Information fiduciaries have emerged as a major part of the discussion of privacy regulation. In a nutshell, the information fiduciaries approach aims to apply aspects of fiduciary law to the companies that collect and use our personal data. As one court explained the fiduciary relationship: “A fiduciary relationship is one founded on trust or confidence […]
Category: Privacy Regulation
Digital Dossiers and the Aggregation Effect
This year is the 20th anniversary of my first book, The Digital Person: Technology and Privacy In the Information Age (NYU Press 2004) (Amazon) (free digital copy on SSRN). I thought that it would be a great opportunity to engage in a reflection on some of the points I discussed in the book. Apologies for […]
My Forthcoming Book, ON PRIVACY AND TECHNOLOGY, Available for Pre-Order
I am excited to announce that my forthcoming book, ON PRIVACY AND TECHNOLOGY (Oxford University Press) is now available for pre-order. It will be in print in January 2025. From the book jacket: Succinct and eloquent, On Privacy and Technology is an essential primer on how to face the threats to privacy in today’s age of […]
U.S. State Privacy Laws – A Lack of Imagination
The U.S. lacks a federal comprehensive privacy law, but the states have sprung into action by passing broadly-applicable consumer privacy laws. Nearly 20 states have passed such laws – so about 40% of the states now have privacy laws. Are these laws any good? Short answer: No But I am glad they exist. Well, sort […]
The Great Scrape: The Clash Between Scraping and Privacy
I’m posting a new article draft with Professor Woodrow Hartzog (BU Law), The Great Scrape: The Clash Between Scraping and Privacy. We argue that “scraping” – the automated extraction of large amounts of data from the internet – is in fundamental tension with privacy. Scraping is generally anathema to the core principles of privacy that […]
Data Is What Data Does: Regulating Based on Harm and Risk Instead of Sensitive Data
I’m delighted to share the final published version of my article, Data Is What Data Does: Regulating Based on Harm and Risk Instead of Sensitive Data, 118 Nw. U. L. Rev. 1081 (2024). This article was selected for the Future of Privacy Forum’s Privacy Papers for Policymakers Award. The Award aims to “recognize leading U.S. and […]
First Amendment Expansionism and California’s Age-Appropriate Design Code
The recent district court decision in NetChoice v. Bonta (N.D. Cal., Sept. 18, 2023) holding that the California Age-Appropriate Design Code (CAADC) likely violates the First Amendment is a ridiculously expansive interpretation of the First Amendment, one that would annihilate most regulation if applied elsewhere. This decision is one of a new breed of opinions […]
Dataministeriet Podcast Interview About Privacy Law
I had a great discussion with Filip Johnssén about various privacy law issues on his podcast, Dataministeriet. It begins in Swedish, then turns to English after a brief introduction.
The Limitations of Privacy Rights
I have posted the final published version of my new article, The Limitations of Privacy Rights, 98 Notre Dame Law Review 975 (2023), on SSRN where it can be downloaded for free. The article critiques the effectiveness of individual privacy rights generally, as well as specific privacy rights such as the rights to information, access, […]