Research Programs
More
What are you looking for?
Showing 9 of 181 Publications in Data Security & Privacy
TOTM Despite the simplistic narrative tying President Trump’s vision of the world to conservatism, there is nothing conservative about his views on the First Amendment and how it applies to social media companies.
Yesterday was President Trump’s big “Social Media Summit” where he got together with a number of right-wing firebrands to decry the power of Big Tech to censor conservatives online. According to the Wall Street Journal…
Read the full piece here.
TOTM This morning a diverse group of more than 75 academics, scholars, and civil society organizations — including ICLE and several of its academic affiliates — published a set of seven “Principles for Lawmakers” on liability for user-generated content online, aimed at guiding discussions around potential amendments to Section 230 of the Communications Decency Act of 1996.
This morning a diverse group of more than 75 academics, scholars, and civil society organizations — including ICLE and several of its academic affiliates — published a set of seven “Principles for Lawmakers” on liability for user-generated content online, aimed at guiding discussions around potential amendments to Section 230 of the Communications Decency Act of 1996.
TOTM Last year, real estate developer Alastair Mactaggart spent nearly $3.5 million to put a privacy law on the ballot in California’s November election. He then negotiated a deal with state lawmakers to withdraw the ballot initiative if they passed their own privacy bill. That law — the California Consumer Privacy Act (CCPA) — was enacted after only seven days of drafting and amending.
Last year, real estate developer Alastair Mactaggart spent nearly $3.5 million to put a privacy law on the ballot in California’s November election. He then negotiated a deal with state lawmakers to withdraw the ballot initiative if they passed their own privacy bill. That law — the California Consumer Privacy Act (CCPA) — was enacted after only seven days of drafting and amending. CCPA will go into effect six months from today.
Written Testimonies & Filings FTC Hearings on Competition & Consumer Protection in the 21st Century. Comments of the International Center for Law & Economics: Summing Up the FTC Hearings: Advocates for Increased Antitrust Intervention Failed to Make Their Case. Submitted Jun 30, 2019.
These comments represent ICLE’s review and commentary of the detailed record set forth during the FTC’s Hearings on Competition and Consumer Protection in the 21st Century. The hearings — and these comments — covered a wide range of topics from data security and privacy, to horizontal and vertical merger policy, anticompetitive unilateral behavior, and a host of contemporary issues that have arisen around the question of whether antitrust law is capable of dealing with potential harms to competition from modern firms.
Specifically, the summary comments deal with the following topics.
Opponents of the consumer welfare standard seek to return antitrust to the bygone era of courts arbitrarily punishing firms for successfully outcompeting their rivals or simply growing “too large.” The Commission should tread carefully before incorporating these ideas, which, during the course of its evolution in the 20th century, antitrust law carefully and correctly selected out.
Based on the testimony heard during the hearings, there is no need to change the non-horizontal merger guidelines. If anything, vertical merger review should be pared back out of a recognition that the failure to account for dynamic effects (and the inherent difficulty of doing so) means it is likely that pro-competitive mergers are being deterred.
Concerns regarding vertical discrimination are predicated on the erroneous assumption that big tech platforms might be harming competition by favoring their content over that of their complementors. Not only is this fear overblown, but even the harms alleged are frequently ambiguous and provide benefits to some consumers.
Much of the analysis of popular technology companies is predicated on traditional market definition analysis, which infers future substitution possibilities from existing or past market conditions. This leads to overly-narrow market definitions and erroneous market power determinations. Thus, Amazon, Facebook, and Google are assumed — erroneously — to be unassailable monopolies.
Data is a valuable input for companies competing in the digital economy. It is not, however, a magic bullet or holy grail, as some commenters suggested. As with other assets, companies can use data in both pro-competitive and anti-competitive ways. “Big data” may be a new term, but it does not pose unique problems for competition policy.
Click here to read the full concluding comments.
Presentations & Interviews In the “News Roundup” of episode 269. A McLaughlin Group for Cybersecurity, Gus Hurwitz covers the Supreme Court’s ruling on when a forum is subject . . .
In the “News Roundup” of episode 269. A McLaughlin Group for Cybersecurity, Gus Hurwitz covers the Supreme Court’s ruling on when a forum is subject to First Amendment limits. The full episode is embedded below.
https://www.steptoe.com/podcasts/TheCyberlawPodcast-269.mp3
Scholarship This response argues that in his efforts to locate a clear duty in existing data security law he has identified a standard that, in all meaningful ways, is one of subjective (not objective) reasonableness – and therefore offers no clarity at all.
William McGeveran’s recent article, The Duty of Data Security, is a significant contribution to ongoing debates about what duty firms holding electronic information about consumers owe in ensuring the security of that data. It also supports the opposite conclusion from that which McGeveran articulates. McGeveran frames the article as identifying a clear duty of data security. This response argues that in his efforts to locate a clear duty in existing data security law he has identified a standard that, in all meaningful ways, is one of subjective (not objective) reasonableness – and therefore offers no clarity at all. There is likely room for disagreement on both sides of this argument – both that which McGeveran makes and my response to it. The ultimate purpose of this response, however, is to recognize this aspect of the duty that McGeveran has identified and to reframe it in the familiar terms of objective vs. subjective reasonableness. This distinction is both useful and important, and has gone unremarked upon in two decades of discussions about the data security obligations.
Read the full response here.
Written Testimonies & Filings FTC Hearings on Competition & Consumer Protection in the 21 st Century. Comments of the International Center for Law & Economics: The FTC’s Flawed Data Security Enforcement Program and Suggestions for Reform. Hearing #9 (Dec. 11-12, 2018). Submitted May 31, 2019.
Several pressing issues are raised by the ongoing need for data security as underscored by high profile breaches. One of the core problems in this area, however, is not simply that firms have inadequate data security, but that lawmakers have, to date, broadly failed to offer a viable standard by which firms can guide their conduct in this area.
The flawed strategy which the FTC currently deploys to deal with data security issues is a prime example. In brief, the Commission’s over-reliance on enforcement by consent decrees has created a quasi-regulatory approach to data security, eschewed the fundamentally useful aspects of a true common law approach to developing liability rules, and as a consequence provided little record of what actually amounts to liability for “unreasonable” data security. A true standard would include such components as: the assessment of reasonable care on the part of the tortfeasor, the thorough analysis of causality, an economically grounded computation of harm, and the establishment that harm is likely absent some level of care.
Given these failings, the FTC should consider implementing reforms that might bring its decisional practice closer to the common law tradition. These include giving more weight to economic analysis (notably by allowing the FTC’s Bureau of Economics to play a greater role in data security proceedings), adopting modest measures that would increase the transparency of the FTC’s data security decisions (thereby increasing legal predictability), bringing greater judicial review to data security proceedings, and incentivizing firms to better communicate their data security activities.
Click here to read full comments.
Presentations & Interviews ICLE Director of Law & Economics Programs, Gus Hurwitz joins Matthew Heiman, Chris Riley, Anna Hsia, and Thomas Hazlett at Pepperdine Law Review‘s 2019 Symposium. The Free . . .
ICLE Director of Law & Economics Programs, Gus Hurwitz joins Matthew Heiman, Chris Riley, Anna Hsia, and Thomas Hazlett at Pepperdine Law Review‘s 2019 Symposium. The Free Lunch Podcast has provided the recording of their panel where they discuss the challenges and implications of online privacy regulation. In this panel, the speakers discuss the implications of internet privacy legislation in both California and Europe on innovation, small businesses, and consumer protection. The full episode is embedded below.
Presentations & Interviews On March 1, 2019, ICLE Research Fellow Alec Stapp appeared on a panel discussing “Big Brother in Big Tech” and the privacy implications associated with . . .
On March 1, 2019, ICLE Research Fellow Alec Stapp appeared on a panel discussing “Big Brother in Big Tech” and the privacy implications associated with large tech platforms like Google, Amazon, and Facebook. This panel is part of a day-long conference— “Who’s Afraid of Big Tech”—that will explore the larger legal and policy issues that arise around the privacy, censorship, and competition concerns that have been raised about the large tech platforms. Video of the panel is embedded below.
