. Civ. P. 26(b)(1)-26(b)(2)), United States Constitution (U.S. Const. amend. 4)

Abstract

TABLE OF CONTENTS I. INTRODUCTION: CIVIL INVASIONS OF PRIVACY 616 II. THE HISTORY OF PRIVACY IN DISCOVERY 620 A. Early Focus on Depositions and "Blackmail": The 1930s 623 B. Attorney [...], US citizens enjoy strong protection against criminal searches pursuant to the Fourth Amendment, but they must produce a diary entry from a bedroom drawer or a text message to a romantic partner if it is relevant to a civil case and not privileged. The reason for this paradox, long a mystery to outsiders, is a complex mixture of history and culture. Understanding the paradox is particularly important now. In the absence of any other check on discovery, federal and state courts have relied on persuasive sources to protect privacy in pretrial practice, none of which are reflected in the discovery rules. The Supreme Court gutted one of those sources, the federal constitutional right to privacy, in Dobbs. At the same time, technological advancements and increasingly intrusive discovery requests push the boundaries of the rules. It is time to strengthen individual privacy rights in the context of civil discovery requests that implicate intimate and even incriminating details. The early history of discovery rules in the federal system shows no intent that parties to a civil lawsuit waive any privacy rights they might otherwise possess. Rather, the breadth of discovery--intended to prevent secrecy before trial--resulted from grafting equity procedures onto legal claims without retaining equitable guardrails. As technology changed the discovery landscape from designated paper documents to broad categories of electronic databases, broad disclosure became akin to a constitutional right. While digital invasions of privacy were a primary issue for legislative protection and Fourth Amendment concern, no concomitant change occurred in the discovery rules. Instead, courts protected against discovery into private matters by reference to persuasive privacy laws and by use of protective orders, which are increasingly ineffective. This Article proposes a revision to the civil discovery rules that would give explicit protection to information when it is subject to a reasonable expectation of privacy. The revolution initiated by the broad discovery rules did not result in transparency and justice but instead provided tools for abuse. Simply because sensitive information housed in a database or on the cloud is potentially relevant to broad issues in litigation does not mean that it should be presumptively discoverable. Instead, courts should require production only based on a showing of substantial need. Given the erosion of constitutional protection in Dobbs and its intimations for other rights, the legal system must prevent the use of broad discovery to harass, embarrass, and deter access to the courts.

Published

2024

5. THE PRESIDENT'S AUTHORITY OVER CROSS-BORDER DATA FLOWS.

Author

Chander, Anupam and Schwartz, Paul

Subjects

Transborder data flow -- Laws, regulations and rules, Privacy, Right of -- Laws, regulations and rules, Delegation of powers -- Laws, regulations and rules, Exceptions (Law) -- Laws, regulations and rules, Delegation of authority -- Laws, regulations and rules, Data security -- Laws, regulations and rules, Free trade -- Technology application -- Laws, regulations and rules, War and emergency powers -- Laws, regulations and rules, Personal information -- Access control -- Laws, regulations and rules, Government regulation, Data security issue, Technology application, International Emergency Economic Powers Act, United States Constitution (U.S. Const. art. 2) (U.S. Const. amend. 5)

Abstract

INTRODUCTION 1990 I. ASSERTING PRESIDENTIAL AUTHORITY OVER CROSS-BORDER 1994 DATA FLOWS A. The TikTok Challenge: High Noon on Capitol Hill 1995 B. IEEPA and Personal Data 1999 1. The Road [...], This Article reveals a surprising expansion of presidential authority to control goods and services available in the United States because of the information flows that they entail. Such authority is grounded in laws focused on protecting national security, here with respect to foreign surveillance and propaganda. But broad executive powers over our information infrastructure raises significant concerns with respect to core American values of free expression and due process. Worries about unfettered foreign access to data should be coupled with worries about unfettered executive control over our information services and technologies.

Published

2024

6. Taxation of Information and the Data Revolution.

Author

Braunef, Yariv

Subjects

Organisation for Economic Co-operation and Development -- Tax policy, Privacy, Right of -- Laws, regulations and rules, Data security -- Laws, regulations and rules, Disclosure (Taxation) -- Laws, regulations and rules, Tax evasion -- Laws, regulations and rules, International business enterprises -- Taxation -- Laws, regulations and rules, Personal information -- Access control -- Laws, regulations and rules, Corporate income taxes -- Laws, regulations and rules, Tax treaties -- Laws, regulations and rules, Government regulation, Data security issue

Abstract

Introduction I. The Current Rules Are Incapable of Taxing Information A. Fundamental Challenges 1. The Subject of Taxation i. What Exactly Do We Want to Tax? ii. Semantics iii. Has [...], Existing and universal income tax rules are inherently incompatible with an economy in which information-based transactions play a significant role. This Article contends that income taxation is incapable of taxing information effectively. It goes on to argue that this incapability currently necessitates reform, and it offers three viable paths to such reform: consumption taxation, data taxes, and formulary taxation. The Article concludes that formulary taxation is currently the most desirable and plausible path to effective reform, owing to its promise to best stabilize and maintain the legitimacy of the international tax regime.

Published

2024

7. Artificial Intelligence (AI) Law, Rights & Ethics.

Author

Walker, G.A.

Subjects

Privacy, Right of -- Laws, regulations and rules, Human-computer interaction -- Evaluation, Artificial intelligence -- Ethical aspects -- Laws, regulations and rules, Data security -- Laws, regulations and rules, Computer ethics -- Laws, regulations and rules, Personal information -- Access control -- Laws, regulations and rules, Government regulation, Data security issue, Artificial intelligence

Abstract

Part 1 of 2 I. Artificial Intelligence Introduction Continuous change in the nature and development of technology have had an enormous impact on the evolution of business, commerce, government, and [...]

Published

2024

8. Artificial Intelligence (AI) Law, Rights & Ethics.

Author

Walker, G.A.

Subjects

Privacy, Right of -- Laws, regulations and rules, Human-computer interaction -- Evaluation, Artificial intelligence -- Ethical aspects -- Laws, regulations and rules, Data security -- Laws, regulations and rules, Computer ethics -- Laws, regulations and rules, Risk assessment -- Laws, regulations and rules, Machine learning -- Ethical aspects -- Laws, regulations and rules, Personal information -- Access control -- Laws, regulations and rules, Government regulation, Data security issue, Artificial intelligence

Abstract

Part 2 of 2 G. UK Programme British regulatory agencies adopted a number of initiatives regarding AI. (778) Early guidance on AI Ethics and Safety was produced in June 2 [...]

Published

2024

9. Data as Likeness

Author

Takhshid, Zahra

Subjects

Government regulation, Data security issue, Artificial intelligence, Privacy, Right of -- Laws, regulations and rules, Artificial intelligence -- Laws, regulations and rules -- Usage, Data security -- Laws, regulations and rules, Consent (Law) -- Laws, regulations and rules, Freedom of speech -- Laws, regulations and rules, Tort liability -- Laws, regulations and rules, Data entry -- Laws, regulations and rules -- Remedies, Standing (Law) -- Laws, regulations and rules, Publicity (Law) -- Laws, regulations and rules, Restatement (Second) of Torts, United States Constitution (U.S. Const. art. 3) (U.S. Const. amend. 1)

Abstract

Artificial intelligence (AI) and data collection practices pose an ongoing threat to consumers' privacy. But plaintiffs have struggled to articulate privacy harms associated with data collection in a way that would give them standing to sue. This is a particularly pressing issue given the advances in generative AI and the unauthorized uses of individuals' personal and biometric data. This Article revisits the privacy tort of appropriation of likeness and argues that when data are conceptualized as likeness, this tort offers a unique opportunity to protect against the unauthorized collection and use of personal data. Grounding its argument in the historical evolution of the tort of appropriation, this Article contends that an individual's personal data are an aspect of a person's unique digital identity, mostly used by third parties in a data-driven world, which should be covered by this tort. Conceptualizing unauthorized personal data collection in this manner underscores the evolving nature of the common law of torts in recognizing new forms of harms. It offers a solution for the current gridlock on data protection measures and the unauthorized use of one's data in emerging generative AI technologies such as deep voice. Recent Supreme Court decisions have insisted that privacy victims must show some form of concrete harm to achieve constitutional standing. Accordingly, employing the privacy tort of appropriation of likeness and recognizing the concept of digital persona allow plaintiffs to establish standing by identifying a close historical or common law analogue for their asserted privacy injury. Lastly, similar to other privacy torts, this approach can survive First Amendment objections., TABLE OF CONTENTS INTRODUCTION I. PRIVACY IN TORTS II. THE EVOLUTION OF THE TORT OF APPROPRIATION III. APPROPRIATION OF DIGITAL LIKENESS AND PERSONA. A. DATA AS LIKENESS B. WHAT TYPE [...]

Published

2024

10. Dystopian Dreams, Utopian Nightmares: AI and the Permanence of Racism.

Author

Arnett, Chaz

Subjects

Privacy, Right of -- Laws, regulations and rules, Artificial intelligence -- Usage -- Laws, regulations and rules, Data security -- Laws, regulations and rules, Race discrimination -- Laws, regulations and rules, African Americans -- Laws, regulations and rules, Government regulation, Data security issue, Artificial intelligence

Abstract

TABLE OF CONTENTS INTRODUCTION I. THE BETWEEN: UTOPIA AND DYSTOPIA IN AFROFUTURISM AND AI A. PROMISE OF UTOPIA 1. Utopian Dreams And Afrofuturism a. Parable Of The Sower b. The [...], This Essay draws connections between Octavia Butler's Parable series (Parable of the Sower and Parable of the Talents), HBO's Westworld, and Derrick Bell's Faces at the Bottom of the Well: The Permanence of Racism to highlight how the reconfiguration and transmutation of race through technological change is facilitated by corresponding shifts in legal doctrine, theory, policy, and practice. It takes the overlapping threads from these three sources, which struggle with the idea of change within larger systems of unavoidable, repetitive destruction, and ties them to the law's role in helping to shield race through the storms of change by being similarly nimble, flexible, and perseverant. The Essay identifies a theme found in both the selected Afrofuturistic works and in tech-centered legal doctrine, regulation, and theoiy that illuminate the law's role in reconstituting the fraught relationship between race and technology: the promise of Utopia. The Essay explores this concept in the context of emerging debates on the function, utility, and harm of generative artificial intelligence (AI), which has been promoted as the latest tool toward a transhumanist future devoid of the trappings of humanity's biggest flaws. It proposes four emanating values, Ustopia, Sankofa, Data Justice, and Data Power, which should help guide advocacy, policymaking, and resistance in an increasingly AI dominated future. It ultimately concludes that an Afrofuturistic lens is not only important for understanding the potential harms of AI and developing re gulatory frameworks but also necessaiy for imagining how such technologies could sei-ve the interests of radical Black futures. The Essay contributes to a burgeoning literature using Afrofuturism--which situates the Black struggle in persistent yet continuously changing structural disparities and power relations--as an important departure point for expressing data precarity and reimagining new modes of data protection.

Published

2024

11. Thinking of a Master Plan: Data Citizenship/Ownership as a Portal to an Unfettered Black Universal Basic Income.

Author

Butler, Philip

Subjects

Privacy, Right of -- Laws, regulations and rules, Artificial intelligence -- Usage -- Laws, regulations and rules, Crypto-currencies -- Laws, regulations and rules, Data security -- Laws, regulations and rules, Online assets -- Laws, regulations and rules, Personal information -- Access control -- Laws, regulations and rules, African Americans -- Laws, regulations and rules, Government regulation, Data security issue, Artificial intelligence

Abstract

TABLE OF CONTENTS INTRODUCTION I. A BLACK TECHNOSPHERE II. EVIDENCE OF BLACK POSTHUMANISM IN THE STORY III. DAOS, OWNERSHIP, AND CITIZENSHIP INTRODUCTION If you are old enough to remember the [...]

Published

2024

12. Political Spam: Why It Sucks and How To Fix It.

Author

Slawson, Alex

Subjects

Privacy, Right of -- Laws, regulations and rules, Spam (Junk email) -- Laws, regulations and rules -- Prevention -- Political aspects, Campaign funds -- Laws, regulations and rules, Data security -- Laws, regulations and rules, Political fund raising -- Laws, regulations and rules, Disclosure of information -- Laws, regulations and rules, Freedom of speech -- Laws, regulations and rules, Email filtering software -- Laws, regulations and rules -- Usage, False advertising -- Laws, regulations and rules -- Political aspects, Computer crimes -- Laws, regulations and rules -- Political aspects, Government regulation, Data security issue, Unsolicited bulk e-mail, Computer crime, Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003, United States Constitution (U.S. Const. amend. 1)

Abstract

INTRODUCTION 1224 I. THE PROBLEM 1226 A. Staring Down the Barrel of the Spam Cannon 1226 B. Why Is There So Much Spam ? 1230 C. Why Is There So [...], Email spam is more than just annoying. It is costly, both to the individual and to society. This Comment examines these costs through the lens of one type of spam: political fundraising emails. It also proposes two types of solutions. The first is "front-end" regulation, which could include a do-not-email registry or an outright ban on unsolicited bulk email. This type of regulation would address the spam problem by decreasing the overall amount. The second type of solution is "back-end" regulation, meaning subject-line labeling and a requirement that spammers stick to one sender name. This would tackle the problem by decreasing the costs of receiving each spam email. This Comment weighs the advantages and disadvantages of each approach, ultimately concluding that Congress should pursue back-end regulation first because it is more likely to survive First Amendment scrutiny.

Published

2024

13. The Necessary and Proper Stewardship of Judicial Data.

Author

Clopton, Zachary D. and Huq, Aziz Z.

Subjects

Privacy, Right of -- Laws, regulations and rules, Data security -- Laws, regulations and rules, Legislative power -- Laws, regulations and rules, Freedom of information -- Laws, regulations and rules, Electronic records -- Access control -- Laws, regulations and rules, Court records -- Technology application -- Access control -- Laws, regulations and rules, Federal courts -- Records and correspondence, Government regulation, Data security issue, Technology application, Freedom of Information Act, Federal Records Act of 1950

Abstract

Table of Contents Introduction I. The Informational Economy of the Federal Courts A. The Production of Judicial Data B. The Capture (or Flight) of Judicial Data 1. Filings as written [...], Governments and commercial firms create profit and social gain by exploiting large pools of data. One source of valuable data, however, lies in public hands yet remains largely untapped. While the deep reservoirs of data produced by Congress and federal agencies have long been available for public use, the data produced by the federal judiciary is only loosely regulated, imperfectly available to the public at large, and largely ignored by scholars. The ordinary process of litigation in federal courts generates an enormous volume of data. Especially after recent developments in large language models, this data holds immense potential. It can be used to predict case outcomes or clarify the law in ways that advance legality and judicial access. It can reveal shortfalls in judicial practice and enable the provision of cheaper, better access to justice. It can make legible many otherwise invisible social facts that, if brought to light, can improve public policy. Or the data can fuel private profits, its benefits accruing to a small coterie of data brokering firms capable of monopolizing its commercial use. This Article is the first to address the complex empirical, legal, and normative questions raised by the untapped public asset of judicial data. It develops a positive, descriptive account of how federal courts produce, dissipate, preserve, or disclose information. This account includes a map of the well-known sources of Article III data (for example, opinions, orders, and briefs), but also extends to a massive volume of "dark data" produced but either lost or buried by the courts. This positive analysis further uncovers a complex administrative framework that erects a plethora of walls and hurdles--some categorical, and some individuated--to slow down or stop public access. With this positive understanding in hand, we offer a careful analysis of the constitutional questions implicated in decisions to disclose--or to render opaque--judicial data. Drawing attention to the key question of who controls judicial data flows, we demonstrate the existence of sweeping congressional power to regulate judicial data outside of a small zone of inherent judicial authority and a handful of instances in which privacy or safety are implicated by disclosure. Congressional authority, therefore, is the rule and not the exception. Having established these empirical and legal predicates, the Article offers a normative vision of how Congress should regulate the production and dissemination of judicial data in light of the capabilities and incentives of relevant actors. The information produced by the federal courts should not exclusively be a source of private profit for a few data-centered firms. It is a public asset that should be elicited and disseminated in ways that advance the federal courts' mission of equal justice under law.

Published

2024

14. BAYOU-METRICS: HOW LOUISIANA CAN PROTECT ITS CITIZENS IN A BIOMETRICS-INTENSIVE WORLD.

Author

Doucet, Jada C.

Subjects

Privacy, Right of -- Laws, regulations and rules, Lex talionis -- Laws, regulations and rules -- Prevention, Consumer protection -- Laws, regulations and rules, Data security -- Laws, regulations and rules, Consent (Law) -- Laws, regulations and rules, Data entry -- Safety and security measures -- Laws, regulations and rules, Computer crimes -- Prevention -- Remedies -- Laws, regulations and rules, Right of action -- Laws, regulations and rules, Notice (Law) -- Laws, regulations and rules, Government regulation, Biometric technology, Data security issue, Computer crime, Louisiana. Consumer Privacy Act of 2024 (Draft)

Abstract

INTRODUCTION 418 I. THE SCIENCE AND LEGISLATION OF BIOMETRICS 421 A. BIOMETRICS IN THE MODERN WORLD 422 B. MODERN RISKS IN THE BIOMETRICS FIELD 424 C. STATE BIOMETRIC REGULATION 427 [...]

Published

2024

15. THE KIDS ARE NOT ALRIGHT: NEGATIVE CONSEQUENCES OF STUDENT DEVICE AND ACCOUNT SURVEILLANCE.

Author

Peterson, Ashley

Subjects

Minority students -- Information management -- Laws, regulations and rules, Privacy, Right of -- Laws, regulations and rules, School safety -- Innovations -- Laws, regulations and rules, School districts -- Information management -- Accounting and auditing -- Laws, regulations and rules, Data security -- Laws, regulations and rules, Electronic surveillance -- Laws, regulations and rules, Freedom of speech -- Laws, regulations and rules, School discipline -- Laws, regulations and rules, Disparate impact -- Analysis, Government regulation, Company systems management, Data security issue, United States Constitution (U.S. Const. amend. 1) (U.S. Const. amend. 4)

Abstract

INTRODUCTION Today's students have never known a world without technology. In particular, computers and the internet permeate all aspects of students' lives. (1) The pervasiveness of this technology extends to [...], In recent years, student surveillance has rapidly grown. As schools have experimented with new technologies, transitioned to remote and hybrid instruction, and faced pressure to protect student safety, they have increased surveillance of school accounts and school-issued devices. School surveillance extends beyond school premises to monitor student activities that occur off-campus. It reaches students' most intimate data and spaces, including things students likely believe are private: internet searches, emails, and messages. This Comment focuses on the problems associated with off-campus surveillance of school accounts and school-issued devices, including chilling effects that fundamentally alter student behavior, reinforcement of the school-to-prison pipeline, and disproportionate impacts on certain groups--including low-income students, LGBTQIA2S+ students, and students with disabilities. This Comment argues that the current legal landscape--federal and state laws, the Fourth Amendment, and the First Amendment--inadequately protects student privacy. Drawing on aspects of existing privacy frameworks, this Comment proposes solutions that could be implemented by the Supreme Court, federal and state legislators, and school districts. All of these solutions aim to increase student privacy protections. First, the Supreme Court should clarify whether speech on school-issued devices is protected by adopting clear categories of "school speech" that are subject to discipline. Second, new federal and state protections could bolster student privacy. Such laws should limit data sharing when collected from school-issued devices used at home, mandate data minimization and further limitation of data collected, and implement mandatory tracking of the impacts of student surveillance. Third, school districts should conduct audits and increase transparency to demonstrate their commitment to protect student privacy.

Published

2024

16. Musk’s anticipated cost-cutting hacks could weaken American cybersecurity

Subjects

Expenditures, Public -- Laws, regulations and rules, Data security -- Laws, regulations and rules, Cyberterrorism -- Laws, regulations and rules, Government regulation, Company financing, Data security issue, Computers

Abstract

Donald Trump has https://www.cbsnews.com/news/trump-department-of-government-efficiency-doge-elon-musk-ramaswamy/ loyalist and the richest man in the world, Elon Musk, along with former presidential candidate Vivek Ramaswamy, to spearhead an initiative called the Department of Government [...]

Published

2024

17. NIS2’s cybersecurity value spreads beyond its expanded scope

Subjects

Data security -- Laws, regulations and rules, Internet -- Safety and security measures, Cyberterrorism -- Laws, regulations and rules, Government regulation, Internet security, Data security issue, Computers, European Union

Abstract

The European Union’s NIS2 (Network and Information Security) Directive has come into force to update the first 2016 NIS regulation to better address an increasingly damaging cyber threat landscape. The [...]

Published

2024

18. The Fourth Amendment State Agency Requirement: Some Doubts.

Author

Gray, David

Subjects

Searches and seizures -- Laws, regulations and rules, Privacy, Right of -- Laws, regulations and rules, Data security -- Laws, regulations and rules, Electronic surveillance -- Laws, regulations and rules, Disclosure of information -- Laws, regulations and rules, Equality before the law -- Laws, regulations and rules, Due process of law -- Analysis, Personal information -- Access control -- Laws, regulations and rules, Carpenter v. United States (138 S. Ct. 2206 (2018)), Government regulation, Data security issue, United States Constitution (U.S. Const. amend. 4) (U.S. Const. amend. 14)

Abstract

INTRODUCTION I. THE ORIGINAL FOURTH AMENDMENT AND THE STATE AGENCY REQUIREMENT A. THE DOCTRINAL ORIGINS OF THE FOURTH AMENDMENT STATE AGENCY REQUIREMENT B. THERE IS NO TEXTUAL BASIS FOR THE [...], The state agency requirement holds that the "Fourth Amendment restricts the conduct of the Federal Government and the States; [but] does not apply to private actors." As Justice Alito has pointed out, this rule dramatically limits the capacity of the Fourth Amendment to protect the "security of the people ... against unreasonable searches and seizures" because "today, some of the greatest threats to individual privacy may come from powerful private companies that collect and sometimes misuse vast quantities of data about the lives of ordinary Americans." Thanks to the state agency requirement, cell service providers as well as cellphone application companies like Google, Waze, and Uber that gather, aggregate, and store detailed location information remain at liberty to track each of us and all of us free from Fourth Amendment restraint. Similarly, companies like Amazon that sell home surveillance devices, internet service companies like Verizon, Comcast, Google, and Microsoft that aggregate and exploit details about what we do online, and social media platforms such as Meta, X, and Google that gather and store comprehensive details about our associational networks, all appear immune from Fourth Amendment regulation despite having access to intimate details about our lives and presenting demonstrable threats to our liberty and democratic order. Must it be this way? Or does the Fourth Amendment have a role to play in protecting us from these private surveillants? This Article argues that it does. An examination of the caselaw shows that the Fourth Amendment state agency requirement's jurisprudential foundations are thin. In fact, the text and history of the Fourth Amendment provide substantial evidence that it was always meant to regulate searches conducted by "private" entities. Given this, it is natural to wonder where the rule came from and why it persists. Like so much of our legal culture, the answer is bound up in longstanding efforts to entrench and defend racial apartheid in the United States. If that is right, then there is more at stake here than questions of doctrine and constitutional interpretation. Modifying or abandoning our views on the Fourth Amendment state agency requirement may be essential to our ongoing efforts both to guarantee the "security of the people ... against unreasonable searches and seizures" and to pursue a "more perfect union" for all of "the people."

Published

2024

19. Power to the people tech: Our panel posits that artificial intelligence isn't the only technology trend making waves in accounting firms and finance departments.

Subjects

Accountants -- Practice -- Evaluation, Crypto-currencies -- Laws, regulations and rules, Data security -- Laws, regulations and rules, Online assets -- Laws, regulations and rules, Telecommuting -- Management, Accounting firms -- Technology application -- Management, Government regulation, Company business management, Data security issue, Telecommuting, Technology application

Abstract

Over the 13 years since it was first held, the JofA Accounting Technology Roundtable has focused on the trends affecting the profession from the cloud on down. So, after the [...]

Published

2024

20. NAVIGATING DISCOVERY IN data privacy cases: These four takeaways can help you find your way through common e-discovery issues in data privacy and data breach cases.

Author

Thomas, Amina A. and Resch, Brittany

Subjects

Privacy, Right of -- Laws, regulations and rules, Data security -- Laws, regulations and rules, Restraining orders -- Laws, regulations and rules -- Management, Discovery (Law) -- Laws, regulations and rules -- Management, Electronic evidence -- Laws, regulations and rules -- Management, Government regulation, Company business management, Data security issue

Abstract

"Much of the discovery done in civil suits implicates confidentiality and privacy interests, and courts are often asked to carefully balance these interests with the compelling need for discovery." (1) [...]

Published

2024

21. Data as Likeness.

Author

Takhshid, Zahra

Subjects

Privacy, Right of -- Laws, regulations and rules, Artificial intelligence -- Laws, regulations and rules -- Safety and security measures, Data security -- Laws, regulations and rules, Consent (Law) -- Laws, regulations and rules, Freedom of speech -- Laws, regulations and rules, Standing (Law) -- Laws, regulations and rules, Publicity (Law) -- Laws, regulations and rules, Government regulation, Data security issue, Artificial intelligence, Restatement (Second) of Torts, United States Constitution (U.S. Const. amend. 1) (U.S. Const. art. 3)

Abstract

Table of Contents Introduction I. Privacy in Torts II. The Evolution of the Tort of Appropriation III. Appropriation of Digital Likeness and Persona A. DATA AS LIKENESS B. WHAT TYPE [...], Artificial intelligence (AI) and data collection practices pose an ongoing threat to consumers' privacy. But plaintiffs have struggled to articulate privacy harms associated with data collection in a way that would give them standing to sue. This is a particularly pressing issue given the advances in generative AI and the unauthorized uses of individuals' personal and biometric data. This Article revisits the privacy tort of appropriation of likeness and argues that when data are conceptualized as likeness, this tort offers a unique opportunity to protect against the unauthorized collection and use of personal data. Grounding its argument in the historical evolution of the tort of appropriation, this Article contends that an individual's personal data are an aspect of a person's unique digital identity, mostly used by third parties in a data-driven world, which should be covered by this tort. Conceptualizing unauthorized personal data collection in this manner underscores the evolving nature of the common law of torts in recognizing new forms of harms. It offers a solution for the current gridlock on data protection measures and the unauthorized use of one's data in emerging generative AI technologies such as deep voice. Recent Supreme Court decisions have insisted that privacy victims must show some form of concrete harm to achieve constitutional standing. Accordingly, employing the privacy tort of appropriation of likeness and recognizing the concept of digital persona allow plaintiffs to establish standing by identifying a close historical or common law analogue for their asserted privacy injury. Lastly, similar to other privacy torts, this approach can survive First Amendment objections.

Published

2024

22. THE LEGAL IMPLICATIONS OF REMOTE EXAM PROCTORING: EXTENDING FEDERAL LAW TO PROTECT STUDENT PRIVACY.

Author

Griffey, Addie

Subjects

Privacy, Right of -- Laws, regulations and rules -- Remedies, Searches and seizures -- Laws, regulations and rules, Students -- Laws, regulations and rules -- Safety and security measures, Data security -- Laws, regulations and rules, Electronic surveillance -- Laws, regulations and rules, Remote access (Computers) -- Laws, regulations and rules -- Safety and security measures, Remedies (Law) -- Laws, regulations and rules, Online education -- Laws, regulations and rules, Government regulation, Remote access technology, Biometric technology, Data security issue, Family Educational Rights and Privacy Act of 1974, United States Constitution (U.S. Const. amend. 4)

Abstract

CONTENTS INTRODUCTION 792 I. REMOTE EXAM PROCTORING AND ITS CONSEQUENCES 793 A. Privacy-Related Concerns Related to Remote Proctoring 795 Software 1. Unreasonable Search 795 2. Data Security and Data Misuse [...]

Published

2024

23. SECURITY AS A SUPERSTITION: The Constitution as a Potential Ritual.

Author

Edwards, Nina-Simone

Subjects

Privacy, Right of -- Laws, regulations and rules, Searches and seizures -- Laws, regulations and rules, Data security -- Laws, regulations and rules, Evidence (Law) -- Laws, regulations and rules, Freedom of expression -- Laws, regulations and rules, Right to trial by jury -- Laws, regulations and rules, Government regulation, Data security issue, United States Constitution (U.S. Const. amend. 1) (U.S. Const. amend. 4-5)

Abstract

Security is mostly a superstition. It does not exist in nature, nor do the children of men as a whole experience it.--Helen Keller, The Open Door (1957). Privacy, as a [...]

Published

2024

24. Synthetic Data: Legal Implications of the Data-Generation Revolution.

Author

Gat, Michal S. and Lynskey, Orla

Subjects

Privacy, Right of -- Laws, regulations and rules, Artificial intelligence -- Usage -- Laws, regulations and rules, Data security -- Laws, regulations and rules, Consumer protection -- Laws, regulations and rules, Disclosure of information -- Laws, regulations and rules, Data entry -- Laws, regulations and rules, Machine learning -- Usage -- Laws, regulations and rules, Algorithms -- Usage -- Laws, regulations and rules, Personal information -- Access control -- Laws, regulations and rules, Government regulation, Algorithm, Data security issue, Artificial intelligence

Abstract

Introduction I. Technological Background A. What Is Synthetic Data? B. Synthetic Data Generation 1. Generation Based on Transformations of Collected Data 2. Generation Methods Which Reduce the Need for Collected [...], A data-generation revolution is underway. Until recently, most of the data used for algorithmic decision-making was collected from events that took place in the physical world ("collected" data). Yet it is forecast that by 2024, sixty percent of data used to train artificial intelligence systems around the world will be synthetic (!). Synthetic data is artificially generated data that has analytical value. For some purposes, synthetic datasets can replace collected data by preserving or mimicking its properties. For others, synthetic data can complement collected data in ways which increase its accuracy or enhance privacy or security protections. The importance of this data revolution for our economies and societies cannot be overstated. It affects data access and data flows, potentially changing the competitive dynamics in markets where data cannot be easily collected and affecting decision-making in many spheres of our life. In many ways, synthetic data does to data what synthetic threads did to cotton. This data-generation revolution requires us to reevaluate and potentially restructure our legal data governance regime, which was designed with collected data in mind. As we show, synthetic data challenges the equilibrium erected by existing laws to ensure the protection of competing values, including data utility, privacy, security, and human rights. For instance, by revolutionizing data access, synthetic data challenges assumptions regarding the height of access barriers to data. As such, it may affect the need for and the application of antitrust and direct regulation to some firms whose comparative advantage is data-based. Even more importantly, by potentially making data about individuals more granular, and by increasing the accuracy and completeness of data used for decision-making about individuals, synthetic data also challenges the governance structures and basic principles underpinning current privacy laws. Indeed, many argue that synthetic data does not constitute personal data, and thus avoids the application of privacy laws. We challenge this claim. We also show that synthetic data exposes deep conceptual flaws in the data governance framework. It raises fundamental questions, such as whether data which is not linked to a person in the original dataset should still be treated as personal data, and how inferences based on collected data should be treated. We then reevaluate the justifications for legal requirements regarding data quality, such as data completeness and accuracy, as well as those relating to fair and informed decision-making, such as data transparency and explainability. The claim is often made that such obligations enhance social welfare. Yet, as we show, synthetic data changes the balance between the protected values, potentially leading to different optimal legal requirements in different contexts. For example, where synthetic data significantly increases consumer welfare, yet the underlying processes are not easily explained, requirements to look under the hood of datasets and provide a detailed explanation of what led to the decision might not always be welfare-maximizing. This Article seeks to bring state-of-the-art data generation methods into the legal debate and to propose legal reforms which capture the unique characteristics of synthetic data. While some of the challenges discussed here also arise with the use of collected data, synthetic data puts these challenges on steroids.

Published

2024

25. Gather around the table: Tabletop exercises help bank leaders prep for cybersecurity risks

Author

Garriott, Khalil

Subjects

Consumer preferences -- Laws, regulations and rules, Data security -- Laws, regulations and rules, Banking industry -- Laws, regulations and rules, Financial institutions -- Laws, regulations and rules, Internet -- Safety and security measures, Risk assessment -- Laws, regulations and rules, Cyberterrorism -- Laws, regulations and rules, Government regulation, Internet security, Company business management, Data security issue, Banking industry, Banking, finance and accounting industries, Business

Abstract

As technological benefits in banking evolve at a breakneck speed--far more customers prefer mobile banking than in-branch transactions, for example--myriad challenges have arisen in parallel. A top priority for financial [...]

Published

2024

26. Building a Practice at the Intersection of Blockchain and Law.

Author

Walker, Victoria

Subjects

Privacy, Right of -- Laws, regulations and rules, Going public (Securities) -- Laws, regulations and rules, Crypto-currencies -- Laws, regulations and rules -- Safety and security measures, Data security -- Laws, regulations and rules, Attorneys -- Specialties and specialists, Contracts -- Laws, regulations and rules -- Safety and security measures -- Innovations, Government regulation, Company public offering, Company business management, Data security issue

Abstract

Like many attorneys, I consider myself a lifelong learner, and I embrace opportunities to learn something new. So, in 2017, I noticed that "bitcoin," "initial coin offering (ICO)," and "cryptocurrency" [...]

Published

2024

27. SURVEILLANCE CLASS ACTIONS: RECONSTRUCTING A FEDERAL DATA PRIVACY PRIVATE RIGHT OF ACTION.

Author

Shaikh, Nabil

Subjects

Privacy, Right of -- Laws, regulations and rules, Personal injuries -- Remedies -- Laws, regulations and rules, Exceptions (Law) -- Laws, regulations and rules, Data security -- Laws, regulations and rules, Consent (Law) -- Laws, regulations and rules, Electronic surveillance -- Laws, regulations and rules -- Forecasts and trends, Class actions (Civil procedure) -- Laws, regulations and rules, Damages -- Laws, regulations and rules, Standing (Law) -- Laws, regulations and rules, Right of action -- Laws, regulations and rules, Comcast Corp. v. Behrend (133 S. Ct. 1426 (2013)), TransUnion L.L.C. v. Ramirez (141 S. Ct. 2190 (2021)), Government regulation, Data security issue, Market trend/market analysis, Federal Rules of Civil Procedure (Fed. R. Civ. P. 23(b)(3)), United States Constitution (U.S. Const. art. 3)

Abstract

INTRODUCTION 866 I. REMEDYING STATUTORY SURVEILLANCE HARMS 868 A. The Problem of Private Digital Surveillance 870 B. The RegulatoryApproach 873 C. The Litigation Approach 875 II. PROCEDURAL PROBLEMS WITH SURVEILLANCE [...], Class actions against online platforms alleging improper data collection and sharing practices have increased dramatically in recent years. In 2022, the Federal Trade Commission solicited public comment on governing these practices, which it termed "commercial surveillance," through rulemaking. This Comment highlights the rise of private commercial surveillance and how both regulation and litigation have been employed to address ensuing harms. This Comment then discusses procedural barriers to these class actions, particularly Rule 23(b)(3)'s predominance requirement and Article III standing, and how some courts have relied on the U.S. Supreme Court's decisions in Comcast v. Behrend and TransUnion v. Ramirez to heighten those barriers. Finally, this Comment makes several substantive recommendations for a federal privacy law that might overcome these procedural barriers, give effect to a private right of action, and complement regulatoryauthority.

Published

2024

28. DATA SHARING AGREEMENTS: CONTRACTING PERSONAL INFORMATION IN THE DIGITAL AGE

Author

Krebs, Shiri and Moses, Lyria Bennett

Subjects

Government regulation, Contract agreement, Data security issue, Right of property -- Laws, regulations and rules, Privacy, Right of -- Laws, regulations and rules, File sharing -- Laws, regulations and rules -- Contracts, Data security -- Laws, regulations and rules, Disclosure of information -- Laws, regulations and rules, Fiduciary duties -- Laws, regulations and rules, Personal information -- Laws, regulations and rules -- Access control, Law reform -- Evaluation, Contracts -- Laws, regulations and rules -- Interpretation and construction, Trusts and trustees -- Laws, regulations and rules, Australia. Privacy Act 1988

Abstract

Voluminous information about individuals is being shared every day and everywhere. Streamlining data sharing activities effectively allows public and private entities to use information for policy advancement, knowledge creation and business growth. At the same time, such sharing of personal information also risks harming individuals' privacy and autonomy. How are data sharing activities governed in Australia? What are the main problems with the existing legal framework? This article explores three ways in which the interests of individuals whose data is being shared may be better protected. These are (a) improvements in data privacy and data sharing legislation, (b) adapting private law frameworks to create more protective structures (as in the notion of 'data trusts' and 'information fiduciaries') and (c) enhancing data governance through better contracts, including model data sharing agreement templates. We conclude that while law reform may be desirable, particularly along the lines of the first possibility, organisations that truly 'care about privacy' can act now to improve their data sharing practices through better data sharing agreements and the data culture that they cultivate. The Australian Office of the National Data Commissioner can lead the way with a restructured and reimagined data sharing model agreement., CONTENTS I Introduction 96 II Governing Data Sharing through Regulation 103 A The Australian Legal Approach to Regulating Data Sharing 103 Activities: Streamlining Data Flows 1 Data Sharing Framework 105 [...]

Published

2024

29. The parental consent gap in the protection of adolescents' personal data under the General Data Protection Act (LGPD)/ A lacuna do consentimento parental para a protecao de dados pessoais de adolescentes a partir da Lei Geral de Protecao de Dados Pessoais (LGPD)

Author

da Silva, Alice Rocha and dos Santos, Camila Bernardes Aniceto de Sousa

Published

2024

30. COMPETITION LAW AND DATA PROTECTION: THE INTERSECTION IN THE DIGITAL ECONOMY/O DIREITO CONCORRENCIAL E A PROTECAO DE DADOS: A INTERSECAO NA ECONOMIA DIGITAL

Author

Pereira, Maria Marconiete Fernandes and de Moura, Caroline Albuquerque Gadelha

Published

2024

31. FACING UP TO INTERNET GIANTS.

Author

Dothan, Shai

Subjects

European Union. Court of Justice of the European Union -- Powers and duties, European Court of Human Rights -- Powers and duties, Privacy, Right of -- Laws, regulations and rules, Data security -- Laws, regulations and rules, Harm principle (Ethics) -- Analysis, Online services -- Laws, regulations and rules, Social media -- Laws, regulations and rules, Human rights -- Laws, regulations and rules, Content provider -- Laws, regulations and rules, Truthfulness and falsehood -- Laws, regulations and rules, Personal information -- Access control -- Laws, regulations and rules, Interest (Law) -- Laws, regulations and rules, Government regulation, Cable television/data services, Online services, Content provider, Content delivery service, Data security issue

Abstract

I. INTRODUCTION 176 II. DIFFUSE AND 178 CONCENTRATED INTERESTS III. THE ROLE OF COURTS 182 IN PROTECTING DIFFUSE INTERESTS A. Courts as Fixing 182 Democratic Failures B. Courts as Initiating [...], Mancur Olson claimed that concentrated interests win against diffuse interests even in advanced democracies. Multinational companies, for example, work well in unison to suit their interests. The rest of the public is not motivated or informed enough to resist them. In contrast, other scholars argued that diffuse interests may be able to fight back, but only when certain conditions prevail. One of the conditions for the success of diffuse interests is the intervention of national and international courts. Courts are able to fix problems affecting diffuse interests. Courts can also indirectly empower diffuse interests by initiating deliberation to inform the public. This paper investigates the jurisprudence of the European Court of Human Rights and the Court of Justice of the European Union. It argues that these international courts help consumers, a diffuse interest group, succeed in their struggle against internet companies, a concentrated interest group.

Published

2024

32. A Tragedy in Three Acts: Discrimination, Retaliation, and FERPA.

Author

Ferguson, Jackson L.

Subjects

Privacy, Right of -- Laws, regulations and rules, Data security -- Laws, regulations and rules, Student records -- Laws, regulations and rules, Employment discrimination -- Laws, regulations and rules, Sex discrimination -- Laws, regulations and rules, Ferry v. Board of Education (641 S.W.3d 203 (Mo. 2022)), Government regulation, Data security issue, Family Educational Rights and Privacy Act of 1974

Abstract

I. INTRODUCTION As humanity has entered the digital age, we have come to possess incomprehensible amounts of recorded information--by some estimates, 295,000,000,000 gigabytes. (1) With such an abundance of information [...]

Published

2024

33. Data Localization: From China and Beyond.

Author

Lu, Wenxi

Subjects

Transborder data flow -- Laws, regulations and rules, Privacy, Right of -- Laws, regulations and rules, National security -- Laws, regulations and rules, Data security -- Laws, regulations and rules, Sovereignty -- Laws, regulations and rules, Human rights -- Laws, regulations and rules, Data entry -- Laws, regulations and rules, Personal information -- Access control -- Laws, regulations and rules, Jurisdiction (International law) -- Laws, regulations and rules, Government regulation, Data security issue, China. Personal Information Protection Law 2020

Abstract

I. INTRODUCTION In October 2021, LinkedIn announced that it had to exit the Chinese market because it had faced "a significantly more challenging operating environment and greater compliance requirements." (1) [...]

Published

2024

34. ANALYSIS OF GLOBAL DATA PRIVACY REGULATIONS AND HOW TRANSNATIONAL COMPANIES ARE IMPACTED.

Author

Fujimori-Smith, Aska

Subjects

Privacy, Right of -- Laws, regulations and rules, Conflict of laws -- Laws, regulations and rules, Data security -- Laws, regulations and rules, Data entry -- Laws, regulations and rules, Foreign corporations -- Laws, regulations and rules, Government regulation, Data security issue

Abstract

CONTENTS I. INTRODUCTION II. HISTORICAL OVERVIEW OF CONSUMER DATA PRIVACY III. OVERVIEW OF GDPR, CCPA & CPRA, AND THE PDPA IV. ANALYSIS REGARDING ENSURING COMPLIANCE WITH ALL REGULATIONS V. POTENTIAL [...], Privacy regulations are being developed and altered globally. An American company working transnationally will want to make sure to comply with the privacy regulations of each country in which the company either conducts business or otherwise utilizes that country's citizens' data. Currently, the GDPR has the strictest standards regarding data processing agreements between a primary organization and another data processor. While the CCPA/CPRA and the PDPA require DPAs, a company in compliance with the GDPR will likely comply with the CCPA/CPRA and the PDPA. Case law is evolving to address the extent of the reach of the extraterritorial legislation. However, if a company is engaged in extensive data collection, then the company should ensure compliance with all relevant privacy regulations. As new legislative responses emerge worldwide, it is crucial for companies engaged in international business transactions to ensure compliance with the different standards of that extraterritorial legislation.

Published

2024

35. A Global Crypto Code of Conduct: Crafting an Internationally Centralized Regulatory Body for a Decentralized Asset.

Author

Kavaloski, Mary

Subjects

Privacy, Right of -- Laws, regulations and rules, International cooperation -- Laws, regulations and rules, Data security -- Laws, regulations and rules, Crypto-currencies -- Laws, regulations and rules -- Safety and security measures, Harmonization of laws -- Evaluation, Banking industry -- Laws, regulations and rules, Public-private sector cooperation -- Laws, regulations and rules, Computer crimes -- Laws, regulations and rules -- Prevention, Government regulation, Data security issue, Banking industry, Computer crime

Abstract

TABLE OF CONTENTS I. INTRODUCTION 302 II. CRYPTOCURRENCY'S REVOLUTIONARY BEGINNINGS 307 A. How It Works 307 B. How It Became Popular 310 C. How It Has Garnered Government Attention 312 [...], The advent of Bitcoin in 2009 presented a previously unfathomable possibility for the future of currency and monetary transactions. Now, cryptocurrency is ubiquitous; it is increasingly seizing media headlines, novel swathes of investors, institutional bank involvement, and most importantly of all, the attention of government regulators. Yet governments around the globe have failed to adequately keep up with the pace of cryptocurrency's evolution, particularly because of their lack of expertise in this unprecedented area. This Note discusses how cryptocurrency's truly global footprint warrants a partnership between national regulators and industry actors at the international level. Specifically, by exploring the approaches of Japan, China, the United States, and the European Union against the functions and purpose of the international financial regulatory system, this Note argues that the current approaches to global crypto regulation have overly prioritized crypto's effects on traditional financial markets while overlooking the unique role crypto exchanges can play. A common goal towards establishing a meaningful framework grounded in investor protection, reliability, and innovation has thereby been undermined, despite the alignment between the international monetary system's strengths and its capacity to create a global crypto framework. This Note proposes the creation of a specialized cryptocurrency group based on, or molded into, the successful Basel Committee on Banking Supervision, to show how a newly formed partnership between regulators and exchange leaders can establish the future of a sustainable cryptocurrency ecosystem.

Published

2024

36. Addressing Unlawful Cyber Operations in Armed Conflict Through Human Rights Bodies Instead of the International Criminal Court.

Author

Orr, Zachary R.

Subjects

International Criminal Court -- Powers and duties, Right to life -- Laws, regulations and rules, Data security -- Laws, regulations and rules, War (International law) -- Laws, regulations and rules, Computer crimes -- Laws, regulations and rules, Electronic evidence -- Laws, regulations and rules, War crimes -- Laws, regulations and rules, Government regulation, Data security issue, Computer crime, United Nations International Criminal Court Establishment Statute, 1998

Abstract

TABLE OF CONTENTS I. CYBER THREATS TO CIVILIANS IN ARMED CONFLICT 361 II. OLD LAW, NEW WEAPON 364 A. Offensive Cyber Operations in Armed Conflict 365 B. International Humanitarian Law, [...], Russia's use of offensive cyber operations to further its illegal war against Ukraine has prompted calls for a response to these cyber operations from the International Criminal Court. However, the International Criminal Court is an inadequate forum for adjudicating cyber conduct in armed conflict because cyber operations fit awkwardly into the traditional war crimes legal framework. Furthermore, the Rome Statute's strict substantive and procedural features provide strict limitations on the kinds of cyber conduct that might constitute a war crime against which the Prosecutor of the International Criminal Court could bring an effective case. Because most cyber conduct does not produce kinetic effects, the established framework of international humanitarian law that the Rome Statute reflects does not comprehensively regulate the unique domain in which cyber operations occur. This Note argues that observers have overlooked a more promising way of addressing illegal cyber operations in armed conflict: the right to life under international human rights law. As a more malleable body of law that mutually reinforces international humanitarian law, human rights law--and the right to life, in particular--can capture more cyber conduct and hold armed actors accountable for their harmful effects on civilians. Addressing cyber operations through human rights law will also accelerate the development of the law governing cyber operations and encourage a more interdisciplinary approach to evaluating how the cyber domain is governed by complementary fields of international law.

Published

2024

37. Vehicle Data Forensics and Legal Considerations.

Author

Williams, James T.

Subjects

Privacy, Right of -- Laws, regulations and rules, Data security -- Laws, regulations and rules, Evidence, Criminal -- Laws, regulations and rules -- Access control, Vehicular homicide -- Investigations -- Evidence -- Laws, regulations and rules, Public prosecutors -- Powers and duties, Searches and seizures, Automobile -- Laws, regulations and rules, Forensic sciences -- Usage -- Laws, regulations and rules, Probable cause -- Laws, regulations and rules, Electronic evidence -- Access control -- Laws, regulations and rules, Company legal issue, Government regulation, Data security issue, United States Constitution (U.S. Const. amend. 4)

Abstract

This article was originally published in the National Traffic Law Center's Between the Lines newsletter in October 2023 under NHTSA cooperative agreement 693JJ91950010. It is reprinted here with the permission [...]

Published

2024

38. CONFLICTS OF LAW AND THE ABORTION WAR BETWEEN THE STATES.

Author

Berman, Paul Schiff, Goldstein, Roey, and Leff, Sophie

Subjects

Privacy, Right of -- Laws, regulations and rules, Conflict of laws -- Laws, regulations and rules, Data security -- Laws, regulations and rules, Equality before the law -- Laws, regulations and rules, Exclusive and concurrent legislative powers -- Laws, regulations and rules, Personal jurisdiction -- Laws, regulations and rules, Abortion -- Laws, regulations and rules, Freedom of movement -- Laws, regulations and rules, Freedom of religion -- Laws, regulations and rules, Interstate commerce -- Laws, regulations and rules, Government regulation, Data security issue, Emergency Medical Treatment and Active Labor Act of 1985, Employee Retirement Income Security Act of 1974, United States Constitution (U.S. Const. art. 1, s. 8, cl. 3) (U.S. Const. art. 4, s. 2, cl. 1) (U.S. Const. amend. 1)

Abstract

INTRODUCTION 401 I. THE NEW ABORTION LEGAL LANDSCAPE 406 A. The Anti-Abortion States 407 B. The Pro-Access States 412 C. Practical Impacts 413 II. CONSTITUTIONAL RESTRICTIONS ON EXTRATERRITORIAL ABORTION 416 [...], On the subject of abortion, the so-called "United" States of America are becoming more disunited than ever. The U.S. Supreme Court's precipitous decision in Dobbs v. Jackson Women's Health Organization overturned the nationwide framework for abortion rights that had uneasily governed the country for fifty years. In the immediate aftermath of that decision, it is becoming increasingly clear that states governed by Republicans and those governed by Democrats are moving quickly and decisively in opposite directions. Since the U.S. Supreme Court issued its decision, at least nineteen states have increased restrictions on abortion access, while at least twenty states and the District of Columbia have adopted new legal regimes focused on protecting the right to an abortion. These partisan and geographic divides create perhaps the biggest set of nationwide conflicts of law problems since the era of the Fugitive Slave Act before the Civil War. Indeed, practically every aspect of the new abortion legal landscape is now characterized by uncertainty, creating potential constitutional and federal preemption questions, state versus state conflicts of law issues, and new concerns based on various forms of private regulation related to abortion access. This Article seeks to provide a comprehensive survey of the current state of the law with regard to how such conflicts of law questions might be resolved in the abortion context. Part I surveys the widely divergent state laws being debated or enacted in the country in the wake of Dobbs. Part II discusses potential constitutional challenges to the extraterritorial application of these abortion statutes. If statutes criminalize or impose civil liability on the actual pregnant person seeking the abortion, such statutes might be challenged under the Privileges and Immunities Clause of Article IV specifically, or as a violation of the constitutional right to travel more generally. Alternatively, if statutes seek to impose criminal or civil penalties on out-of-state healthcare providers or other actors, those statutes may be vulnerable to a challenge under the Commerce Clause of Article I, Section 8. Part III turns to potential federal preemption of state anti-abortion laws under the Food, Drug, and Cosmetics Act or the Emergency Medical Treatment and Active Labor Act. Part IV addresses the question of whether states can impose civil liability on out-of-state acts or actors--even beyond the right to travel and Commerce Clause concerns--focusing on the classic conflicts of law doctrines of jurisdiction, choice of law, and judgment recognition. Finally, Part V considers the activities of private actors as sources of regulatory authority that create conflicts questions. We discuss the degree to which a state may prevent employers from covering abortion-related expenses as part of their health insurance plans, the privacy concerns that arise when private actors collect data that might be used in criminal prosecutions or civil suits regarding abortions, and the possibility that private religious groups might invoke the First Amendment to claim exemptions from state anti-abortion laws.

Published

2024

39. SETTING THE FRAMEWORK FOR ACCOUNTABILITY FOR ALGORITHMIC DISCRIMINATION AT WORK.

Author

Blackham, Alysia

Subjects

Privacy, Right of -- Laws, regulations and rules, Data security -- Laws, regulations and rules, Employment discrimination -- Laws, regulations and rules, Decision support systems -- Laws, regulations and rules, Human rights -- Laws, regulations and rules, Equality before the law -- Laws, regulations and rules, Government regulation, Data security issue, Decision support software, Australia. Fair Work Act 2009

Abstract

I Introduction II Algorithms, Discrimination and the Workplace III Towards a Framework for Accountability A Privacy Law and Data Protection B Limits of Privacy Law C Third-Party and Accessorial Liability [...], Algorithmic discrimination represents a growing challenge for equality law. While the elimination of discrimination in employment and occupation is a fundamental obligation of International Labour Organization members, Australian equality law remains ill-adapted to respond to emerging risks. This article argues that the automated application of machine learning algorithms presents five critical challenges to equality law related to the scale of data used; their speed and scale of application; lack of transparency; growth in employer control; and the complex supply chain associated with digital technologies. Considering principles from privacy and data protection law, third-party and accessorial liability, and collective solutions, this article puts forward reforms and suggestions to better set the framework for accountability for algorithmic discrimination in the workplace.

Published

2023

40. Mass Surveillance Is Dangerous for American Communities: Reforming the Section 702 Spying Regime.

Author

Toomey, Patrick and Robinson, Sara

Subjects

Privacy, Right of -- Laws, regulations and rules, Searches and seizures -- Laws, regulations and rules -- Remedies, Administrative agencies -- Powers and duties -- Ethical aspects, Intelligence gathering -- Laws, regulations and rules -- Ethical aspects, Marginality, Social -- Laws, regulations and rules, Data security -- Laws, regulations and rules, Electronic surveillance -- Laws, regulations and rules -- Remedies, Law reform -- Evaluation, Government regulation, Data security issue, Foreign Intelligence Surveillance Act of 1978 (50 U.S.C. 702), United States Constitution (U.S. Const. amend. 4)

Abstract

Warrantless surveillance of Americans is once again in the public eye, at a moment when its impact on communities of color, immigrants, and protesters has become increasingly clear. On April [...]

Published

2024

41. Are Geofence Warrants Headed for Extinction?

Author

Elm, Donna Lee

Subjects

Sensorvault (Database) -- Access control -- Evidence -- Laws, regulations and rules, U.S. Capitol Insurrection, 2021 -- Evidence -- Remedies -- Laws, regulations and rules, Privacy, Right of -- Laws, regulations and rules, Good faith (Law) -- Laws, regulations and rules, Exceptions (Law) -- Laws, regulations and rules, Overbreadth doctrine (Law) -- Analysis, Data security -- Laws, regulations and rules, Warrants (Law) -- Laws, regulations and rules, Abortion services -- Records and correspondence -- Evidence -- Laws, regulations and rules, Location-based systems -- Access control -- Evidence -- Laws, regulations and rules, Carpenter v. United States (138 S. Ct. 2206 (2018)), United States v. Rhine (No. 1:21-CR-687 (D.D.C. Jan. 24, 2023)), United States v. Chatrie (No. 3:19-CR-130 (E.D.Va. Mar. 3, 2022)), Google L.L.C. -- Records and correspondence -- Evidence -- Laws, regulations and rules, Government regulation, Data security issue, United States Constitution (U.S. Const. amend. 4)

Abstract

Geofence arrants have become an investigation tool of choice after law enforcement discovered that Google had been maintaining its Sensorvault, a treasure trove collecting over a decade of highly precise [...]

Published

2024

42. X's privacy dilemma: When blocking is not really blocking anymore

Subjects

Privacy, Right of -- Laws, regulations and rules, Data security -- Laws, regulations and rules, Privacy -- Laws, regulations and rules, Government regulation, Data security issue, Privacy issue, Law

Abstract

Byline: Neeraj Dubey, Pushpit Singh X risks violating several provisions of the DPDP Act, including requirements related to informed consent, unauthorised access and data breach protection. With social media constantly [...]

Published

2024

43. A New Rule Will Force Banks to Protect Your Data

Subjects

Banks (Finance) -- Laws, regulations and rules, Data security -- Laws, regulations and rules, Privacy -- Laws, regulations and rules, Marketing research -- Laws, regulations and rules, Government regulation, Data security issue, Privacy issue, General interest

Abstract

If a government watchdog has its way, it may be easier to fire your (https://www.kiplinger.com/personal-finance/banking/6048331/best-national-banks) bank in the coming years. The (https://www.consumerfinance.gov/about-us/newsroom/cfpb-finalizes-personal-financial-data-rights-rule-to-boost-competition-protect-privacy-and-give-families-more-choice-in-financial-services/) Personal Financial Data Rights rule will improve consumer [...]

Published

2024

44. Meta fines for storing user passwords in plaintext instead of encrypting them

Subjects

Privacy, Right of -- Laws, regulations and rules, Data security -- Laws, regulations and rules, Privacy -- Laws, regulations and rules, Government regulation, Data security issue, Privacy issue, Mass communications, Instagram (Online service), Facebook (Online social network)

Abstract

The fine was imposed under the General Data Protection Regulations (GDPR) due to an incident in 2019 where the company stored some user passwords in plaintext, making them easily readable, [...]

Published

2024

45. Privacy the path to profits, firm says; Transparency about data can be an edge

Author

Boigon, Molly

Subjects

Consent (Law) -- Laws, regulations and rules, Automobile industry -- Information management -- Safety and security measures -- Customer relations, Data security -- Laws, regulations and rules, Privacy -- Laws, regulations and rules, Personal information -- Laws, regulations and rules -- Access control, Government regulation, Company systems management, Data security issue, Automobile Industry, Privacy issue, Automobile industry, Business

Abstract

Byline: Molly Boigon Automakers must seek tangible, clear consent before collecting consumer data and must carefully consider cybersecurity, according to AutoMobility Advisors, a consulting firm. Its guidance represents a voice [...]

Published

2024

46. SUPERPOWERS WITH VILLAINOUS OBJECTIVES: HOW THE EXECUTIVE BRANCH'S IMMIGRATION ENFORCEMENT 'POWERS' UTILIZE TECHNOLOGY TO VIOLATE NONCITIZENS' PRIVACY.

Author

Edwards, Nina-Simone

Subjects

Privacy, Right of -- Laws, regulations and rules, Data security -- Laws, regulations and rules, Emigration and immigration law -- Evaluation, Executive power -- Laws, regulations and rules, Data entry -- Laws, regulations and rules, Government regulation, Data security issue, United States Constitution (U.S. Const. amend. 4)

Abstract

TABLE OF CONTENTS INTRODUCTION 233 I. EXECUTIVE BRANCH POWERS 235 A. The Many "Powers" of the Executive Branch 235 B. The Executive Branch "Powers" Often Utilize Technology 237 In Pursuit [...], The United States border, for noncitizens, has a unique quality to it. Each time a noncitizen crosses that border, they are no longer private individuals. They can no longer choose to give up their information--instead, there is a forced exchange: data for entry. Who they are, what they are, and everything that connects them to the world is given up in exchange for a new life in a new land. Once the border is crossed, noncitizens no longer have the privacy that they may have known before. This Note first builds on scholarship theorizing that noncitizens do have a right to privacy. Whenever anyone is forced to give up information about themselves, their privacy is violated, and noncitizens are no exception to this rule. Unfortunately, this right is often disrupted by one of three powerful branches of the United States government: the Executive Branch. The Executive Branch has statutory and constitutional immigration authority, as well as Executive Departments that influence immigration policy daily-all of which comprise what this Note calls "powers." While previous scholarship has focused on the President's immigration authority, this Note proposes that the Executive Branch uses its "powers " to not only impact immigration policy but also the individual privacy of noncitizens. As technology continues to advance, the Executive Branch increasingly wields its "powers," in conjunction with different technological systems and databases, in ways that threaten the privacy of every noncitizen who dares to cross the border.

Published

2024

47. ARE TRADE SECRET PROTECTIONS IN GOVERNMENT CONTRACTS ADEQUATE? AN ANALYSIS OF FOIA EXEMPTION 4 AND DATA RIGHTS.

Author

Klugman, Ema

Subjects

Exemption (Law) -- Laws, regulations and rules, Government contractors -- Laws, regulations and rules -- Intellectual property, Data security -- Laws, regulations and rules, Freedom of information -- Laws, regulations and rules, Trade secrets -- Laws, regulations and rules, Government purchasing -- Laws, regulations and rules, Government regulation, Data security issue, Freedom of Information Act

Abstract

TABLE OF CONTENTS I. Introduction 461 II. Background 463 A. Trade Secret Protections Generally: What Is a Trade Secret, Anyway? 463 B. Overview of Trade Secret Protections Currently Available to [...], When a company enters into a contract with the federal government, it often faces a considerable risk: the risk that its trade secrets may be exposed and misappropriated, first by the government, and then by its competitors. Although government contractors have several tools that they can use to protect their trade secrets in the procurement context, including data rights, Freedom of Information Act (FOIA) Exemption 4, and other precautionary measures, the balance of risk still tends to tip against even the most diligent and well-counseled contractor. This Note outlines the various ways that trade secret issues arise in government contracts, identifies avenues for relief for contractors, and argues that the lack of trade secret protection in the procurement context may chill companies from contracting with the government at all. Finally, this Note proposes that the government should implement better trade secret protections, including amending FOIA Exemption 4, adding an additional data rights provision in the Federal Acquisition Regulation (FAR) and Defense Federal Acquisition Regulation Supplement (DFARS), and/or expanding the use of Other Transactions Agreements (OTAs) to assure contractors that their intellectual property is secure. Such reforms will offer contractors the type of flexibility that they enjoy in the private sector and thus incentivize them to transact with the federal government.

Published

2024

48. Crouching Tiger, Hidden Agenda? The Emergence of China in the Global Internet Standard-Setting Arena.

Author

Yoo, Christopher S. and Mueller, Alex

Subjects

Privacy, Right of -- Laws, regulations and rules, Data security -- Laws, regulations and rules, Electronic surveillance -- Laws, regulations and rules, Cyberlaw -- Evaluation, Internet access -- Laws, regulations and rules -- Standards -- Licensing, certification and accreditation, Transmission Control Protocol/Internet Protocol (Computer network protocol) -- Laws, regulations and rules -- Standards -- Safety and security measures, Government regulation, Internet access, TCP/IP, Data security issue

Abstract

TABLE OF CONTENTS I. INTRODUCTION 145 II. CHINA'S STANDARD-SETTING AMBITIONS: A BACKGROUNDER 150 A Condensed Overview of the Internet Standards 151 evelopment Landscape B International Standardization with Chinese Characteristics 155 [...]

Published

2024

49. Decriminalizing Trivial Computer Use: The Need to Narrow the Computer Fraud and Abuse Act (CFAA) After Van Buren.

Author

Soullier, Benjamin A.

Subjects

Privacy, Right of -- Laws, regulations and rules, Felonies -- Laws, regulations and rules, Automobile theft -- Laws, regulations and rules, Data security -- Laws, regulations and rules, Global Positioning System -- Laws, regulations and rules -- Usage, Computer crimes -- Laws, regulations and rules, Access control (Computers) -- Laws, regulations and rules -- Safety and security measures, Offenses against public safety -- Laws, regulations and rules, Van Buren v. United States (141 S. Ct. 1648 (2021)), Government regulation, Global Positioning System, Data security issue, Network access, Computer crime, Computer Fraud and Abuse Act of 1986 (18 U.S.C. 1030(a)(2)(C))

Abstract

TABLE OF CONTENTS I. INTRODUCTION 241 II. BACKGROUND 245 A. The CFAA and Subsequent Jurisprudence 245 B. Origins of the CFAA 246 C. Breaching Authorized Access Under [section] 1030(a)(2)(C) 247 [...]

Published

2024

50. From One Sector to Another: Applying a Proactive Framework to the FCC's Network Resiliency Efforts.

Author

Duwve, Benjamin

Subjects

Privacy, Right of -- Laws, regulations and rules, National security -- Laws, regulations and rules, Extreme weather -- Laws, regulations and rules, Data security -- Laws, regulations and rules, Communication -- Laws, regulations and rules -- Safety and security measures, Broadband transmission -- Laws, regulations and rules, Resilience (Personality trait) -- Laws, regulations and rules, Climatic changes -- Laws, regulations and rules -- Social aspects, Data entry -- Laws, regulations and rules, United States. Federal Communications Commission -- Powers and duties, Government regulation, Data security issue, Broadband Internet, Energy Policy Act of 2005

Abstract

TABLE OF CONTENTS I. INTRODUCTION 271 II. BACKGROUND 273 A. Extreme Weather Events Affect the United States' 273 Communications Network B. FCC's Past Work on Ensuring Network Resiliency 274 1. [...]

Published

2024