iSpy Someone Getting an Abortion: The Use of Personal Data in the Post-Dobbs Era
Rebecca Horton In the wake of the Supreme Court’s June 2022 ruling in Dobbs v. Jackson Women’s Health Organization, personal data has become a means of investigating and prosecuting individuals who seek or provide abortion services. With little federal oversight into the collection and disclosure of users’ personal data, third parties have significant latitude to sell or profit from sensitive information. The recent use of location and personal data implicates the privacy of millions of individuals and raises significant questions around health care and technology laws in states where abortion is now illegal. In the absence of sweeping federal regulations around...
For My Eyes Only: How to Protect Digital Diaries of Reproductive Data in a World Without Roe
Carolyn Zaccaro In 2022, the Supreme Court overturned Roe v. Wade with its decision in Dobbs v. Jackson Women’s Health Organization, leaving many individuals anxious about the future of their privacy rights. With millions of people using period-tracking apps, there is a massive amount of sensitive data at stake, including data that criminal prosecutors could use to criminalize people for seeking or having an abortion. Some people are better protected because of their home state’s data privacy legislation, but most Americans are left with no data privacy law protecting their sensitive data. In an era of sophisticated tracking technology, the absence of comprehensive...
BLOG POST: DR. AMAZON: SHINING A LIGHT ON HIPAA INADEQUACIES THROUGH AMAZON’S EXPANSION INTO THE HEALTHCARE INDUSTRY*
*This writing is a blog post. It is not a published IPTF Journal Article. Alexa Dawid Technology giants are spending billions to enter the healthcare space.[1] Offerings like Apple’s health monitoring functions on the iPhone, Microsoft’s cloud computing services for healthcare companies, and Meta’s fitness applications through its virtual reality goggles have transformed traditional notions of doctor’s offices and paper records into convenient digital systems.[2] Amazon has been one of the most ambitious within the space, debuting six HIPAA-compliant skills for Alexa in April 2019.[3] These skills mark the first time Alexa has surpassed HIPAA requirements in utilizing HIPAA-compliant...
The CCPA: A Bargain for Data Transparency
Sonia Brunstad The California Consumer Privacy Act (CCPA), amended by the California Privacy Rights Act (CPRA), aims to increase consumer transparency regarding businesses’ use of personal data. Within the bargained-for-exchange relationship between companies and consumers, consumers benefit from data-collecting platforms while unknowingly paying the “price” of sharing personal data. The CCPA assumes that equipping consumers with increased transparency regarding such data-for-service transactions will place consumers in a better bargaining position. In so doing, the CCPA adopts an individualist framework, providing consumers with primarily self-management mechanisms to protect personal data. This essay argues that legislation such as the CCPA may more...
Antitrust Implications of the Banning Surveillance Advertising Act
Alisha Parker-Martell The Banning Surveillance Advertising Act, proposed in the 117th Congress of the House of Representatives by Congresswoman Eshoo, would improve consumer data protection but would also have negative consequences on market competition in sectors that utilize user data. This Act is indicative of a growing conflict between antitrust policy and consumer data privacy. This essay argues that future federal consumer data privacy legislation should attempt to balance the competing interests of market health and consumer privacy rights by prohibiting exploitative uses of consumer data and mandating consumer data sharing and a period of exclusive use of collected data....
Health-Tech Apps: Unclear Regulations and Their Effects on Progress
Emily Dieli The increased emphasis on creating a more streamlined healthcare system in the United States has led to a rise in digital health-tech apps and devices. To protect the privacy of personal health data on these technologies, policymakers have turned towards regulation. The Federal Trade Commission’s (FTC) recent statement on the Health Breach Notification (HBN) Rule has extended the scope of the 2009 regulation to include previously unregulated health-tech entities. Nevertheless, the statement is vague and will have a negative impact on health-tech innovation. Policymakers should consider the implications of their regulations on health-tech progress before making such hasty...
Through the Spying-Glass: Data Privacy Concerns Regarding Mobile Spyware Apps
Payton P. Reisinger Spyware app surveillance technologies are rising in popularity for both legitimate monitoring and also to illegally spy on unsuspecting victims. In 2021, the Federal Trade Commission (FTC) issued its first ban of a spyware app, SpyFone, due to deceptive and unfair trade practices and lack of data security provisions. Some call for specific legislation to curb the effects of growing spyware apps, but opponents of regulation claim that legislative efforts will be too restrictive on growing technological industries or the legitimate uses of spyware apps. This Essay agrees with the policy rationale for implementing spyware legislation and...
Mind over Data: A Case for Increased Privacy Protections in Mobile Mental Health Apps
Marian Lemont As mobile mental health apps gain popularity as an emotional support alternative, privacy concerns regarding how consumers’ sensitive health data is handled are at an all-time high. Current federal privacy provisions provide insufficient consumer protection and thus render consumers’ sensitive information vulnerable to unwanted third-party sharing practices. The recently passed California Privacy Rights Act of 2020 (CPRA) includes new provisions governing businesses’ handling and deletion of sensitive user data. This article discusses how these new CPRA provisions provide a helpful framework to begin addressing this regulatory gap and identifies ways future privacy legislation can continue to strengthen mobile...
The Intersection of Product Liability Law and the Internet of Things
Lucas M. Amodio Every year, an increasing number of Internet of Things devices are released. These devices can make our lives easier, but they also make our data, and potentially ourselves, more vulnerable to hackers. The question is no longer theoretical, as many of these devices can have a real impact on the world around them, like a networked sprinkler system that, if hacked, could flood a target’s basement. Going forward, we can look to the current law of product liability and the Federal Trade Commission to protect individuals from harm and loss when these devices might be compromised. Read...
A Vendetta Against Alexa: Privacy Concerns in the Age of the Smart Home
Katherine Minorini A person’s right to privacy is so fundamental that it was written into the United States Constitution under the Fourth Amendment. This right, although protected, is not absolute, especially in circumstances involving voluntary disclosure of information to third parties. Issues arise when the third-party exception to the Fourth Amendment is coupled with the novel capabilities and innovations of the Internet of Things, especially with the smart home. This Essay argues that courts need to adapt their interpretation and application of the third-party doctrine so that information disclosed to and recorded by smart home manufacturers and servers respects Fourth...