All Article Summaries

A duty of loyalty focusing on the relationships between data collectors and data subjects would reinvigorate American privacy law. The law should include a general duty not to act against users’ interests.

Data breaches are preventable, but data security law has failed to reduce data breaches. Policymakers should reform data security law to take a more holistic approach, reducing systemic risk.

Pandemic responses were hindered by lack of public trust in information technology. The public was reluctant to use contact tracing apps because of inadequate privacy protection.

Existing data protection rules are mostly procedural, focused on notice and consent. A “relational” privacy model would prohibit some data practices without considering consent.

People may be asked to consent to uses of facial recognition technologies, but do not understand the implications of these technologies for their own autonomy or for society as a whole, and cannot give valid consent.

The United States Congress must decide whether to enact a national privacy law like Europe’s General Data Protection Regulation (GDPR). But GDPR-style rules fail to protect against many harms of data overuse.

Generally, “public” information is not given privacy protection. Often, labelling information as “public” is used to justify surveillance and data collection. However, the term “public” is not clearly defined. Because it has important consequences, “public” information should be clearly defined.

The digital economy requires trust whenever personal information is shared with Internet Service Providers (ISPs), doctors, banks, search engines, and others. Current privacy regulations focus on consent or financial harm, and do not promote trust.

Everything from stuffed animal to toilets is now being connected to the Internet of Things (IoT). Connecting everyday objects to the Internet could be harmful. The objects or data collected by the objects could be hacked, and the software is subject to glitches.

Many people are concerned about surveillance but lack a coherent theory showing why it is harmful. This paper proposes that surveillance is threatening to us because we value obscurity. Modern surveillance law should recognize that it is reasonable to expect obscurity in public places.