Category: Privacy (Medical)

0

FAN 200 (First Amendment News) Jasmine McNealy, Newsworthiness, the First Amendment, and Platform Transparency

Jasmine McNealy is an assistant professor in the Department of Telecommunication, in the College of Journalism and Communications at the University of Florida, where she studies information, communication, and technology with a view toward influencing law and policy. Her research focuses on privacy, online media, and communities. She holds a PhD in Mass Communication with and emphasis in Media Law, and a J.D. from the University of Florida. Her latest article is “Spam and the First Amendment Redux: Free Speech Issues in State Regulation of Unsolicited Email,” Communication Law & Policy (2018).

_________________

Professor Jasmine McNealy

As of late the controversy, unrelated to the government, of most attention is the banning of Infowars founder and host Alex Jones from various social media sites including Facebook, YouTube, and Vimeo. Jones, purveyor of all manner of racist, sexist, you-name-it conspiracy theories, has drawn ire for spreading a conspiracy theory about the parents of children and teachers killed in the Sandy Hook mass shooting. He is currently being sued by a group of parents who assert that Jones defamed them by claiming that they and their children were crisis actors and not actual victims.

The Jones social media content cull, though some say belated, is interesting for sparking a larger discussion. In a decision met with outrage Twitter, a site now notorious for making controversial decisions about the kinds of content it will allow, had decided not to ban Jones. He would be banned a few days later. Twitter CEO Jack Dorsey, explained that Jones had not violated it rules against offensive content, a contention that has been challenged. But of more significance is the lack of definition of what actually is considered offensive content, not just for Twitter, but across the various social media sites.

Alex Jones (credit: Political Dig)

Of course, Twitter and other social media sites are private organizations, therefore claims that sites are violating freedom of expression by banning offensive speech are based less in law and more on, at most, ethical considerations. But social platforms play an increasingly significant role in how individuals seek, send, and receive information. In a study published in 2017 by Pew Research Center of American adults who get news from online sources, 53% of participants self-reported getting news from social media. Sixty-two percent reported getting news from search engines, which may lead to social sites. These numbers point to social media sources as playing an important role in the information that people encounter.

How, what, and the volume of information people encounter is important for decision-making. Platform decision about content users see is an issue of concern as more platforms move to algorithmically generated timelines that curate what we see. Zeynep Tufekçi has written that algorithmic timeline curation disrupts the potential for users to choose for themselves the value of the content they encounter, also asserting that YouTube’s algorithm-based recommendation system could be “one of the most powerful radicalizing instruments of the 21stcentury,” for its recommendations of extreme content. Companies like YouTube offer little, if any, insight into how their algorithms work.

The decision by social platforms – algorithmically or not – about whether users are able to see posts and the kinds of content acceptable for posting is a value judgment. Under a traditional rubric, offensive speech, presumably, would have little to no value and could, therefore, be either banned or hidden from other users. But platforms like Facebook and Twitter, however, have rejected offering a concrete definition of what they define as offensive, when said by whom, and in what context. Instead the platforms, though offering written statements as well as having their individual CEOs offer vague explanations, have left offensiveness open to interpretation.

A recent study from Caitlin Carlson and Hayley Rousselle at the University of Seattle testing Facebook’s offensive speech reporting mechanism found that though Facebook would remove some of the posts reported during their study, a significant number of racist, sexist, and otherwise offensive materials were allowed to remain visible, and that there was no discernible rationale for these content moderation decisions. Even after Facebook revealed the community standards its content moderators use in April 2018, investigative reports revealed that moderators have been told to temper their content removal efforts. So while a platform may reveal its objectionable content standards, in practice, offensiveness decisions are a black box– lacking transparency into how both human and algorithmic content moderation value judgments are made.

That an organization would make a judgement about the value of information is not novel. What we consider traditional news organizations have always made judgments about the value of information, and these gatekeeping decisions about what is newsworthy are many times bolstered by First Amendment jurisprudence. The Supreme Court has of declined to enforce laws mandating that news organizations (outside of broadcast) publish certain information. In Miami Herald v. Tornillo, for instance, in which the newspaper argued that a Florida statute requiring it to publish candidate responses to criticism infringed on press freedom, the Court agreed, finding that such a requirement was an “intrusion on the function of editors.”

(credit: Heartland Newsfeed)

Of course, the judgement of newsworthiness by the press is found most often in cases against news organizations for invasion of privacy. The newsworthiness of information is a First Amendment-based defense against privacy actions seeking redress for the publication of information highly offensive to a reasonable person. In these cases, if the information is of a legitimate public interest, the publisher will not be found liable for injury. And the courts have used many different tests for newsworthiness.  A prominent newsworthiness test “leaves it to the press” to decide the bounds of what is of a legitimate public interest. Perhaps the most common of the tests, used in Virgil v. Time and enshrined in the Restatement of Torts, considers the “customs and conventions of the community” for a newsworthiness determination. For a news organization this would be a consideration of the community in which it is centered. For social media this could mean the community that it has created.

Therefore, while calls exist for policymakers and legislators to do something about the massive platforms that significantly influence the information that individuals encounter, First Amendment jurisprudence demonstrates that such incursions would most likely violate the exercise of freedom of the press. Social media users in the U.S., then, will have to find an alternative way of persuading platforms to act on objectionable content. So far, public outcry is beginning to work particularly when it targets commercial interests.

0

Introduction to About Abortion Symposium

We are delighted to introduce Professor Carol Sanger and the participants in our online symposium on About Abortion: Terminating Pregnancy in Twenty-First-Century America (Harvard University Press 2017).

Professor Sanger, in her inimitable style, updates us on the state of the abortion debate in the age of Trump.  She explains how the experiences of women who have abortions have disappeared into the shadows while those who would outlaw it control the public discourse.  She explores the explosion of hostile legislation in state legislatures, as the new laws “treat abortion not as an acceptable medical decision—let alone a right—but as something disreputable, immoral, and chosen by mistake.”  Sanger’s book captures the reasons why the discourse has changed, and how abortion, which has always been a contentious issue, drives its emotional force from its connection to underlying debates about sex, religion, gender, politics, and identity.  She nonetheless seeks to reclaim women’s perspectives on the practice of abortion.   She argues that as women become more willing to talk about their experiences, “women’s decisions about whether or not to become mothers will be treated more like those of other adults making significant personal choices.”  In short, she seeks to normalize the topic of abortion.

The book covers original material that Sanger has assembled documenting the legal infrastructure for abortion decision-making.  She presents the experiences of vulnerable teens, forced to appear before hostile judges in an effort to secure permission to proceed without parental consent.  Courts deem many of the teens too immature to make such decisions on their own, but not apparently too immature to become mothers against their will.  She also describes the women required to undergo involuntary ultrasounds, the debate about whether the women are allowed to look away, and the insidiousness of this alleged effort to “help” women make the abortion decision.

Throughout, Sanger connects these practices to law, medicine, the organization of intimate relationships, the shape of a woman’s life, and national identity.  She takes pains to present  the objections to abortion accurately even as she also counters the depiction of decisions to end pregnancies as “selfish” or casual decisions to put women’s interests ahead of their children.  She distinguishes between abortion privacy, a form of nondisclosure based on a woman’s desire to control personal information, and abortion secrecy, a woman’s defense against the many harms of disclosure.   She captures women’s varied views, whether they treat abortion as unthinkable or as a measure necessary to allow them to become “good” mothers in circumstances of their choosing.

Indeed, Sanger’s original treatment of abortion includes a chapter on the views of men.  She asks not what decisions men would make about abortion; instead, she explores how they in fact decide whether to become fathers when they are faced with the choice of what to do with their frozen embryos.  The men in such circumstances express concern over the potential child’s future welfare, distress over an ongoing relationship with the other parent, an unwillingness to consider adoption as an acceptable alternative; in short, they express the same concerns that women do about whether to proceed with a pregnancy.  Yet, the right to life forces, while they often champion the rights of frozen embryos,  do not subject the men’s decisions  to the same intrusion and vilification they reserve for women.  Sanger speculates that if the same law that governs decisions about frozen embryos applied to women’s reproductive decisions, it “would not look quite the same as it does now, with assumptions of incompetence, layers of second-guessing, and invasive counseling.”

About Abortion adds to our understanding of the abortion debate.  It confronts the dishonesty and distortions that characterizes much of the public debate.  It acknowledges the way the issue is deeply intertwined with fundamental questions about the organization of society.  It advocates bringing the experiences of those who have chosen abortion out the shadows, and it succeeds in providing a richer foundation for public consideration of the issue.

About Abortion is an important book that has already received wide attention, including a New Yorker review that coincides with our consideration of it here.  http://www.newyorker.com/magazine/2017/04/03/why-its-become-so-hard-to-get-an-abortion.

For this Concurring Opinions book symposium, we have invited an all-star cast of thinkers who have a variety  of different perspectives on abortion:  Helen Alvare, Caitlin  Borgmann, Khiara Bridges, David Cohen, Leslie Griffin, Linda McClain, David Pozen, Lisa Pruitt, and Rachel Rebouche.

Reining in the Data Brokers

I’ve been alarmed by data brokers’ ever-expanding troves of personal information for some time. My book outlines the problem, explaining how misuse of data undermines equal opportunity. I think extant legal approaches–focusing on notice and consent–put too much of a burden on consumers. This NYT opinion piece sketches an alternate approach:

[D]ata miners, brokers and resellers have now taken creepy classification to a whole new level. They have created lists of victims of sexual assault, and lists of people with sexually transmitted diseases. Lists of people who have Alzheimer’s, dementia and AIDS. Lists of the impotent and the depressed.

***

Privacy protections in other areas of the law can and should be extended to cover consumer data. The Health Insurance Portability and Accountability Act, or Hipaa, obliges doctors and hospitals to give patients access to their records. The Fair Credit Reporting Act gives loan and job applicants, among others, a right to access, correct and annotate files maintained by credit reporting agencies.

It is time to modernize these laws by applying them to all companies that peddle sensitive personal information. If the laws cover only a narrow range of entities, they may as well be dead letters. For example, protections in Hipaa don’t govern the “health profiles” that are compiled and traded by data brokers, which can learn a great deal about our health even without access to medical records.

There’s more online, but given the space constraints, I couldn’t go into all the details that the book discloses. I hope everyone enjoys the opinion piece, and that it whets appetites for the book!

0

10 Reasons Why Privacy Matters

Why does privacy matter? Often courts and commentators struggle to articulate why privacy is valuable. They see privacy violations as often slight annoyances. But privacy matters a lot more than that. Here are 10 reasons why privacy matters.

1. Limit on Power

Privacy is a limit on government power, as well as the power of private sector companies. The more someone knows about us, the more power they can have over us. Personal data is used to make very important decisions in our lives. Personal data can be used to affect our reputations; and it can be used to influence our decisions and shape our behavior. It can be used as a tool to exercise control over us. And in the wrong hands, personal data can be used to cause us great harm.

2. Respect for Individuals

Privacy is about respecting individuals. If a person has a reasonable desire to keep something private, it is disrespectful to ignore that person’s wishes without a compelling reason to do so. Of course, the desire for privacy can conflict with important values, so privacy may not always win out in the balance. Sometimes people’s desires for privacy are just brushed aside because of a view that the harm in doing so is trivial. Even if this doesn’t cause major injury, it demonstrates a lack of respect for that person. In a sense it is saying: “I care about my interests, but I don’t care about yours.”

3. Reputation Management

Privacy enables people to manage their reputations. How we are judged by others affects our opportunities, friendships, and overall well-being. Although we can’t have complete control over our reputations, we must have some ability to protect our reputations from being unfairly harmed. Protecting reputation depends on protecting against not only falsehoods but also certain truths. Knowing private details about people’s lives doesn’t necessarily lead to more accurate judgment about people. People judge badly, they judge in haste, they judge out of context, they judge without hearing the whole story, and they judge with hypocrisy. Privacy helps people protect themselves from these troublesome judgments.

Read More

0

What Is Personally Identifiable Information (PII)? Finding Common Ground in the EU and US

This post was co-authored by Professor Paul Schwartz.

We recently released a draft of our new essay, Reconciling Personal Information in the European Union and the United States, and we want to highlight some of its main points here.

The privacy law of the United States (US) and European Union (EU) differs in many fundamental ways, greatly complicating commerce between the US and EU.  At the broadest level, US privacy law focuses on redressing consumer harm and balancing privacy with efficient commercial transactions.  In the EU, privacy is hailed as a fundamental right that trumps other interests.  The result is that EU privacy protections are much more restrictive on the use and transfer of personal data than US privacy law.

Numerous attempts have been made to bridge the gap between US and EU privacy law, but a very large initial hurdle stands in the way.  The two bodies of law can’t even agree on the scope of protection let alone the substance of the protections.  The scope of protection of privacy laws turns on the definition of “personally identifiable information” (PII).  If there is PII, privacy laws apply.  If PII is absent, privacy laws do not apply.

In the US, the law provides multiple definitions of PII, most focusing on whether the information pertains to an identified person.  In contrast, in the EU, there is a single definition of personal data to encompass all information identifiable to a person.  Even if the data alone cannot be linked to a specific individual, if it is reasonably possible to use the data in combination with other information to identify a person, then the data is PII.

In our essay, Reconciling Personal Information in the European Union and the United States, we argue that both the US and EU approaches to defining PII are flawed.  We also contend that a tiered approach to the concept of PII can bridge the differences between the US and EU approaches.

Read More

0

Harvard Law Review Privacy Symposium Issue

The privacy symposium issue of the Harvard Law Review is hot off the presses.  Here are the articles:

SYMPOSIUM
PRIVACY AND TECHNOLOGY
Introduction: Privacy Self-Management and the Consent Dilemmas
Daniel J. Solove

What Privacy is For
Julie E. Cohen

The Dangers of Surveillance
Neil M. Richards

The EU-U.S. Privacy Collision: A Turn to Institutions and Procedures
Paul M. Schwartz

Toward a Positive Theory of Privacy Law
Lior Jacob Strahilevitz

1

Privacy Self-Management and the Consent Dilemma

I’m pleased to share with you my new article in Harvard Law Review entitled Privacy Self-Management and the Consent Dilemma, 126 Harvard Law Review 1880 (2013). You can download it for free on SSRN. This is a short piece (24 pages) so you can read it in one sitting.

Here are some key points in the Article:

1. The current regulatory approach for protecting privacy involves what I refer to as “privacy self-management” – the law provides people with a set of rights to enable them to decide how to weigh the costs and benefits of the collection, use, or disclosure of their information. People’s consent legitimizes nearly any form of collection, use, and disclosure of personal data. Unfortunately, privacy self-management is being asked to do work beyond its capabilities. Privacy self-management does not provide meaningful control over personal data.

2. Empirical and social science research has undermined key assumptions about how people make decisions regarding their data, assumptions that underpin and legitimize the privacy self-management model.

3. People cannot appropriately self-manage their privacy due to a series of structural problems. There are too many entities collecting and using personal data to make it feasible for people to manage their privacy separately with each entity. Moreover, many privacy harms are the result of an aggregation of pieces of data over a period of time by different entities. It is virtually impossible for people to weigh the costs and benefits of revealing information or permitting its use or transfer without an understanding of the potential downstream uses.

4. Privacy self-management addresses privacy in a series of isolated transactions guided by particular individuals. Privacy costs and benefits, however, are more appropriately assessed cumulatively and holistically — not merely at the individual level.

5. In order to advance, privacy law and policy must confront a complex and confounding dilemma with consent. Consent to collection, use, and disclosure of personal data is often not meaningful, and the most apparent solution – paternalistic measures – even more directly denies people the freedom to make consensual choices about their data.

6. The way forward involves (1) developing a coherent approach to consent, one that accounts for the social science discoveries about how people make decisions about personal data; (2) recognizing that people can engage in privacy self-management only selectively; (3) adjusting privacy law’s timing to focus on downstream uses; and (4) developing more substantive privacy rules.

The full article is here.

Cross-posted on LinkedIn.

1

Exponential Hacks

As All Things Digital Kara Swisher reports, Living Social experienced a significant hack the other day: over 50 million users’ email, dates of birth, and encrypted passwords were leaked into the hands of Russian hackers (or so it seems). This hack comes on the heels of data breaches at LinkedIn and Zappos. That the passwords were encrypted just means that users better change their passwords and fast because in time the encryption can be broken. A few years ago, I blogged about the 500 million mark of personal data leaked. Hundreds of millions seems like child’s play today.

This raises some important questions about what we mean when we talk about personally identifiable information (PII). Paul Schwartz and my co-blogger Dan Solove have done terrific work helping legislators devise meaningful definitions of PII in a world of reidentification. Paul Ohm is currently working on an important project providing a coherent account of sensitive information in the context of current data protection laws. Is someone’s password and date of birth sensitive information deserving special privacy protection? Beyond the obvious health, credit, and financial information, what other sorts of data do we consider sensitive and why? Answers to these questions are crucial to companies formulating best practices, the FTC as  it continues its robust enforcement of privacy promises and pursuing deceptive practices, and legislators considering private sector privacy regulations of data brokers, as in Senator John Rockefeller’s current efforts.

1

“Brain Spyware”

As if we don’t have enough to worry about, now there’s spyware for your brain.  Or, there could be.  Researchers at Oxford, Geneva, and Berkeley have created a proof of concept for using commercially available brain-computer interfaces to discover private facts about today’s gamers. Read More

4

Fortune’s Bones: Is There Dignity after Death?

In 1995 Gunther von Hagens presented his Body Worlds exhibit, described as a collection of real human bodies that have been “plastinated” to prevent their decay and make them more malleable. Some of these plastinated bodies were cut open to reveal their inner organs and then positioned in lifelike poses. The exhibit toured the world and was wildly popular.

Body Worlds also generated some criticism. Canadian social scientist, Lawrence Burns, argued that “some aspects of the exhibit violated human dignity.” (7(4): 12-23 Amer. J. Bioethics 2007)  Although touted as an educational experience Burns and others worried that the bodies were being used as “resources to make money from the voyeurism of the general public.” A key concern was that the bodies were denied burial and that this was a dignitary affront. Burns conceded, however, that the concept of human dignity as applied to deceased individuals is unclear.

I started to think about whether there is dignity after death and, if so, what are its parameters, when I read a news article from the New Haven Register, about the skeleton of an enslaved man that was being studied by the anthropology faculty and students at Quinnipiac University prior to burial.

The enslaved man who died in the 1798 (slavery was not abolished in Connecticut until 1848), was named Fortune. At the time of his death Fortune was the human chattel of a Waterbury Connecticut physician who upon Fortune’s death boiled his body to remove the flesh keeping his skeleton to study human anatomy. Fortune’s body remained unburied and was on display as late as 1970 at the Mattatuck Museum where until recently it was still housed. Read More