 |
Cybertelecom
Federal Internet Law & Policy An Educational Project |
|
Privacy Reference | |
|
|
Laws
- US Constitution, Bill of Rights
- First Amendment: Right of Association
- Third Amendment: Prohibits quartering soldiers in your home
- Fourth Amendment Search and Seizure
- Firth Amendment: Self Incrimination
- Ninth Amendment: Rights Retained by the People
- Bank Secrecy Act
- Can Spam Act
- Children's Online Privacy Protection Act
- Communications Act
- See Privacy > FCC
- CALEA 1994
- Cable Communications Policy Act of 1984
- Cable Television Consumer Protection and Competition Act of 1992
- Privacy Rights of Satellite Subscribers 47 U.S.C. § 338
- Customer Proprietary Network Information Section 222
- Junk Fax Prevention Act of 2003
- Telephone Consumer Protection Act
- Unauthorized Publication of Communications, Telecom Act Sec. 705
15 USC § 1681
12 USC
§ 3401
"To effectuate this purpose, Congress in the VPPA created a civil remedy against a "video tape service provider" for "knowingly disclos[ing], to any person, personally identifiable information concerning any consumer of such provider." 18 U.S.C. § 2710(b)(1).2 The statute defines the two terms at issue in this case as follows:
(1) the term "consumer" means any renter, purchaser, or subscriber of goods or services from a video tape service provider;
. . .
(3) the term "personally identifiable information" includes information which identifies a person as having requested or obtained specific video materials or services from a video tape service provider[.]
"Id. § 2710(a)(1), (3). " -- Yershov v. Gannett Satellite Information Network, Inc., No. 15-1719, Slip at 6 (1st Cir. April 29, 2016)
Common Law Tort
- Restatement (Second) of Torts § 652
- Intrusion Upon Seclusion
- Appropriation of Name or Likeness
- Publicity Given to Private Life
- False Light
Regulatory Proceedings
NTIA Information Privacy and Innovation in the Internet Economy Docket . Comments Due 45+Days after Fed Reg
Press Release "U.S. Commerce Secretary Gary Locke today announced the launch of an initiative designed to gather public input and review the nexus between privacy policy and innovation in the Internet economy. In addition, Locke also announced the formation of a Department of Commerce-wide Internet Policy Task Force to identify leading public policy and operational issues impacting the U.S. private sector's ability to realize the potential for economic growth and job creation through the Internet.
"Because of the vital role the Internet plays in driving innovation throughout the economy, the Department has made it a top priority to ensure that the Internet remains open for innovation while promoting an environment respectful of individual privacy expectations," Locke said. "In these difficult economic times, nothing is more important to American prosperity than jumpstarting our engine of innovation."
Through a Notice of Inquiry (NOI) published in the Federal Register, the Commerce Department is seeking public comment from all Internet stakeholders - commercial, academic and civil society sectors and citizens - on the impact of current privacy laws in the United States and around the world on the pace of innovation in the information economy. [Comments Due 45 Days After Fed Reg Publication]The Department seeks to understand whether current privacy laws serve consumer interests and fundamental democratic values.
The Internet Policy Task Force is exploring current privacy frameworks, and ways to address the challenges of the new Internet economy and society in a manner that preserves and enhances personal privacy protection.
The Task Force is comprised of staff members from the National Telecommunications and Information Administration (NTIA)
In addition to privacy and innovation, the Internet Policy Task Force will examine cyber security, online copyright protection and international barriers to moving data around the globe, and the ability of entrepreneurs, and small- and medium-sized businesses to expand their operations via the Internet.
On May 7, 2010, the Department will hold a public meeting to discuss stakeholder views and to further facilitate public discussion on privacy policy in the United States. After analyzing public comments in response to this NOI, the Department will issue a report contributing to the administration's domestic policy and international engagement on privacy.
Advisory Committee on Online Access and Security
Final Report of the Federal Trade Commission Advisory Committee on Online Access and Security
The FTC Advisory Committee on Online Access and Security voted to provide the Final Report to the Federal Trade Commission on May 15, 2000. Thirty-nine members voted to submit the report. One member did not submit a vote."The Federal Trade Commission has established an Advisory Committee on Online Access and Security. The purpose of the Advisory Committee is to provide advice and recommendations to the Commission regarding implementation of certain fair information practices by domestic commercial Web sites. In particular, the Advisory Committee will address providing online consumers reasonable access to personal information collected from and about them and maintaining adequate security for that information."
Comments Due by April 28, 2000. Advisory Committee Website Apr 28 Advisory Committee on Online Access and Security FTC 8 am - 4 pm. Federal Activity
White House / OMB
- EO Establishment of the Federal Privacy Council Feb. 9, 2016 ("it shall be the policy of the United States Government that agencies shall establish an interagency support structure that: builds on existing interagency efforts to protect privacy and provides expertise and assistance to agencies; expands the skill and career development opportunities of agency privacy professionals; improves the management of agency privacy programs by identifying and sharing lessons learned and best practices; and promotes collaboration between and among agency privacy professionals to reduce unnecessary duplication of efforts and to ensure the effective, efficient, and consistent implementation of privacy policy Government-wide.")
- OMB Memorandum 07-16, Safeguarding Against and Responding to the Breach of Personally Identifiable Information
- OMB Memorandum M-06-19, Reporting Incidents Involving Personally Identifiable Information and Incorporating the Cost for Security in Agency Information Technology Investments
- OMB Memorandum M-06-16, Protection of Sensitive Agency Information
- OMB Memorandum M-06-15, Safeguarding Personally Identifiable Information
- OMB Memorandum M-05-08, Designation of Senior Agency Officials for Privacy
- OMB Memorandum M-04-04, E-Authentication Guidance for Federal Agencies
- OMB Memorandum M-03-22, OMB Guidance for Implementing the Privacy Provisions of the E-Government Act of 2002
- OMB Memorandum M-01-05, Guidance on Inter-agency Sharing of Personal Data – Protecting Personal Privacy
- Officeof Personnel Management (OPM), Guidance on Protecting Federal Employee Social Security Numbers and Combating Identity Theft, June 2007
- Executive Memo M-00-13 Privacy Policies and Data Collection on Federal Web Sites June 22, 2000. Federalagencies required to Post and comply with privacy policy, Presumption that cookies will not be used on federal sites; Only use cookies with clear notice and when certain conditions have been met. Comply with the Children's Online Privacy Protection Act
- M-99-18 Memorandum for the Heads of Executive Departments and Agencies: Privacy Policies on Federal Websites June 2, 1999
- OMB Circular A-130, Management of Federal Information Resources
- OMBMemorandum, July 2007, Common Risks Impeding the Adequate Protection of Government Information (developed jointly with DHS)
- OMB Memorandum, September 20, 2006, Recommendations for Identity Theft Related Data Breach Notification
- Priorities for the National Privacy Research Strategy July 1, 2016 "National Privacy Research Strategy calls for research in science and engineering that will enable the U.S. to benefit from innovative data use while protecting privacy."
Federal Trade Commission
Reports
- A Preliminary FTC Staff Report on Protecting Consumer Privacy in an Era of Rapid Change: A Proposed Framework for Businesses and Policymakers (December 1, 2010)
- Text of the FTC Staff Report, and Concurring Statements of Commissioner Kovacic and Commissioner Rosch
- FTC Privacy Report : Remarks of Chairman Jon Leibowitz as Prepared for Delivery
- Mary J. Culnan, Ph.D., Privacy and the Top 100 Web Sites: Report to the Federal Trade Commission (Online Privacy Alliance, June 1999).
Enforcement
- Snapchat Settles FTC Charges That Promises of Disappearing Messages Were False Snapchat Also Transmitted Users’ Location and Collected Their Address Books Without Notice Or Consent FOR RELEASE May 8, 2014
- Internet Service Provider Settles FTC Privacy Charges, FTC 3/11/2005
- Popcorn Company Settles FTC Privacy Violation Charges, FTC 2/15/02
Proceedings
Testimony
- FTC Testifies on Behavioral Advertising, FTC 7/10/2008
- FTC Testifies on Protecting Consumers’ Data, FTC 3/18/2005
Federal Communications Commission
NIST
- Guide to Protecting the Confidentiality of Personally Identifiable Information (PII)
- FIPS 199, Standards for Security Categorization of Federal Information and Information Systems
- NIST SP 800-88, Guidelines for Media Sanitization
- NIST SP 800-86, Guide to Integrating Forensic Techniques into Incident Response
- NIST SP 800-63 Version 1.0.2, Electronic Authentication Guidelines
- NIST SP 800-61 Revision 1, Computer Security Incident Handling Guide
- NIST SP 800-60 Revision 1, Volume 1: Guide for Mapping Types of Information and Information Systems to Security Categories
- NIST SP 800-53 Revision 3, Recommended Security Controls for Federal Organizations and Information Systems
- NIST SP 800-47, Security Guide for Interconnecting Information Technology Systems
- NIST SP 800-37 Revision 1, Guide for Applying the Risk Management Framework to Federal Information Systems: A Security Life Cycle Approach.
- NIST SP 800-30, Risk Management Guide for Information Technology Systems
- 2nd Draft Special Publications 800-73: Interfaces for Personal Identity Verification, NIST 3/9/2005
- Commerce Secretary Announces New ID Standard for Federal Agencies, NIST 3/2/2005
- GAO
- The National Science and Technology Council (NSTC), Subcommittee on Biometrics, Announces Launch of www.biometrics.gov, OSTP 10/6/2006
- Directive 2002/58/EC of the European Parliament and of the Council of 12 July 2002 concerning the processing of personal data and the protection of privacy in the electronic communications sector EU 11/5/02
- House Subcommittee Schedules Information Privacy Hearing, Newsbytes 7/25/01
- Burns To FTC: Consider Online Privacy June 2000
- Sen. Orrin Hatch, “What is the best way to ensure online privacy? Let Industry Enact Privacy Measures,” Roll Call, March 27, 2000.
- Technology Administration "Bringing Biometrics Online: A Policy Panel Examining Critical Issues" Remarks by Bruce P. Mehlman Assistant Secretary for Technology Policy United States Department of Commerce
- United States Dep’t of Health, Education & Welfare, Records, Computers and the Rights of Citizens: Report of the Secretary’s Advisory Committee on Automated Personal Data Systems (July 1973)
- FTC Privacy Roundtables 2010
- The Federal Trade Commission will host a series of day-long public roundtable discussions to explore the privacy challenges posed by the vast array of 21st century technology and business practices that collect and use consumer data. Such practices include social networking, cloud computing, online behavioral advertising, mobile marketing, and the collection and use of information by retailers, data brokers, third-party applications, and other diverse businesses. The goal of the roundtables is to determine how best to protect consumer privacy while supporting beneficial uses of the information and technological innovation.
- Dec 11-12 FTC Public Workshop to examine emerging wireless Internet and data technologies and the privacy, security, and consumer protection issues they raise.
- FTC Plans Workshop: The Mobile Wireless Web, Data Services and Beyond: Emerging Technologies and Consumer Issues Nov 27, 2000 ITAA
- Sept 19 NTIA Public Workshop to examine technological tools and developments that can enhance consumer privacy online.
- FTC to Hold Identity Theft Victim Assistance Workshop Aug 16, 2000 FTC
- Aug 22 Children's Online Privacy Protection Act (COPPA) Compliance Training Program for Website Operators. FTC.
- NTIA will host a public workshop on September 19 to examine technological tools and developments that can enhance consumer privacy online. NTIA and the Internet Education Foundation will simultaneously co-host a Technology Fair to demonstrate the use and capabilities of a broad array of online privacy technologies. [Media Advisory]
- 1997: "A second FTC workshop in June 1997 delved more deeply into these issues." [FTC]
- 1996: " In June 1996, the Commission conducted a two-day workshop to explore privacy concerns raised by the online collection of personal information, and the special concerns raised by the collection of personal information from children. The workshop considered an array of alternatives to address those concerns, including industry self-regulation, technology-based solutions, consumer and business education, and government regulation. A summary of the workshop testimony was published by the Commission in a December 1996 staff report entitled Consumer Privacy on the Global Information Infrastructure. " [FTC]
- 1995: " In April 1995, staff held its first public workshop on privacy on the Internet, and in November of that year the Commission held hearings on online privacy as part of its extensive hearings on the implications of globalization and technological innovation for competition and consumer protection issues. " [FTC]
Hearings
|
Hearing Internet Privacy: The Views of the FTC, the FCC, and NTIA |
Reports
- Pew Research Center, Public Perceptions of Privacy and Security in the Post-Snowden Era, at 3 (Nov. 12, 2014),
- DHS Privacy Office, Report to the Public on Events Surrounding jetBlue Data Transfer (Feb. 20, 2004)
- A potential privacy violation involving the Transportation Security Administration ("TSA") (at the time, a division of the Department of Transportation, now a component of the Department of Homeland Security), was brought to the attention of this office in September 2003. The potential privacy violation involved the transfer of Passenger Name Records ("PNR") from jetBlue Airways to the Department of Defense, a transfer that occurred with some involvement by TSA personnel. While the incidents in question occurred during 2001 and 2002, preceding the creation of the Department of Homeland Security, the matter raises serious concerns about the proper handling of personally identifiable information by government employees now within the Department of Homeland Security. Accordingly, the Privacy Office conducted an investigation of the facts surrounding the transfer of data
- See Online Profiling
- Privacy Online: Fair Information Practices in the Electronic Marketplace: A Federal Trade Commission Report to Congress (May 2000)
- Self Regulation and Privacy Online: A FTC Report to Congress (7/99)
- Online Privacy: A Report to Congress (6/98)
- Leonard Kleinrock, et. al., Realizing the Information Future: The Internet and Beyond, National Research Council 156 (1994) ("On the one hand, there is broad agreement about the need for confidentiality for sensitive information (independent of infrastructure use, per se) about individuals (e.g., information about personnel or personal matters) or organizations (e.g., trade secrets or other proprietary information).24 Storing and communicating sensitive personal information lead to the possibility that information will be divulged, or that information might be modified, sometimes with life-or welfare-threatening consequences. On the other hand, information about what consumers do is routinely of interest to businesses, as reflected in the proliferation of frequent-buyer programs, point-of-sale information gathering among retailers, and so on. ")
Caselaw
- See ECPA Caselaw
- Supnick v. Amazon.com, Inc., No. C00-0221P (W.D. Wash.)
- In re Doubleclick Inc. Privacy Litigation , 154 F.Supp.2d 487, 511-12 (SDNY 2001)
- Agreement at www.oag.state.ny.us
- Double Click Ad Cookie Opt Out
- Chance v. Avenue A, Inc., 165 F.Supp.2d 1153 (W.D.Wash.2001).
- In re Intuit Privacy Litigation, 138 F.Supp.2d 1272 (C.D.Cal.2001)
- In re RealNetworks, Inc. Privacy Litigation, 2000 WL 631641 (N.D. Ill. 2000) (sent to arbitration)
- McMann v. Doe (AR Super Ct Jan 18, 2007) [Anonymous posting, privacy] (plaintiff's case must be able to survive motion for summary judgment before court will order identity of defendant revealed, Court adopts Cahill Rule). See Public Citizen
International
- UN General Assembly backs right to privacy in digital age, Dec. 19, 2013 ("By a text entitled “Right to privacy in the digital age,” the Assembly weighed in on the emerging issue, underscoring that the right to privacy is a human right and affirming, for the first time, that the same rights people have offline must also be protected online. It called on States to “respect and protect the right to privacy, including in the context of digital communication.” " "Earlier in the year, Ms. Pillay spotlighted the right to privacy, using the case of United States citizen Edward Snowden to illustrate the urgent need to protect individuals who reveal human rights violations.")
- General Assembly Adopts 68 Resolutions, 7 Decisions as It Takes Action on Reports of Its Third Committee, Dec. 18, 2013
-
- Nothing to Hide: The False Tradeoff Between Privacy and Security (Yale University Press 2011)
- Lorrie Faith Cranor, Web Privacy with P3P (2002)
- Public Policy and the Internet : Privacy, Taxes, and Contract (Hoover Institution Press Publication, 481.) by Nicholas Imparato (Editor)
- Computer and Internet Use on Campus: A Legal Guide to Issues of Intellectual Property, Free Speech, and Privacy by Constance S. Hawke
- Internet Privacy for Dummies (For Dummies) by John Levine, Ray Everett-Church, Gregg Stebben
- Technology and Privacy by Philip E. Agre (Editor), Marc Rotenberg (Editor)
- Privacy in the Information Age by Fred H. Cate, Michael H. Armacost
- None of Your Business : World Data Flows, Electronic Commerce, & the European Privacy Directive by Peter P. Swire, et al
- The Privacy Law Sourcebook 1999: United States Law, International Law, and Recent Developments by Marc Rotenberg
- Ben Franklin's Web Site : Privacy and Curiosity from Plymouth Rock to the Internet by Robert Ellis Smith, Sangram Majumdar (Illustrator)
- Database Nation : The Death of Privacy in the 21st Century by Simson Garfinkel, Deborah Russell
- The End of Privacy : How Total Surveillance Is Becoming a Reality by Reg Whitaker, Reginald Whitaker
- The Unwanted Gaze : The Destruction of Privacy in America by Jeffrey Rosen
- The Hundredth Window: Protecting Your Privacy and Security in the Age of the Internet by Charles Jennings, et al
- Who Knows: Safeguarding Your Privacy in a Networked World by Ann Cavoukian, Don Tapscott (Contributor)
- Who Owns Information? : From Privacy to Public Access by Anne Wells Branscomb
- Your Right to Privacy : A Basic Guide to Legal Rights in an Information Society (An American Civil Liberties Union Handbook) by Evan Hendricks, et al
- Privacy and Human Rights 2001: An International Survey of Privacy Laws and Developments (EPIC 2001) [ EPIC Bookstore ]
- ROBERT ELLIS SMITH, BEN FRANKLIN’S WEB SITE: PRIVACY AND CURIOSITY FROM PLYMOUTH ROCK TO THE INTERNET 12 (2000).
-
- FTC Advisory Committee on Online Access and Security
- FTC Consumer Information Privacy Forum .
- FTC ID Theft Website
- FTC Privacy Page
- FTC Safe Harbor Program
Timeline
1998:
— Carol (@Carols10cents) July 2, 2016
- Don't get in strangers' cars
- Don't meet ppl from internet
2016:
- Literally summon strangers from internet to get in their car- 2016:
- 2011:
- Apple Geolocation Tracking
- 2010:
- Google Spyfi
- Google Buzz released
- FTC holds COPPA Rule Review Roundtable
- FTC calls for Do Not Track
- 2009:
- FTC releases: Self-Regulatory Principles for Online Behavior Advert sing: Tracking, Targeting, and Technology
- FTC releases: Net Cetera: Chatting with Kids about Being Online
- 2008:
- Future of Privacy Forum established
- FTC releases: Protecting Consumers in the Next Tech-ade: A Report by the Staff of the FTC
- 2007:
- FTC releases: Spam Summit: The Next Generation of Threats and Solutions: A Staff Report by the FTC's Division of Marketing Practices
- FTC releases Implementing the COPPA: A FTC Report to Congress
- FTC co-chairs Presidents ID Theft Task Force with DOJ and issues Strategic Plan
- 2006:
- FTC First adware case: In the Matter of Zango
- FTC releases: Peer-to-Peer File Sharing Technology: Consumer Protection and Competition Issues: A FTC Staff Workshop Report
- FTC sponsors workshop: Protecting Consumers in the Next Tech-ade
- 2005:
- FTC Releases: Spyware Workshop: Monitoring Software on your Personal Computer: Spyware, Adware, and other Software: Report of the FTC Staff
- FTC Launches onguardonline.gov
- 2004:
- Facebook launched
- Can Spam Act rules go into effect
- FTC's first spyware case: FTC v Seismic Entertainment
- FTC releases: The Can Spam Act of 2003: National Do Not Email Registry: A FTC Report to Congress
- 2003:
- National Do Not Call Registry goes into effect
- FTC Workshop: Technologies for Protecting Personal Information; Spam Forum; and Costs and Benefits Related to the Collection and Use of Consumer Information
- 2002:
- FTC workshop: Consumer Information Security Workshop
- FTC releases report: Public Workshop: The Mobile Wireless Web, Data Services and Beyond: Emerging Technologies and Consumer Issues
- 2001: COPPA Safe Harbors begin
- 2000:
- FCC recommends to Congress that businesses comply with FIPP
- International Association of Privacy Professionals
- COPPA rules go into effect
- First COPPA enforcement case
- FTC releases Online Profiling: A FTC Report to Congress
- FTC releases Privacy Online: Fair Information Practices in the Electronic Marketplace: a FTC Report to Congress
- FTC Workshop: The Mobile Wireless Web, Data Services and Beyond: Emerging Technologies and Consumer Issues
- 1999:
- FTC v Geocities (reportedly first FTC enforcement action for online privacy, FTC all edged that Geocities engaged in deceptive practices with regard to its privacy policy and the use of information collected).
- FTC releases Self-Regulation and Privacy Online: A Federal Trade Commission Report to Congress
- FTC Workshop: Online Profiling
- FTC Launches ID Theft Website
- 1998:
- Children's Online Privacy Protection Act COPPA
- FTC Issues Privacy Online: a Federal Trade Commission Report to Congress
- 1997: First Spam enforcement case brought by FTC
- 1996: First FTC Staff Workshop on Privacy on the Internet: Consumer Privacy on the Global Information Infrastructure [FTC]
- 1973: the U.S. Department of Health, Education and Welfare (HEW) developed the Code of Fair Information Practices
- 1970: Fair Credit Reporting Act enacted
Papers
- USG
- Lorrie Faith Cranor
- L. Cranor, P. Guduru, and M. Arjula. User Interfaces for Privacy Agents. ACM Transactions on Computer-Human Interaction, June 2006, pp. 135-178.
- I Didn't Buy it for Myself , in Designing Personalized User Experiences in eCommerce , 2004
- The role of privacy advocates and data protection authorities in the design and deployment of the platform for privacy preferences CFP 2002
- The P3P Protocol Standardizes Online Privacy Statements Jan 2002
- Lorrie Faith Cranor. Web Privacy with P3P. O'Reilly & Associates, Sebastopol, California, September 2002.
- Privacy in e-commerce: examining user scenarios and privacy preferences ACM 1999
- Lorrie Faith Cranor, et al., Beyond Concern: Understanding Net Users’ Attitudes about Online Privacy (AT&T Apr. 14, 1999).
- Lorrie Faith Cranor and Joseph M. Reagle. Designing a Social Protocol: Lessons Learned from the Platform for Privacy Preferences. World WideWeb Consortium, Note NOTE-TPRC-970930, November 1997.
- CSTB, NAS
- Whither Biometrics?
- Toward Better Usability, Security, and Privacy of Information Technology: Report of a Workshop, 2010
- Technical and Privacy Dimensions of Information for Terrorism Prevention and Other National Goals
- Engaging Privacy and Information Technology in a Digital Age 2007
- Summary of a Workshop on the Technology, Policy, and Cultural Dimensions of Biometric Systems 2006
- Who Goes There?: Authentication Through the Lens of Privacy 2003
- Daniel Solove
- 'I've Got Nothing to Hide' and Other Misunderstandings of Privacy , San Diego Law Review, Vol. 44, 2007
- Daniel J. Solove and Chris Jay Hoofnagle , A Model Regime of Privacy Protection (Version 2.0), SSRN 4/8/2005
- A Taxonomy of Privacy, University of Pennsylvania Law Review, Vol. 154, No. 3, p. 477, January 2006.
- Peter Swire
- Swire, Peter P., What Base Text to Use for the Do Not Track Compliance Specification, with Explanatory Memorandum (July 16, 2013). Available at SSRN: http://ssrn.com/abstract=2296342
- The Internet and the Future of Consumer Protection, at *8, (July 24, 2006).
- " Privacy and Information Sharing in the War on Terrorism, " 51 Villanova L. Rev. 260 (2006)
- " Introductory Essay for "Privacy Law Year in Review, 2005-2006 " I/S: A Journal of Law and Policy for the Information Society (2007).
- ACKERMAN, M. S., CRANOR, L. F., AND REAGLE, J. Privacy in e-commerce: examining user scenarios and privacy preferences. In Proceedings of the 1st ACM Conference on Electronic Commerce (November 1999).
- Trent Adams, Internet Society, Kevin Bauer, University of Colorado, Dirk Grunwald, University of Colorado, Asa Hardcastle, OpenLiberty.org, Douglas Sicker, University of Colorado Automated Tracking of Online Service Policies TPRC 2010
- Irwin Altman. Privacy Regulation: Culturally Universal or Culturally Speci c? Journal of Social Issues, 33(3):66{84, 1977.
- ANTON, A. I., EARP, J. B., AND YOUNG, J. D. How Internet users' privacy concerns have evolved since 2002. Tech. Rep. Computer Science Technical Report TR-2009-16, North Carolina State, 2009.
- Jim Basney, William Yurcik, Rafael Bonilla, Adam Slagell , Credential Wallets: A Classification of Credential Repositories Highlighting MyProxy, TPRC 9/13/03
- Does Law Matter? Informational Privacy and Online Compliance in Israeli Websites -
- Marjory S. Blumenthal, Georgetown University , Is Security Lost in the Clouds? , TPRC 2010
- Bennet, Technology, Geography, Economics, and Regulation: Factors Affecting Surveillance and Privacy in the Implementation of Wireless 9-1-1, TPRC 9/18/02
- Jerry Berman & Deirdre Mulligan, Privacy in the Digital Age: Work in Progress, 23 Nova L. Rev. 13 (1998).
- Paula Bruening, Alan Davidson, Ari Schwartz , Privacy Principles for Authentication Systems, TPRC 9/13/03
- Dan Burk, Privacy and Property in the Global Datasphere, SSRN 5/6/2005
- Jeng-Chung (Victor) Chen, Jeng-Her (Alex) Chen, Will an International Internet Privacy Framework Work?, TPRC 10/2/2004
- Julie E. Cohen, DRM and Privacy, 18 BERKELEY TECH. L.J. 575 (2003)
- Froomkin, The Uneasy Case for National ID Cards as a Means to Enhance Privacy, TPRC 9/18/02
- Froomkin, A. Michael, 'Pets Must Be on a Leash': How U.S. Law (and Industry Practice) Often Undermines and Even Forbids Valuable Privacy Enhancing Technology (October 1, 2013). Ohio State Law Journal, Vol. 74, No. 6, 2013. Available at SSRN: http://ssrn.com/abstract=2348281
- The Cost of Privacy: A Debate on the Impact of Privacy Laws on Health IT Adoption, ITIF Event June 2009
- Internet Engineering Task Force
- Cooper, A., Tschofenig, H., Aboba, B., Peterson, J., Morris, J., Hansen, M., and R. Smith, "Privacy Considerations for Internet Protocols", RFC 6973, DOI 10.17487/RFC6973, July 2013.
- Dongseok Jang, Ranjit Jhala, Sorin Lerner, Hovav Shacham, An Empirical Study of Privacy-Violating Information Flows in JavaScript Web Applications
- Jerry Kang, Information Privacy iin Cyberspace Transactions, Stanford Law Review, Vol. 50, p. 1193-1294, 1998
- B. Krishnamurthy and C. Wills, Privacy Difusion on the Web: A Longitudinal Perspective," in Proceedings of the 18th International World Wide Web Conference (WWW 2009), pp. 541{541, April 2009
- Kristol, D. and Montulli, L., IETF RFC 2109, "HTTP State Management Mechanism"
- Seth Richard Lesser, Internet Privacy Litigation And The Current Normative Rules of Internet Privacy Protection CDT
- Elbert Lin , Prioritizing Privacy: A Constitutional Response to the Internet, SSRN 2/25/2005
- Marwick, Alice E., Murgia-Diaz, Diego and Palfrey, John G., Youth, Privacy and Reputation (Literature Review). Berkman Center Research Publication No. 2010-5; Harvard Public Law Working Paper No. 10-29.
- Trevor Moores and Gurpeet Dhillon, Do privacy seals in e-commerce really work? CACM, December 2003, pp. 265-271.
- Christena Nippert-Eng, Privacy in the United States: Some Implications for Design , International Journal of Design, 1(2), 1-10.
- Jon Peterson, Hannes Tschofenigy, Bernard Abobaz, Karen Solins, The Role of the Internet Engineering Task Force (IETF) in Improving Privacy on the Internet
- David J. Phillips , Contextualizing Online Identity: Paradigms and Practices, TPRC 9/13/03
- William Prosser, Privacy, 48 CAL. L. REV. 383 (1960).
- Neil M. Richards & Daniel J. Solove, Privacy’s Other Path: Recovering the Law of Confidentiality, 96 GEO. L. J. 125 (2007)
- P. Resnick and L. Cranor. Protocols for Automated Negotiations with Buyer Anonymity and Seller Reputations . (2000). Netnomics 2(1):1-23.
- Marc Rotenberg, Fair Information Practices and the Architecture of Privacy (What Larry Doesn’t Get), 2001 STAN. TECH. L. REV. 1, ¶¶ 80–90 (2001)
- Paul Schwartz, German and U.S. Telecommunications Privacy Law: Legal Regulation of Domestic Law Enforcement Surveillance, SSRN 9/12/03
- Paul M. Schwartz, Beyond Lessig’s Code for Internet Privacy: Cyberspace Filters, Privacy Control, and Fair Information Practices, 2000 WIS. L. REV. 743
- Andrew B. Serwin, The Federal Trade Commission and Privacy: Defining Enforcement and Encouraging the Adoption of Best Practices, SSRN, Dec. 31, 2010
- Douglas C. Sicker , Role Based Authorization as a Tool for Privacy and Anonymity, TPRC 9/13/03
- Jesse Sowell, Massachusetts Institute of Technology , Mixed Context and Privacy TPRC 2010
- Willis, Lauren E., Why Not Privacy by Default? (November 4, 2013). Berkeley Technology Law Journal, Forthcoming; Loyola-LA Legal Studies Paper No. 2013-37. Available at SSRN: http://ssrn.com/abstract=2349766 or http://dx.doi.org/10.2139/ssrn.2349766
- Privacy Right
- Benjamin E. Bratman, Brandeis and Warren’s The Right to Privacy And the Birth of the Right to Privacy, 69 Tenn. L. Rev. 623 n. 10 (2002), available at SSRN: http://ssrn.com/abstract=1334296
- Julie E. Cohen. Structural Rights in Privacy. University of Chicago Law Review, 75(1), 2008.
- Samuel Warren & Louis Brandeis, The Right To Privacy, 4 HARV. L. REV. 193 (1890)
- Privacy as Property
- Developments in the Law—The Law of Cyberspace, 112 HARV. L. REV. 1574, 1634–49 (1999);
- Patricia Mell, Seeking Shade in a Land of Perpetual Sunlight: Privacy as Property in the Electronic Wilderness, 11 BERKELEY TECH. L.J. 1, 26–41 (1996);
- Richard S. Murphy, Property Rights in Personal Information: An Economic Defense of Privacy, 84 GEO. L.J. 2381, 2383 (1996);
- Kenneth C. Laudon, Markets and Privacy, COMM. OF THE ACM, Sept. 1996, at 92.
- Mark A. Lemley, Private Property, 52 STAN. L. REV. 1545 (2000)
- Pamela Samuelson, Privacy as Intellectual Property?, 52 STAN. L. REV. 1125 (2000)
- Data Security
- Michael D. Scott, "The FTC, the Unfairness Doctrine, and Data Security Breach Litigation: Has the Commission Gone Too Far?" 60 ADMINISTRATIVE LAW REVIEW (Winter 2008)
- Michael D. Scott, "Data Security Breaches, Where Are the Losses?" 9 E-COMMERCE LAW REP. 2 (July 2007)
- CFO - The End of Business, Data Concerns (“You have zero privacy anyway. Get over it.” Sun Microsystems CEO Scott McNeally)
Course Syllabi
- Lorrie Cranor CMU Privacy Policy, Law, and Technology
News