Privacy Zone

Where technology and intellectual property meet privacy

At this point you have probably heard about one of the many incidents where an AI-enabled system discriminated against certain populations in settings ranging from healthcare, law enforcement, and hiring, among others. In response to this problem, the National Institute of Standards and Technology (NIST) recently proposed a strategy for identifying and managing bias in AI, with emphasis on biases that can lead to harmful societal outcomes.  The NIST authors summarize: “[T]here are many reasons…
In Van Buren v. United States, the Supreme Court resolved a circuit split as to whether a provision of the Computer Fraud and Abuse Act (CFAA) applies only to those who obtain information to which their computer access does not extend, or more broadly to also encompass those who misuse access that they otherwise have. By way of background, the CFAA subjects to criminal liability anyone who “intentionally accesses a computer without authorization or…
On April 22, 2021, the Supreme Court issued a unanimous decision finding that the FTC lacks authority to pursue equitable monetary relief in federal court under Section 13(b) of the Federal Trade Commission Act (the “FTCA”). The result means that defendant Scott Tucker does not have to pay $1.27 billion in restitution and disgorgement, notwithstanding that his payday loan business was found to constitute an unfair and deceptive practice.  The result also means that onlookers…
As part of its three-part series on the future of human-computer interaction (HCI), Facebook Reality Labs recently published a blog post describing a wrist-based wearable device that uses electromyography (EMG) to translate electrical motor nerve signals that travel through the wrist to the hand into digital commands that can be used to control the functions of a device.  Initially, the EMG wristband will be used to provide a “click,” which is an equivalent to tapping…
Yesterday, Virginia passed the Virginia Consumer Data Protection Act (VCDPA), making it the second state (behind California, with its California Consumer Protection Act (CCPA) to enact a general consumer privacy law.  The VCDPA will take effect on January 1, 2023, which is also the same day the California Privacy Rights Act (CPRA), an act to strengthen the CCPA, will go into effect. The VCDPA applies to “persons” that conduct business in Virginia (or produce products…
In December 2020, Apple started requiring Apps to display mandatory labels that provide a graphic, easy-to-digest version of their privacy policies.  They are being called “privacy nutrition labels,” presumably a reference to the mandatory FDA-required “Nutrition Facts” labels that have appeared on food since 1990.  Below I offer ten thoughts related to these new labelling requirements. The idea for Apple’s labels may not have been Apple’s.  As reported by wired.com, in the early 2010s,…
While Europe is leveraging hefty fines against violators of the EU General Data Protection Regulation (GDPR) (here is a tracker of recent fines: https://www.enforcementtracker.com/), the United States Supreme Court heard oral arguments last month on whether the FTC – the chief federal agency on privacy policy and enforcement since the 1970s – lacks authority to demand monetary relief. The oral arguments in AMG Capital Management v. FTC focused on the question of whether Section…
A recent article from CNN reported on SpaceX and Amazon sparring over their competing satellite-based internet business. The article reports that at the center of the dispute is “a recent attempt by SpaceX to modify its license for Starlink, a massive constellation of internet satellites, of which SpaceX has already launched more than 900.”  SpaceX reportedly wants to put a few thousand of its satellites in a lower altitude than previously planned or authorized, which…
Website operators can consider a host of potential legal claims against entities that scrape their sites’ content without authorization, such as breach of a well-crafted terms of service agreement, copyright infringement, trespass, conversion, common law misappropriation, unfair competition, violations of the Computer Fraud and Abuse Act, misappropriation of trade secrets, and trademark infringement, among others.  Each type of claim has its limits, and multiple claims may intersect or overlap in significant ways, particularly when it…
On Monday, the Federal Trade Commission (FTC) announced a settlement with Everalbum, Inc., the California-based developer of a photo app called “Ever,” with regard to allegations that the company deceived consumers about the use of its facial recognition technology and its data retention practices. The Ever app allowed users to store and organize photos and videos uploaded from their mobile devices, computers, and social media accounts. In February 2017, the app launched a new “Friends”…