Mar 272013
 

I’ve written before about the balance privacy laws need to take with respect to the data aggregation made possible by the digital age. When it comes to data aggregated or accessed by the government, on that front law and policy should provide some firm checks to ensure that such aggregation or access does not violate people’s Fourth Amendment right “to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures.” Such limitations don’t forever hobble legitimate investigations of wrongdoing; they simply require adequate probable cause before the digital records of people’s lives be exposed to police scrutiny. You do not need to have something to hide in order not to want that.

But all too often when we demand that government better protect privacy it’s not because we want the government to; on the contrary, we want it to force private parties to. Which isn’t to say that there is no room for concern when private parties aggregate personal data. Such aggregations can easily be abused, either by private parties or by the government itself (which tends to have all too easy access to it). But as this recent article in the New York Times suggests, a better way to construct the regulation might be to focus less on how private parties collect the data and more on the subsequent access to and use of the data once collected, since that is generally from where any possible harm could flow. The problem with privacy regulation that is too heavy-handed in how it allows technology to interact with data is that these regulations can choke further innovation, often undesirably. As a potential example, although mere speculation, this article suggests that Google discontinued its support for its popular Google Reader product due to the burdens of compliance with myriad privacy regulations. Assuming this suspicion is true — but even if it’s not — while perhaps some of this regulation vindicates important policy values, it is fair to question whether it does so in a sufficiently nuanced way so that it doesn’t provide a disincentive for innovators to develop and support new products and technologies. If such regulation is having that chilling effect, we may reasonably want to question whether these enforcement mechanisms have gone too far.

Meanwhile public outcry has largely been ignoring much more obvious and dangerous incursions into their privacy rights done by government actors, a notable example of which will be discussed in the following post.

May 192012
 

There’s no discussing technology law without discussing how it implicates privacy.  But privacy is such a broad concept; to discuss it in any meaningful requires a definition with more detail.

I see there being (at least for purposes of the sort of discussion on this site) two main types privacy: privacy from the government, and privacy from other individuals.  And when it comes to regulating the intersection of privacy and technology, these two types of privacy require very different treatment. Continue reading »

Feb 182012
 

Last week’s links:

Jan 142012
 

Other recent items of interest…

First, catch-up:

Continue reading »

Jan 072012
 

Other interesting items from this past week (or so):

Jan 062012
 

Public photography is an issue that frequently appears on this site because it’s a real example of technology-enabled speech that all too often authorities try to prevent.  These attempts are often egregious and never balanced out by whatever policy reasons are ostensibly behind them.  But they are particularly odorous when these prohibitions are enforced on people using photography to record the power of the police.

What’s especially insidious is the logic so often used for it, that recording people acting in public — or, more specifically, agents of the state acting in public under the color of the authority granted by the state — might somehow violate a privacy interest. Continue reading »

Dec 312011
 

From this past week:

Continue reading »

Dec 242011
 

From EPIC.org:

EPIC has filed a Freedom of information Act lawsuit against the Department of Homeland Security to force disclosure of the details of the agency’s social network monitoring program. In news reports and a Federal Register notice, the DHS has stated that it will routinely monitor the public postings of users on Twitter and Facebook. The agency plans to create fictitious user accounts and scan posts of users for key terms. User data will be stored for five years and shared with other government agencies.The legal authority for the DHS program remains unclear. EPIC filed the lawsuit after the DHS failed to reply to an April 2011 FOIA request. For more information, see EPIC: Social Networking Privacy.

(h/t Pogo Was Right)

Dec 172011
 

Other items of interest this past week:

Dec 112011
 

During the 1987 Supreme Court confirmation hearings for Robert Bork a Washington newspaper published his video rental history, which it had obtained from his local store.  Fearing what their records, if published, would also disclose, Congress passed the Video Privacy Protection Act, forbidding disclosure of such records without the customer’s consent.

Since then, however, video rental stores have given way to online rental and streaming services, as well as changes in privacy norms associated with social media.  While in the 1980s it may not have dawned on anyone to publicly share what movies they watched with anyone, today some people like to make such information known via social media.  Online video services would like to easily let them, but their ability to do so may be limited by this law.  Consequently Netflix, a large online video service, has been lobbying to amend it.  The open question is whether that amendment updates the law sufficiently to empower users to share when and how they want to, or whether the amendment, as currently proposed, has the effect of decimating its basic privacy protections. Continue reading »