Issues

Privacy’s Constitutional Moment and the Limits of Data Protection

The United States Congress must decide whether to enact a national privacy law like Europe’s General Data Protection Regulation (GDPR). But GDPR-style rules fail to protect against many harms of data overuse.

Algorithmic Impact Assessments under the GDPR: Producing Multi-layered Explanations

The European Union's General Data Protection Direction (GDPR) addresses concerns with automated decision-making. Impact assessments support both individual privacy rights and oversight of the entire system.

Platforms, Power and the Antitrust Challenge: A Modest Proposal to Narrow the U.S.–Europe Divide

Tech platforms like Facebook and Google dominate the new economy. European Union (EU) authorities are more aggressive than those in the United States in using competition law against tech platforms.

Restricting Speech to Protect It

Attitudes to cyber harassment have changed. Lawmakers, law enforcement officers, and the public recognize that online stalking, threats, and “revenge porn” interferes with victim’s ability to speak and engage online.

Privacy, Algorithms, and Artificial Intelligence

Many economists assume that consumers understand how their data will be used and do not consider how one consumer’s decision to share data affects others. Some artificial intelligence (AI) systems seem to have learned discriminatory behavior, and simplistic models do not address this.

Sexual Privacy

Sexual privacy is based on social norms about access to information about the human body, gender identity, sexuality, and intimacy. Criminal and tort law do not fully address violations of sexual privacy. Digital technology magnifies the harm from violations of sexual privacy.

Deep Fakes: A Looming Challenge for Privacy, Democracy, and National Security

"Deep fake" technology makes it possible to create audio and video files of real people saying and doing things they never said or did. These technologies create policy and legal problems. Possible responses include technological solutions, criminal and civil liability, and regulation.

Transfer of EU Personal Data to U.S. Law Enforcement Authorities After the CLOUD Act: Is There a Conflict with the GDPR?

United States’ law requires firms to turn electronic evidence over to law enforcement even when the data is stored in another country. The law may conflict with European privacy law, which limits data transfers to foreign governments.

Born in the USA: The GDPR and the Case for Transatlantic Privacy Convergence

Europe’s General Data Protection Regulation (GDPR) imposes privacy rules that differ significantly from privacy policies in the United States. But the GDPR often draws on US sources, revealing that Europe and the US share privacy values.

Privacy and Security Across Borders

New rules in the United States, Europe, and Australia give law enforcement access to digital evidence even when the data is stored abroad. These rules may conflict.