Information Privacy Law
(LAWJ-342-07)
Georgetown University Law Center

Prof. Marc Rotenberg
Spring 2012

DESCRIPTION

This course examines "information privacy," an individual's right to control his or her personal information held by others. The aim of the course is to understand how courts and Congress seek to protect information privacy as new technologies and new institutional practices emerge. The course traces the origins of the right to information privacy in American law through Constitutional law, tort law, and modern statutory law. Case studies of landmark privacy legislation illustrate how expectations of privacy are translated into legal frameworks. The course looks at recent controversies involving domestic surveillance, identification systems, social networking sites, video surveillance, DNA databases, and airport body scanners. The course also considers the impact of the European privacy directive, the growth of the Internet, and the availability of cryptography and other Privacy Enhancing Technologies on the future of privacy law in the United States. See http://www.epic.org/misc/gulc/.

A NOTE ABOUT THE 2012 SEMINAR

Privacy is a fascinating and rapidly changing field. We study published court cases, but we look at current developments in Congress, at the Federal Trade Commission, and around the world. The syllabus for 2012 treats the Casebook and the Sourcebook as the foundation for our work. But we will frequently turn to other sources as the semester progresses.

LOGISTICS

Information Privacy Law meets Tuesday evenings, 5:45 to 7:45 in Hotung 1000. Information Privacy Law is a two-credit seminar. The exam is scheduled for May 3, 2012. There is a paper option. I am happy to discuss topics and to review drafts. To contact me, send email to rotenberg@epic.org or call 202-483-1140x106.

A NOTE ABOUT FACEBOOK

I would like everyone in "Information Privacy Law 2012" to join the Facebook Group of the same name. (You do not need to friend me.) Assignments and updates will be posted to the Facebook account. Please be sure to read the Facebook privacy policy.

READING

There are two main texts for this class: Anita L. Allen, Privacy Law and Society, Second Edition and Marc Rotenberg, Privacy Law Sourcebook 2012: United States Law, International Law and Recent Developments. The casebook is available now in the bookstore. PLS will be distributed in class.

Week 8 (March 20) Assignment

Please note that there is no class on March 20. In place of class, I would like you to attend a Congressional hearing or an appellate argument and to prepare a brief paper. The paper is due in class on April 3. More details below.

WHAT'S IMPORTANT

• Privacy law - the major decisions, statutes, and international frameworks
• The role of Fair Information Practices in shaping modern privacy law
• The "reasonable expectation of privacy" test and its various applications
• How privacy concerns are translated into legal claims
• The significance of the Brandeis dissent in Olmstead
• The various institutional actors in the development of privacy law - judges, regulators, lawyers, legislators, advocates, technologists
• The basic elements of a privacy statute
• How to assess the privacy implications of new business practices and new government practices
• Technology as both a threat and an aid to modern privacy protection
• The many dimensions of privacy (physical privacy versus informational privacy) and the paradoxes of privacy (privacy and transparency, privacy and the First Amendment)

A NOTE ON READING ASSIGNMENTS - This is the current syllabus as of January 17, 2012. We may adjust the readings somewhat based on the availability of speakers and current developments. All pages refer to the casebook Privacy Law and Society unless otherwise indicated.

Week 1 (Jan 17) Introduction to Privacy Law

Administration

• Syllabus
• Exam/paper
• Attendance
• Facebook
• Guest speakers, Washington, DC
• Recent developments, Supreme Court cases

Reading

• An Introduction to Privacy Law [Casebook at 1-11]
• Brandeis and Warren, "The Right to Privacy" (1890) [Casebook at 21-25]
• Background [Casebook at 28-32]
• Roberson v. Rochester Folding Box (NY 1903) [Casebook at 34-35]
• Pavesich v. New England Life (Ga. 1905), [Casebook at 35-38]
• Prosser, ALI [Casebook 40-41]

Reading

• Intrusion [Casebook 43-47, 62-63, 89-92]
• Private Facts [Casebook 103,111-12,121-23]
• False Light [Casebook 129,138-39]
• Appropriation / Publicity [Casebook 148-55, 159, 165-66]
• Confidentiality [Casebook 197-98, 225-28]

Reading

• Anonymous Speech [Casebook 280-81]
• Freedom of Ideas [Casebook 290-95]
• NAACP v. Alabama (US 1958) [Casebook at 260-63]
• Hiibel v. Sixth Judicial District (US 2005)
[Casebook, 397-400, 436-37]
• Ostergren v. Cuccinelli (4th Cir. 2010) [Casebook 227-278]
• Sorrell v. IMS Health (US 2011) [Casebook 278-80]

Reading

• Olmstead v. US (US 1928) [Casebook 323-24]
• Katz v. US (US 1967) [Casebook at 325-28]
• Kyllo v. US. (US 2001) [Casebook at 338-40]
• Garcia [Casebook at 1159-62]
• Airport searches [Casebook at 400-11]
• EPIC v. DHS, No. 10-1157 (D.C. Cir.)

Reading

• Communications Act of 1934, Section 605
• "Title III" of 1967
• Foreign Intelligence Surveillance Act of 1978 (FISA)
• Electronic Communications Privacy Act of 1986 (ECPA)
• Communications Assistance for Law Enforcement Act of 1994 (CALEA)
• PATRIOT Act of 2001
• NSLs and Other Issues

Reading

• Federal Privacy Statutes Intro [Casebook 645-49]
• Rotenberg, "What Larry Doesn't Get" [Casebook 841-46]
• The Privacy Act of 1974 [Casebook 649-58]
• The SSN [Casebook 664]
• FOIA [Casebook 670-71, 679-83] (Note that the Supreme Court has granted cert. in Milner v. Navy)
• Privacy Impact Assessments

Reading

• U.S. v. Miller (US 1976) [Casebook 777-79]
• Burrows v. Superior Court (Cal. 1974) [Casebook 412-14]
• Video Privacy Act (18 USC §2710) [Casebook 826-36]
• Cable Privacy Subscriber provisions (47 U.S.C. §551) [Casebook 901-03]
• Privacy law as dialogue [Casebook 885-88]

Assignment

For this class, attend one of the following events and prepare a five-page paper that summarizes the issue before Congress or the court and what you expect the outcome to be. (Okay to watch on C-Span or listen to the cybercast)

• Congressional hearing, Video Privacy Protection Act, Senate Judiciary Committee, January 31, 2012
• Appellate argument, EPIC v. NSA, DC Circuit of Appeals, March 20, 2012
• Appellate argument, Florida v. Jardines, No. 11-564, US Supreme Court, (to be scheduled)

Reading

• Section 5 of the FTC Act
• The Facebook Settlement (materials on the FTC's web site)
• Recent developments

Reading

• Illinois v. Caballes, 543 U.S. 405 (2005)
• Florida Supreme Court opinion
• Appellants brief
• Appellee's brief
• Supreme Court web site
• Oyez web site
• Scotusblog

Reading

• Overview [Casebook at 909-22, 927, 936, 949]
• OECD Privacy Guidelines [Sourcebook]
• Council of Europe Convention [Sourcebook]
• EU Data Directive [Sourcebook]

Reading

• Article 29 Working Party [Sourcebook]
• Lisbon Treaty and Charter of Fundamental Rights [Sourcebook]
• Role of the Data Protection Agency [Sourcebook]
• Madrid Declaration [Sourcebook]

Reading

• Alessandro Acquisti, Facial Recogntion Study
• Simson Garfinkel and Beth Rosenberg, "Face Recognition: Clever or Just Plain Creepy?" Technology Review (Sept. 27, 2009).
• FTC Rulemaking on Facial Recognition