Information Privacy Law
(LAWJ-342-07)
Georgetown University Law Center
Prof. Marc Rotenberg
Spring 2013
DESCRIPTION
This course examines "information privacy," an individual's right to control his or her personal information held by others. The aim of the course is to understand how courts and Congress seek to protect information privacy as new technologies and new institutional practices emerge. The course traces the origins of the right to information privacy in American law through Constitutional law, tort law, and modern statutory law. Case studies of landmark privacy legislation illustrate how expectations of privacy are translated into legal frameworks. The course looks at recent controversies involving domestic surveillance, identification systems, social networking sites, video surveillance, DNA databases, and airport body scanners. The course also considers the impact of the European privacy directive, the growth of the Internet, and the availability of cryptography and other Privacy Enhancing Technologies on the future of privacy law in the United States. See http://www.epic.org/misc/gulc/.
A NOTE ABOUT THE 2013 SEMINAR
Privacy is a fascinating and rapidly changing field. We study published court cases, but we look at current developments in Congress, at the Federal Trade Commission, and around the world. The syllabus for 2013 treats the Casebook and the Sourcebook as the foundation for our work. But we will frequently turn to other sources as the semester progresses. Note also that there are several privacy cases that will be heard by the US Supreme Court this semester, including Maracich v. Spears, 12-24 (Drivers Privacy Protection Act) (Argument Jan. 9) and Maryland v. King (DNA Collection) (Argument Feb. 26). Previously this Term, the Court heard arguments in Clapper v. Amnesty Int'l, 11-1025 (standing to challenge unlawful FISA surveillance), Florida v. Harris, 11-817 ("Whether an alert by a well-trained narcotics detection dog certified to detect illegal contraband is insufficient to establish probable cause for the search of a vehicle?"), and Florida v. Jardines, 11-564 ("Whether a dog sniff at the front door of a suspected grow house by a trained narcotics detection dog is a Fourth Amendment search requiring probable cause?"). Because of the timing and significance of Maryland v. King, we will devote one of our early classes to a careful review of that case. Also, in lieu of one class, you should attend a privacy-related Congressional hearing, Supreme Court argument, or conference event. More details below.
LOGISTICS
Information Privacy Law meets WEDNESDAY evenings, 5:45 to 7:45 in Hotung2000. Information Privacy Law is a two-credit seminar. The exam is scheduled for May 9, 2013. There is a paper option. I am happy to discuss topics and to review drafts. To contact me, send email to rotenberg@epic.org or call 202-483-1140x106. NOTE: You will need to notify the Registrar by March 16, 2013 if you intend to write a paper. Please send a note to lawreg@law.georgetown.edu and cc me at rotenberg@epic.org
A NOTE ABOUT FACEBOOK (revised, revised)
There is a Facebook group for this class - "GULC Information Privacy Law 2013." General privacy news stories are posted to the group. It is not necessary to subscribe.
UPDATES (Mar. 13, 2013)
There will be class on Wednesday, March 20. The practicum assignment is in place of the class that did not take place on January 23. For that class, attend one of the following events and prepare a five-page paper that summarizes the issue before Congress or the court and what you expect the outcome to be. (Okay to watch on C-Span or listen to the cybercast)NEWS ITEMS (as of Mar. 27, 2013)
READING
The main text for this class is Anita L. Allen, Privacy Law and Society, Second Edition.
WHAT'S IMPORTANT
Here are ten concepts you should understand after taking this class:A NOTE ON READING ASSIGNMENTS - This is the current syllabus as of January 17, 2012. We may adjust the readings somewhat based on the availability of speakers and current developments. All pages refer to the casebook Privacy Law and Society unless otherwise indicated.
Week 1 (Jan 16) Introduction to Privacy LawWeek 2 (Jan 30) Common Law: The Privacy Torts
AdministrationReading
- Syllabus
- Exam/paper
- Attendance
- Guest speakers, Washington, DC
- Recent developments, Supreme Court cases
- An Introduction to Privacy Law [Casebook at 1-11]
- Brandeis and Warren, "The Right to Privacy" (1890) [Casebook at 21-25]
- Background [Casebook at 28-32]
- Roberson v. Rochester Folding Box (NY 1903) [Casebook at 34-35]
- Pavesich v. New England Life (Ga. 1905), [Casebook at 35-38]
- Prosser, ALI [Casebook 40-41]
- Facebook TOS
ReadingWeek 3 (Feb 6) Privacy, the First Amendment, Anonymity and Sensitive Data
- Intrusion [Casebook 43-47, 62-63, 89-92]
- Private Facts [Casebook 103,111-12,121-23]
- False Light [Casebook 129,138-39]
- Appropriation / Publicity [Casebook 148-55, 159, 165-66]
- Confidentiality [Casebook 197-98, 225-28]
- Instagram TOS
ReadingWeek 4 (Feb 13) Privacy and the Fourth Amendment
- Anonymous Speech [Casebook 280-81]
- Freedom of Ideas [Casebook 290-95]
- NAACP v. Alabama (US 1958) [Casebook at 260-63]
- Hiibel v. Sixth Judicial District (US 2005)
[Casebook, 397-400, 436-37]- Ostergren v. Cuccinelli (4th Cir. 2010) [Casebook 227-278]
- Sorrell v. IMS Health (US 2011) [Casebook 278-80]
ReadingNo classes (Feb 20) Faculty retreat Week 5 (Feb 27) Supreme Court: Maryland v. King, No. 12-207 (DNA collection)
- Olmstead v. US (US 1928) [Casebook 323-24]
- Katz v. US (US 1967) [Casebook at 325-28]
- Kyllo v. US. (US 2001) [Casebook at 338-40]
- US v. Jones (US 2012)
ReadingNo class (Mar 6) Spring break Week 6 (Mar 13) Wiretap Law
- Maryland v. King, 42 A.3d 549 (Md. 2012)
- Petitioner's brief
- Respondent's brief
- Oral argument (added Mar. 13, 2013)
- Supreme Court web site
- Oyez web site
- EPIC web site
- Scotusblog
ReadingWeek 7 (Mar 20) Privacy by Statute I: Government Databases
- Communications Act of 1934, Section 605 [968-71]
- "Title III" of 1968 [988-89, 996-1000]
- Foreign Intelligence Surveillance Act of 1978 (FISA) [Skim 1123-37]
- Electronic Communications Privacy Act of 1986 (ECPA) [1027-37]
- Communications Assistance for Law Enforcement Act of 1994 (CALEA) [1040-42]
- NSLs, Video Surveillance, Crypto [1037-77, 1093-1101, 1139-45]
- Clapper v. Amnesty Int'l, No. 11-1025 (U.S. Feb. 26, 2013) (not assigned)
ReadingWeek 8 (Mar 27) Privacy by Statute II: Private Sector Databases
- Federal Privacy Statutes Intro [Casebook 645-49]
- Rotenberg, "What Larry Doesn't Get" [Casebook 841-46]
- The Privacy Act of 1974, SSN [Casebook 649-58,664]
- "Consumer Privacy Bill of Rights" (White House 2012)
- FOIA [Casebook 670-71]
ReadingWeek 9 (Apr 3) The Role of the Federal Trade Commission
- U.S. v. Miller (US 1976) [Casebook 777-79]
- Burrows v. Superior Court (Cal. 1974) [Casebook 412-14]
- Video Privacy Act (18 USC §2710) [Casebook 826-36]
- Cable Privacy Subscriber provisions (47 U.S.C. §551) [Casebook 901-03]
- Privacy law as dialogue [Casebook 885-88]
- Florida v. Jardines, No. 11-564 (U.S. Mar. 26, 2013) (addition to Week 4)
ReadingWeek 10 (Apr 10) Int'l Privacy Law I: Classic Frameworks
- Overview of FTC Investigative and Law Enforcement Authority
- EPIC, "In re Google Buzz," (Feb. 16, 2010) (Complaint)
- FTC, David Vladeck, "Letter to EPIC," (Feb. 26, 2010)
- FTC, "FTC Charges Deceptive Privacy Practices in Google's Rollout of Its Buzz Social Network," (Mar. 30, 2011)
- FTC, "In the Matter of Google, No. 102-3136" (Docket)
- FTC, "In the Matter of Google, No. 102-3136" (Complaint)
- FTC, "In the Matter of Google, No. 102-3136" (Order)
- FTC, "In the Matter of Google, No. 102-3136" (Federal Register Notice)
- FTC, "FTC Gives Final Approval to Settlement with Google over Buzz Rollout" (Oct. 24, 2012)
- Google Public Policy Blog: January 2012
- EPIC, "EPIC v. FTC (Enforcement of the Google Consent Order)," (Background)
- EPIC v. FTC, No. 12-0206 (ABJ) (D.D.C. Feb. 24, 2012).
ReadingWeek 11 (Apr 17) Int'l Privacy Law II: Emerging Law and Institutions / Technology and Privacy
- Overview [Casebook at 909-22, 927, 936, 949]
- Rotenberg & Jacobs, "Updating the Law of Information Privacy: The New Framework of the European Union," Harvard Journal of Law and Public Policy (Spring 2013)
- OECD Privacy Guidelines
- Council of Europe Convention
- EU Data Directive
TopicsSpecial Guest: Jeff Jonas, IBM Fellow; Chief Scientist, IBM Entity Analytics
- Article 29 Working Party
- Lisbon Treaty and Charter of Fundamental Rights
- Role of the Data Protection Agency
- Madrid Declaration
- General Data Protection Regulation
ReferencesWeek 12 (Apr 24) Event Data Recorders and Privacy
- Jeff Jonas, Enterprise Amnesia versus Enterprise Intelligence
- Cynthia Dwork, "Privacy by the Numbers: A New Approach to Safeguarding Data," Scientific American (Dec. 2012)
- David Chaum, "Achieving Electronic Privacy," Scientific American (August 1992)
- Agre and Rotenberg, "Technology and Privacy: The New Landscape" (MIT Press 1998)
Reading
- National Highway Traffic Safety Administration, "General Overview of Event Data Recorders
- Business Insider, "Massachusetts' Lieutenant Governor Was Going Over 100 MPH and May Have Been Sleeping Before Crash" (Jan. 3, 2012)
- National Conference of State Legislatures, "Privacy of Data from Event Data Recorders: State Statutes"
- EPIC, Privacy Coalition Public Comments Submitted to the National Highway Traffic Safety Administration regarding Event Data Recorders (Feb. 11, 2013)
- People v. Diaz, ___ Cal. App. Ct. ___ (Feb. 6, 2013) (CA appellate court permits warrantless access to event data recorder information)
- S.1813 ("MAP-21") (attached) (passed the Senate in the 112th Congress) (large file. Bill is at 1067-72).
Special Guest: Khaliah Barnes, Administrative Law Counsel, EPIC