Difference between revisions of "Privacy Regulation"

From MgmtWiki
Jump to: navigation, search
(Context)
(Legal Definitions)
 
(12 intermediate revisions by the same user not shown)
Line 7: Line 7:
 
Governments typically respond to changes in their constituent's online [[Ecosystem]]s only when the pressure to change becomes unbearable.
 
Governments typically respond to changes in their constituent's online [[Ecosystem]]s only when the pressure to change becomes unbearable.
  
There are four entities that are in play here.
+
There are four [[Entity|entities]] that are in play here. In most legislation all of the [[Entity|entities]] beside the user are considered in one lump as [[Data Controller]]s.
#The [[user]] on a user device (aka a user agent).
+
#The [[user]] on a user device (aka a [[User Agent]]).
#The resource provider (aka a relying party.)
+
#The resource provider (aka a [[Relying Party]].)
 
#[[Identifier or Attribute Provider]]s.
 
#[[Identifier or Attribute Provider]]s.
 
#Data Harvester or Broker
 
#Data Harvester or Broker
Line 15: Line 15:
 
All of these have lobbyists working in the halls of government, but the ones that represent the [[User]] do not carry the same clout as those that represent the corporate interests. Also the lobbyist that claim to represent the user typically do not bother to ask the user what problems they actually would prefer to solve, but rather represent "issues", which may, or may not be actual [[User]] concerns.
 
All of these have lobbyists working in the halls of government, but the ones that represent the [[User]] do not carry the same clout as those that represent the corporate interests. Also the lobbyist that claim to represent the user typically do not bother to ask the user what problems they actually would prefer to solve, but rather represent "issues", which may, or may not be actual [[User]] concerns.
  
==Problems==
+
==Problems as Seen by the User==
  
 
Users have a variety of reasons not to let their personal information be broadly available, some of those are:
 
Users have a variety of reasons not to let their personal information be broadly available, some of those are:
Line 33: Line 33:
 
* You are a crook or deviant.
 
* You are a crook or deviant.
  
 
+
==Legal Definitions==
There are benefits:
+
The privacy law canon: What are the top 5 privacy law articles of the past generation? There’s been so much spectacular scholarship, and a sea change in law and policies, that it’s really difficult to select. And I apologize in advance for the many, many great contributions not listed here. All are worthy, but here are a few to start:
* The user experience is more personal and directed to your interests.
+
* Daniel Solove, A Taxonomy of Privacy (Penn. L. Rev. 2006). No scholar has been as prolific – and has left such a mark on privacy law and policy – as Dan. I chose his taxonomy, which categorizes privacy harms, since it set forth a common nomenclature for our field that everyone uses today. It begins with the immortal words, “Privacy is a concept in disarray. Nobody can articulate what it means.” Thanks to Dan, we understand it much better. https://lnkd.in/eQQwVX-X
* Lots of valuable content on the web is free.
+
* James Whitman, The Two Western Cultures of Privacy: Dignity Versus Liberty (Yale L. J. 2004). This iconic piece set the stage for the epic clashes between the EU and US privacy frameworks. In short, Whitman explains that while Americans view privacy as an aspect of liberty (typically vs. government overreach), Europeans consider it part of human dignity (often vs. commodification by corporations). https://lnkd.in/ea3fF2ip
 +
* Danielle Citron, Technological Due Process (Wash. U. L. Rev. 2008). Fifteen years ago, this piece presaged the emergence of AI law. It predicts the risks of algorithmic decision making and the “automated state” on individuals’ due process rights and to use Whitman’s categories – liberty *and* dignity. https://lnkd.in/ettkv_Aq
 +
* Joel Reidenberg, Privacy Wrongs in Search of Remedies (Hastings L. J. 2002). Reidenberg – who started writing about privacy and data protection in the mid 1990s – was incredibly prolific. I really like this article, since it cuts to the central challenge in US privacy law: articulating privacy harms and calibrating legal remedies. https://lnkd.in/emsRchrJ
 +
* Julie Cohen, Examined Lives: Informational Privacy and the Subject as Object (Stan. L. Rev. 2000). Julie Cohen is the preeminent legal philosopher of privacy. For me personally, her 2000 article in a Stanford Law Review symposium was one of the reasons I decided to enter privacy. In it, Cohen unpacks some of the colossal power structures that intersect in privacy law, including liberty, property, speech, economic efficiency and technology.  https://lnkd.in/eEwQvQfS
 +
* Paul Schwartz, Privacy and Democracy in Cyberspace (Vand. L. Rev. 1999). I know I said five…. But the privacy canon wouldn’t be what it is without Paul. This article charted a path for the next 20 years of scholarship on online privacy. https://lnkd.in/ewkBZxME
  
 
==Solutions==
 
==Solutions==
===These are the steps that should be considered now===
+
This page focuses on two jurisdictions which are currently active in creating [[Privacy Regulation]]. For more detail see the page on [[Privacy]].
# Newer browsers are more supportive of user privacy, but many of the most powerful features are off by default.
+
===European Union===
## Firefox released <ref>Brian X. Chen ''Firefox Is Back, With Improved Privacy Tools And Speed'' 2018-06-21 New York Times</ref> new privacy tools like a feature for block ad-trackers, a container for web sites like Facebook, no video auto-start, etc.
+
* See the page on [[GDPR]] which went into effect on 2018-06-24.
## Chrome and Microsoft Edge come with powerful cloud based site validation.
+
* The EU Data Protection Commissioners’ Opinion on data protection for Mobile Apps: http://ec.europa.eu/justice/data-protection/article-29/documentation/opinion-recommendation/files/2013/wp202_en.pdf
# It is possible (albeit challenging) to install browser extensions on desktop computers that improve privacy:
 
## Tunnel Bear and IPVN create a Virtual Private Network (VPN) to protect data in transit.
 
## Ghostery, Privacy Badger, AdBlock and others block ads and web trackers, some web sites will not work with these features fully enabled.
 
# Install two different browsers on your device and designate one of them for financial transactions with all security settings turned on.
 
#
 
#
 
 
 
===These are some of the steps under development===
 
  
# The [[GDPR]] is slowly going into effect starting on 2018-05-24. While this specifically targets EU residents, it is having world-wide effect.
+
===California===
# [[Consent Receipt]] spec has been released to developers.
+
* First-in-the-nation consumer privacy rights are the law of the land in California!<ref>CA Privacy Web Site https://www.caprivacy.org/</ref>
# [[California Consumer Privacy Act of 2018]] is now law and will take full effect in 2019.
+
* The California State Attorney General’s recommendations for mobile privacy: [http://oag.ca.gov/sites/all/files/pdfs/privacy/privacy_on_the_go.pdf Privacy on the Go: Recommendations for the Mobile Ecosystem]
#
+
===Washington===
#
+
The sticking point in Washington is the right of private action which was stripped from the California law to enable passage.
# DID, blockchain and a whole bunch of other blue sky musings.
+
* [https://www.jdsupra.com/legalnews/washington-privacy-act-passes-senate-7961122/ The Senate has passed a Privacy regulation for the third year in a row.]  2021-03
 +
* [https://iapp.org/news/a/the-washington-privacy-act-is-back/ The Washington Privacy Act is back] 2020-09
  
 
==References==
 
==References==

Latest revision as of 10:57, 13 May 2024

Full Title or Meme

A list of various ways in which Governments have responded to User's Privacy concerns.

Context

Governments typically respond to changes in their constituent's online Ecosystems only when the pressure to change becomes unbearable.

There are four entities that are in play here. In most legislation all of the entities beside the user are considered in one lump as Data Controllers.

  1. The user on a user device (aka a User Agent).
  2. The resource provider (aka a Relying Party.)
  3. Identifier or Attribute Providers.
  4. Data Harvester or Broker

All of these have lobbyists working in the halls of government, but the ones that represent the User do not carry the same clout as those that represent the corporate interests. Also the lobbyist that claim to represent the user typically do not bother to ask the user what problems they actually would prefer to solve, but rather represent "issues", which may, or may not be actual User concerns.

Problems as Seen by the User

Users have a variety of reasons not to let their personal information be broadly available, some of those are:

  • The right to the "let alone" based on a legal theory of Warren and Brandies.
    • Intimidation by people with evil intent (an active reason to be "let alone").
    • Government harassment (not always your own government), or worse.
    • Harassment by organizations what want to change the government, or worse.
    • Annoyance by trolls or advertisements by scammers looking profit by your vulnerability.
    • The easiest feature for any web site is allowing the user anytime access to remove themselves from any email.
    • The best feature for any web site is allowing the user anytime access to remove all record of them.
  • The use of personal data to "steal you identity"; often lumped with privacy, this is usually criminal larceny.
    • Loss of potential (or real) earnings or direct attack on funds on deposit.
    • Tracking on-line makes you feel weird (where there is not any direct personal loss).
    • Pretending to be you in order to cause you legal or social problems, possibly as a means of blackmail.
  • Embarrassment over one's past behavior or attributes (may also create direct personal loss).
  • Discrimination based on one's personal attributes, health history or behavior.
  • You are a crook or deviant.

Legal Definitions

The privacy law canon: What are the top 5 privacy law articles of the past generation? There’s been so much spectacular scholarship, and a sea change in law and policies, that it’s really difficult to select. And I apologize in advance for the many, many great contributions not listed here. All are worthy, but here are a few to start:

  • Daniel Solove, A Taxonomy of Privacy (Penn. L. Rev. 2006). No scholar has been as prolific – and has left such a mark on privacy law and policy – as Dan. I chose his taxonomy, which categorizes privacy harms, since it set forth a common nomenclature for our field that everyone uses today. It begins with the immortal words, “Privacy is a concept in disarray. Nobody can articulate what it means.” Thanks to Dan, we understand it much better. https://lnkd.in/eQQwVX-X
  • James Whitman, The Two Western Cultures of Privacy: Dignity Versus Liberty (Yale L. J. 2004). This iconic piece set the stage for the epic clashes between the EU and US privacy frameworks. In short, Whitman explains that while Americans view privacy as an aspect of liberty (typically vs. government overreach), Europeans consider it part of human dignity (often vs. commodification by corporations). https://lnkd.in/ea3fF2ip
  • Danielle Citron, Technological Due Process (Wash. U. L. Rev. 2008). Fifteen years ago, this piece presaged the emergence of AI law. It predicts the risks of algorithmic decision making and the “automated state” on individuals’ due process rights and – to use Whitman’s categories – liberty *and* dignity. https://lnkd.in/ettkv_Aq
  • Joel Reidenberg, Privacy Wrongs in Search of Remedies (Hastings L. J. 2002). Reidenberg – who started writing about privacy and data protection in the mid 1990s – was incredibly prolific. I really like this article, since it cuts to the central challenge in US privacy law: articulating privacy harms and calibrating legal remedies. https://lnkd.in/emsRchrJ
  • Julie Cohen, Examined Lives: Informational Privacy and the Subject as Object (Stan. L. Rev. 2000). Julie Cohen is the preeminent legal philosopher of privacy. For me personally, her 2000 article in a Stanford Law Review symposium was one of the reasons I decided to enter privacy. In it, Cohen unpacks some of the colossal power structures that intersect in privacy law, including liberty, property, speech, economic efficiency and technology. https://lnkd.in/eEwQvQfS
  • Paul Schwartz, Privacy and Democracy in Cyberspace (Vand. L. Rev. 1999). I know I said five…. But the privacy canon wouldn’t be what it is without Paul. This article charted a path for the next 20 years of scholarship on online privacy. https://lnkd.in/ewkBZxME

Solutions

This page focuses on two jurisdictions which are currently active in creating Privacy Regulation. For more detail see the page on Privacy.

European Union

California

Washington

The sticking point in Washington is the right of private action which was stripped from the California law to enable passage.

References

  1. CA Privacy Web Site https://www.caprivacy.org/
Retrieved from "http://tcwiki.azurewebsites.net/index.php?title=Privacy_Regulation&oldid=20786"