Privacy

4 posts

The Internet of Things and Potential Remedies in Privacy Tort Law

By Alexander H. Tran

The Internet of Things (IoT) is an intriguing digital phenomenon in technology that creates many legal challenges as the world becomes more interconnected through the Internet. By creating a connected system, the IoT links a network of physical objects, like consumer devices, and enables these devices to communicate and exchange data. In the very near future, almost every consumer device, from cars to a coffee mug, may connect through the Internet. The IoT has incredible potential to better society by providing immense amounts of rich sensory data for analytics and other uses. Nevertheless, there are also many latent dangers that could manifest as the IoT proliferates, including privacy violations and security risks.

The legal scholarship surrounding privacy issues with respect to the IoT is currently underdeveloped. This Note adds to the discussion of privacy law by analyzing the legal repercussions of the IoT and its relationship to privacy tort law. It summarizes the foundations of privacy law and current regulations that apply to the IoT and concludes that current laws and regulations provide limited remedies for consumers harmed by the IoT. It then provides a potential solution by suggesting that two privacy torts, the public disclosure of private facts tort and the intrusion upon seclusion tort, can provide partial civil remedies for those consumers. Each of the two privacy torts has evolved in different ways since its creation, and this Note explores the advantages and disadvantages of both. Finally, this Note advocates for the expanded use and revitalization of these privacy torts through judicial application in IoT cases as a potential strategy for regulating the IoT.

Download Article

The Privacy Case for Body Cameras: The Need for a Privacy-Centric Approach to Body Camera Policymaking

By Ethan Thomas

Body-mounted cameras are being used by law enforcement with increasing frequency throughout the United States, with calls from government leaders and advocacy groups to further increase their integration with routine police practices. As the technology becomes more common in availability and use, however, concerns grow as to how more-frequent and more-personal video recording affects privacy interests, as well as how policies can both protect privacy and fulfill the promise of increased official oversight.

This Note advocates for a privacy-centric approach to body camera policymaking, positing that such a framework will best serve the public’s multifaceted privacy interests without compromising the ability of body cameras to monitor law-enforcement misconduct. Part I surveys the existing technology and commonplace views of privacy and accountability. Part II examines the unique privacy risks imposed by the technology as well as the countervailing potential for privacy enhancement, demonstrating the value of an approach oriented around privacy interests. Part III assesses how the failure to adopt this approach has resulted in storage policies for body camera footage that inhibit the technology’s ability to best serve the public and suggests that a privacy-centric perspective can lead to better policymaking. Finally, Part IV examines the flaws of prevailing views with respect to policies for accessing footage and discusses how a revised privacycentric perspective could lead to better policies.

Download Article

Bend and Snap: Adding Flexibility to the Carpenter Inquiry

By Sherwin Nam

The Supreme Court’s decision in Carpenter v. United States, which requires law enforcement to obtain warrants to access historical cell-site location information, raises new questions about the application of the Fourth Amendment to biometric technologies, such as facial recognition technology (FRT) and voice recognition technology (VRT). While “no single rubric definitively resolves which expectations of privacy are entitled to protection,” this Note seeks to demonstrate that current applications of the rubric offered in Carpenter — considering voluntariness, invasiveness, comprehensiveness, ease of data collection, and retrospectivity — are inadequately flexible. To safeguard the private and intimate details that ongoing “seismic shifts in digital technology” continue to reveal, the courts need a bolder, more robust framework for Fourth Amendment protection. Using FRT and VRT as illustrative examples, this Note argues that analyses of reasonable expectations of privacy involving biometric technologies should recognize the right to anonymity as an integral part of the Carpenter inquiry.

Download Article

Commercial Free Speech Constraints on Data Privacy Statutes After Sorrell v. IMS Health

By Bastian Shah

Collection and use of big data drive the modern information economy. While big data can produce valuable innovations, it also comes with perils for consumers. In particular, consumers have little ability to protect their privacy online and are unnerved by the hyper-targeted advertising to which they are subjected. In response to these concerns, American states have begun enacting general data privacy laws similar to those passed in Europe. At the same time, the United States Supreme Court has grown wary of laws attempting to restrict companies from distributing and using data for advertising purposes. For instance, in Sorrell v. IMS Health, the Court found that a Vermont statute aimed at preventing targeted advertising by pharmaceutical manufacturers violated the commercial free speech doctrine. Since Sorrell, the constitutionality of data privacy statutes has been ambiguous.

This Note argues that data privacy laws that empower consumers to meaningfully protect their privacy by opting out of unwanted data collection do not violate the commercial free speech doctrine. Part II defines data privacy and summarizes the objectives current data privacy laws seek to achieve. Part III analyzes commercial speech jurisprudence before and after Sorrell and discusses the effect of Sorrell on commercial free speech jurisprudence and data privacy law. Part IV argues that government interest in empowering consumers by giving them meaningful choices in their online privacy is important enough to survive scrutiny under the post-Sorrell commercial free speech paradigm.

Download Article