On May 3, Sara DePaul, SIIA’s Senior Director for Technology Policy, moderated a panel at the IAPP’s Global Privacy Summit 2019 in Washington DC on “Balancing Transparency and Privacy in Open Access to Public Records.” The panel featured the views of Cindy Van Ort, Chief Privacy Officer of Thomson Reuters; Chris Calabrese, Vice President for Policy at the Center for Democracy and Technology; and David Cuillier, Associate Professor at the University of Arizona School of Journalism. The panelists engaged in a spirited discussion and found a few high-level points of consensus, such as: that the use of public records confer important social benefits, that open access and use can yield the potential for harmful results that should be accounted for, and that the treatment of public records by privacy laws can raise First Amendment concerns that must be balanced by policymakers. They differed, however, in whether and how a privacy law should apply to public records dat ...
On March 12, the Senate Judiciary Committee held a hearing on “GDPR & CCPA: Opt-ins, Consumer Control, and the Impact on Competition and Innovation.” The Committee heard from witnesses representing industry, consumer organizations, and academia, who discussed a broad range of issues to inform a federal privacy law: from meaningful consumer controls to the successes and failures of other privacy frameworks to beefed up enforcement by the FTC .
One important topic that was not discussed was the importance of publicly available information and how it should be treated by a federal privacy law. As SIIA explained in recent comments to the Senate, the social benefits and public policy principles promoted by the processing of public data are tangible, indisputable, and balanced. Public data is used to provide choice and access to credit for personal finances, to enable credit for business expansion to grow our economy, and to promote public safety. Moreover, the free flow o ...
Although he began by saying that the new California Consumer Privacy Act is an "extraordinarily complicated and poorly written statute," Chris Mohr, SIIA's VP for intellectual property and general counsel, wants to make one thing clear.
“. . . as education companies we can't just come up with a great product, show it to teachers, and expect to be successful. Our products and services have to help decision makers with their state and federal compliance and intricately defined funding requirements if we are going to be successful. If we don’t know what these are, we can’t get our products accepted.” — Mitch Weisburgh, Managing Partner, Academic Business Advisors
The General Data Protection Regulation is designed to support the individual’s interest in informational privacy, which the EU recognizes as a fundamental right. Under that law, the collection, use and transfer of personal information is prohibited unless done with consent of the individual. It has a de minimis legitimating role for social or business purposes but generally, if the individual revokes consent, processing of information must stop and often the information itself must be deleted.
The US works from a different paradigm. We certainly value privacy as necessary and valuable to ensure both personal dignity and a free and functioning society. But we focus privacy laws on the prevention and remediation of harm, not on consent. United States privacy law grew out of the common-law privacy torts: defamation, intrusion on seclusion, disclosure of private facts, false light and the right of publicity. Thus, for example, the tort of disclo ...