the ftc and the new common law of privacy...the ftc and the new common law of privacy daniel j....

Report

Post on 26-Apr-2020

3 Views

Category:

Documents

0 Downloads

Preview:

Click to see full reader

TRANSCRIPT

THE FTC AND THE NEW COMMON LAW OF PRIVACY

DANIEL J. SOLOVE John Marshall Harlan Research Professor of Law George Washington University Law School Founder TeachPrivacy Senior Policy Advisor Hogan Lovells

WOODROW HARTZOG Assistant Professor Samford University’s Cumberland School of Law

THE FTC AS DE FACTO PRIVACY REGULATOR

• Single-most influential privacy regulator

• Hardly any case law

• Scarcely covered in the literature

• Strange overlap with contract law

• Jurisprudence perceived as thin

QUESTIONS TO BE ANSWERED

• Why not contract law?

• Why no judicial decisions?

• Why is the FTC so influential?

• How should FTC privacy jurisprudence evolve?

METHOD

• Analyzed all 150+ privacy-related FTC complaints

• Conducted in-depth interviews

ARGUMENTS

The view of the FTC as merely an enforcer of privacy promises is misguided.

ARGUMENTS

The FTC’s privacy jurisprudence is the functional equivalent to a body of common law.

ARGUMENTS

The FTC could develop a robust privacy regulatory regime.

THE FTC AT A GLANCE • Limited jurisdiction

– Deceptive trade practices – Unfair trade practices – Statutory enforcement and Safe

Harbor compliance

• Limited rulemaking authority

• Limited remedies

THE STORY OF THE FTC’S ASCENDANCE

• Privacy policies in the late 1990s

• Contracts?

• Deception

• Self-regulation gives way to enforcement with teeth

FTC SETTLEMENTS AS DE FACTO COMMON LAW

• Anatomy of an FTC action

• The influence of complaints and settlements on companies

• FTC reports and other materials

FTC JURISPRUDENCE: DECEPTION

• Broken promises of privacy

• General deception

• Insufficient notice

• Data security

FTC JURISPRUDENCE: UNFAIRNESS

• Retroactive changes

• Deceitful data collection

• Improper use of data

• Unfair design or unfair default settings

• Unfair data security practices

DEVELOPMENTAL PATTERNS

• General to specific standards

– Data security

• Qualitative judgments

• Baseline standards

• Indirect liability

TOWARD A MORE COMPLETE PRIVACY REGIME

Broken Expectations

TOWARD A MORE COMPLETE PRIVACY REGIME

Beyond the Four Corners of Boilerplate

TOWARD A MORE COMPLETE PRIVACY REGIME

Substantive Rules

@DanielSolove

@Hartzog

top related

ftc privacy roundtable background and summary
News & Politics
privacy law and compliance
Documents
rfid: customer contracts, privacy, and the law...rfid...
Documents
iapp privacy academy€¦ · ftc regulatory framework •...
Documents
privacy law fundamentals
Documents
ma privacy law
Technology
catalyzing privacy law
Documents
programmed privacy promises: p3p and web privacy law
Documents
informational privacy, privacy law, consent, and norms
Documents
privacy by design in law, policy and practicefederal trade...
Documents
2/18/11 letter to ftc from 15 states re: data privacy...
Documents
the ftc and the new common law of privacy ftc and the new...
Documents
online privacy law
Documents
marcela c. mateo southeast region. ftc resources blogs – ...
Documents
us privacy law
Documents
ftc spring privacy series: consumer generated and controlled...
Government & Nonprofit
1 class 2 information privacy law introduction pt. 2;...
Documents
ftc mobile privacy report
Documents
hipaa privacy law update
Documents
ftc, u.s. state, and international travel/timeshare resale...
Documents