CONSUMER PRIVACY AND DATA PROTECTION



Similar documents
Consumer Reporting Agencies and Federal Law

Disputing Errors on Credit Reports

Important Customer Notice. Information Concerning Data Security Incident at Some Staples Stores

STATE UNIVERSITY OF NEW YORK COLLEGE OF TECHNOLOGY CANTON, NEW YORK COURSE OUTLINE LEST 320 NEGLIGENCE AND INTENTIONAL TORTS

How to Dispute Credit Report Errors Y

HOME DEPOT DATA BREACH

How to Dispute Credit Report Errors

Credit Reports and How to Dispute Credit Report Errors

The E.U.-US Privacy Collision: A Turn to Institutions and Procedures

KCSO IDENTITY THEFT KIT

This notice contains important information about the data breaches announced by Home Depot, Kmart and Dairy Queen.

CLOUD SECURITY LAW MICHAEL KEELING, PE, ESQ. KEELING LAW OFFICES, PC PHOENIX AND CORONADO

GOVERNANCE IN "CYBERSPACE' Access and Public Interest in Global Communications

DOCUMENTATION FILE RESTORE

Letter from the CEO. January 25, To Our Valued Michaels Customers:

Privacy Law Basics and Best Practices

CLASS ACTION DATA BREACH LITIGATION: IS THE TIDE TURNING IN PLANTIFFS FAVOR?

CENTARA DATA LLC WEBSITE USER AGREEMENT TERMS AND CONDITIONS OF USE

How To Prevent Identity Theft

Cybercrime in Canadian Criminal Law

CSR Breach Reporting Service Frequently Asked Questions

As a precaution, we have arranged with AllClear ID to provide identity protection services to affected clients at no cost for a period of one year.

PRINCIPLES AND PRACTICE OF INFORMATION SECURITY

The need for companies to have a predetermined plan in place in the

SPOKANE Police Department Identity Theft Victim Packet

Fair and Accurate Credit Transactions Act of 2003

Responding to New Identity Theft Laws

E-DISCOVERY IN CANADA

NCUA LETTER TO CREDIT UNIONS

SECURITY FREEZE INFORMATION Any consumer in Wisconsin may place a security freeze on his or her credit report by requesting it in writing.

Free Credit Reports CREDIT

How The FTC Identifies, Targets & Tracks Companies Learn How to Keep Off Their List

Reclaiming your identity

Most frequently asked questions and the answers about free credit reports:

CCH Personal Tax 2012 v 1

The Home Depot Provides Update on Breach Investigation

May 11, Re: Notice of a Data Breach. Dear

Identity Theft Victim Checklist

Shimmush Tehillim, Tehillim, Psalms and Their Kabbalistic Use

ACCEPTABLE USE POLICY OF BROADVOX, INC; BROADVOX, LLC; (COLLECTIVELY BROADVOX )

PROTECTING YOURSELF FROM IDENTITY THEFT. The Office of the Attorney General of Maryland Identity Theft Unit

We are writing to you because of a recent security incident which may have resulted in unauthorized access of your personal information.

The Digital Marketing Ecosystem: Trends, Risks and Obligations

The Internet of Things. Suzanne Bell (Wilson Sonsini Goodrich & Rosati) Tracy Shapiro (Wilson Sonsini Goodrich & Rosati) Vineet Shahani (Nest Labs)

State of Illinois Department of Central Management Services ACTION PLAN FOR NOTIFICATION OF A SECURITY BREACH

COMPARISON OF LIMITED LIABILITY COMPANY LAWS OF TEXAS AND DELAWARE

Big Data & The Law Will Landecker & John Rake

Data Security Breach Notice Letter

Identity Theft Repair Kit

West Virginia Legal Research

HP Laptop & Apple ipads

FRAUD PACKET. Instructions and Useful Information. Mesa Police Department Attention Financial Crimes PO Box 1466 Mesa, AZ

Lake County Sheriff s Office Identity Theft/Fraud Packet

MARKETING FINANCIAL SERVICES

PRETRIAL LITIGATION IN A NUTSHELL. R. LAWRENCE DESSEM Professor of Law University of Tennessee ST. PAUL, MINN. WEST PUBLISHING CO.

RULES AND GUIDELINES. OFFICIAL Win A Dream Vacation SWEEPSTAKES RULES

Contents. Part I The issues in perspective 1. Part II The tort system in theory Introduction: surveying the field 3

July 17, Office of the Attorney General Attn: Security Breach Notification 200 St. Paul Place Baltimore, MD 21202

PRIVACY + SECURITY TRAINING PROGRAM CATALOG

CONSULTING AGREEMENT between THE BOARD OF REGENTS OF THE UNIVERSITY SYSTEM OF GEORGIA BY AND ON BEHALF OF THE UNIVERSITY OF GEORGIA and

What follows are various form letters that can be adapted to your

Preventing Identity Theft National City Bank. How to protect your identity

U.S. Information Privacy Law

Notice of Privacy Practices

SUMMARY: The Office of the Secretary of Defense proposes to. alter a system of records notice DPFPA 02, entitled Pentagon

In the first week of November, E-conolight was made aware by its website hosting company of a malware attack

Credit Reporting and Repair for Domestic Violence Survivors

Joint Plumbing Industry Board Plumbers Local Union No.1 Trust Funds

What will a new creditor who requests my file see if it is frozen? A creditor will see a message or a code indicating the file is frozen.

Background of the Incident

Transcription:

ASPEN CASEBOOK SERIES CONSUMER PRIVACY AND DATA PROTECTION First Edition Daniel J. Solove John Marshall Harlan Research Professor of Law George Washington University Law School Paul M. Schwartz Jefferson E. Peyser Professor of Law U.C. Berkeley Law School

Copyright 2015 CCH Incorporated. Published by Wolters Kluwer in New York. Wolters Kluwer serves customers worldwide with CCH, Aspen Publishers, and Kluwer Law International products. (www.wolterskluwerlb.com) No part of this publication may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopy, recording, or utilized by any information storage or retrieval system, without written permission from the publisher. For information about permissions or to request permissions online, visit us at www.wolterskluwerlb.com, or a written request may be faxed to our permissions department at 212-771-0803. To contact Customer Care, e-mail customer.service@wolterskluwer.com, call 1-800-234-1660, fax 1-800-901-9075, or mail correspondence to: Wolters Kluwer Attn: Order Department PO Box 990 Frederick, MD 21705 Printed in the United States of America. 1 2 3 4 5 6 7 8 9 0 ISBN 978-1-4548-6154-6

SUMMARY OF CONTENTS Contents Preface Acknowledgments xi xv xvii 1 INTRODUCTION 1 A. Information Privacy, Technology, and the Law 1 B. Information Privacy Law: Origins and Types 3 2 PERSPECTIVES ON PRIVACY 23 A. The Philosophical Discourse about Privacy 23 B. The Definition and the Value of Privacy 25 C. Critics of Privacy 45 3 FINANCIAL DATA 53 A. The Fair Credit Reporting Act 53 B. The Gramm-Leach-Bliley Act 88 C. Federal and State Financial Privacy Laws 91 4 CONSUMER DATA 101 A. The U.S. System of Consumer Data Privacy Regulation 103 B. Tort Law 133 C. Contract Law 142 D. Property Law 159 E. FTC Section 5 Enforcement 162 F. Statutory Regulation 191 G. First Amendment Limitations on Privacy Regulation 235 5 DATA SECURITY 261 A. Introduction 261 B. Data Security Breach Notification Statutes 264 C. Civil Liability and Standing 269 D. FTC Regulation 288 Index 303 ix# # #

CONTENTS Preface Acknowledgments xv xvii 1 INTRODUCTION 1 A. INFORMATION PRIVACY, TECHNOLOGY, AND THE LAW 1 B. INFORMATION PRIVACY LAW: ORIGINS AND TYPES 3 1. Common Law 3 (a) The Warren and Brandeis Article 3 (b) The Recognition of Warren and Brandeis s Privacy Torts 6 William Prosser, Privacy 8 Lake v. Wal-Mart Stores, Inc. 10 (c) Privacy Protection in Tort Law 13 (d) Privacy Protection in Evidence Law 13 (e) Privacy Protection via Property Rights 14 (f) Privacy Protection in Contract Law 15 (g) Privacy Protection in Criminal Law 15 2. Constitutional Law 15 3. Statutory Law 16 4. International Law 20 2 PERSPECTIVES ON PRIVACY 23 A. THE PHILOSOPHICAL DISCOURSE ABOUT PRIVACY 23 1. The Concept of Privacy and the Right to Privacy 23 2. The Public and Private Spheres 24 B. THE DEFINITION AND THE VALUE OF PRIVACY 25 Alan Westin, Privacy and Freedom 26 xi# #

xii# CONTENTS' Julie E. Cohen, Examined Lives: Informational Privacy and the Subject as Object 31 Daniel J. Solove, Conceptualizing Privacy 34 Anita L. Allen, Coercing Privacy 38 Paul M. Schwartz, Privacy and Democracy in Cyberspace 40 Spiros Simitis, Reviewing Privacy in an Information Society 42 C. CRITICS OF PRIVACY 45 Richard A. Posner, The Right of Privacy 45 Fred H. Cate, Principles of Internet Privacy 50 3 FINANCIAL DATA 53 A. THE FAIR CREDIT REPORTING ACT 53 1. FCRA s Scope and Structure 55 United States v. Spokeo, Inc. 56 2. Permissible Uses of Consumer Reports 60 Smith v. Bob Smith Chevrolet, Inc. 63 3. Consumer Rights and Agency Responsibilities 69 4. Civil Liability and Qualified Immunity 70 Sarver v. Experian Information Solutions 72 5. Identity Theft and Consumer Reporting 78 Sloan v. Equifax Information Services, LLC 80 B. THE GRAMM-LEACH-BLIELY ACT 88 C. FEDERAL AND STATE FINANCIAL PRIVACY LAWS 91 1. State Financial Laws 91 2. Laws Regulating Government Access to Financial Data 92 3. Identity Theft Statutes 93 4. Tort Law 95 Wolfe v. MBNA America Bank 95 4 CONSUMER DATA 101 A. THE U.S. SYSTEM OF CONSUMER DATA PRIVACY REGULATION 103 1. Structure 104 2. Types of Law 106 3. Personally Identifiable Information (PII) 111 Pineda v. Williams-Sonoma Stores 113 Apple v. Krescent 115 4. Injury and Standing 124

CONTENTS'' xiii# In re Google, Inc. Privacy Policy Litigation 126 B. TORT LAW 133 Dwyer v. American Express Co. 133 Remsberg v. Docusearch, Inc. 139 C. CONTRACT LAW 142 1. Privacy Policies 142 Jeff Sovern, Opting In, Opting Out, or No Options at All 142 Michael E. Staten & Fred H. Cate, The Impact of Opt-In Privacy Rules on Retail Markets 145 2. Contract and Promissory Estoppel 149 In re Northwest Airlines Privacy Litigation 150 D. PROPERTY LAW 159 E. FTC SECTION 5 ENFORCEMENT 162 In the Matter of Snapchat, Inc. 164 FTC v. Toysmart.com 172 In the Matter of Facebook. Inc. 178 In the Matter of Sears Holdings Management Corp. 185 F. STATUTORY REGULATION 191 1. Entertainment Records 192 (a) The Video Privacy Protection Act 192 Daniel v. Cantell 194 In re Hulu Privacy Litigation 194 In re Hulu Privacy Litigation 194 (b) The Cable Communications Policy Act 203 2. Internet Use and Electronic Communications 204 (a) The Children s Online Privacy Protection Act 204 United States v. Path, Inc. 206 (b) The Electronic Communications Privacy Act 210 In re Google, Inc. Gmail Litigation 211 Dyer v. Northwest Airlines Corp. 219 (c) The Computer Fraud and Abuse Act 221 Creative Computing v. Getloaded.com LLC 222 United States v. Drew 225 3. Marketing 229 (a) The Telephone Consumer Protection Act 229 (b) The CAN-SPAM Act 231 G. FIRST AMENDMENT LIMITATIONS ON PRIVACY REGULATION 235 Rowan v. United States Post Office Department 236

xiv# CONTENTS' Mainstream Marketing Services, Inc. v. Federal Trade Commission 237 U.S. West, Inc. v. Federal Communications Commission 240 Trans Union Corp. v. Federal Trade Commission 248 Sorrell v. IMS Health, Inc. 252 5 DATA SECURITY 261 A. INTRODUCTION 261 B. DATA SECURITY BREACH NOTIFICATION STATUTES 264 C. CIVIL LIABILITY AND STANDING 269 Pisciotta v. Old National Bancorp 269 Reilly v. Ceridian 273 Resnick v. AvMed 275 D. FTC REGULATION 288 FTC v. Wyndham Worldwide Corporation 290 In the Matter of Trendnet 297 Index 303

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information