Archives

Ariel Porat and Lior Jacob Strahilevitz, Personalizing Default Rules and Disclosure with Big Data

By privacylaw | Posted on

Ariel Porat and Lior Jacob Strahilevitz, Personalizing Default Rules and Disclosure with Big Data

Comment by: Lauren Willis

PLSC 2013

Published version available here: http://papers.ssrn.com/sol3/papers.cfm?abstract_id=2217064

Workshop draft abstract:

The rise of Big Data has become one of the most important recent economic developments in the industrialized world, while simultaneously posing vexing privacy issues for policymakers. While the use of Big Data to help firms sort consumers (e.g., for marketing or risk-pricing purposes) has been the subject of sustained discussion, scholars have paid little attention to governmental uses of Big Data for purposes unrelated to law enforcement and national security. In this paper, we show how Big Data might transform adjudication, disclosure, and the tailoring of contractual and testamentary default provisions.

The paper makes three key contributions. First, it uses the psychology and computer science literatures to show how Big Data tools classify individuals based on “Big Five” personality metrics, which in turn are predictive of individuals’ future consumption choices, risk-preferences, technology adoption, health attributes, and voting behavior. For example, the paper discusses new research showing that by systematically analyzing data from individuals’ smartphones, researchers can identify particular phone users as particularly extrovereted, conscientious, open to new experiences, or neurotic. Smartphones, not eyes, turn out to be the true windows into our souls. Second, it shows how Big Data tools can match individuals who are extremely similar in terms of their behavioral profiles and, by providing a subset of “guinea pigs” with a great deal of time and information to make choices, it can extrapolate ideal default rules for huge swaths of the population. Big Data might even be used to promote privacy to some degree, by offering pro-privacy defaults to consumers whose past behavior suggests a strong preference for privacy and pro-sharing defaults to consumers whose past behavior indicates little interest in safeguarding personal information. Third, the paper is the first to show that the influential critiques of disclosure regimes (including FIPs-style “notice and choice” provisions) are at bottom critiques of impersonal disclosure. A legal regime that relies on Big Data to determine which relevant information about risks, side-effects, and other potentially problematic product attributes should be disclosed to individual consumers has the potential to improve the efficacy of disclosure strategies more generally. The paper also confronts a number of important objections to personalization in these various contexts, including concerns about cross-subsidies, government discrimination, and personalization in a world where human preferences and behaviors change over time.

The paper seeks to show privacy scholars and advocates precisely what the stakes will be in the looming fight over Big Data. We seek to demonstrate that Big Data battles are not merely fights about privacy versus profits, but implicate a host of unrecognized social interests as well.

Lior Strahilevitz, Reunifying Privacy Law

By privacylaw | Posted on

Lior Strahilevitz, Reunifying Privacy Law

Comment by: Ryan Calo

PLSC 2010

Published version available here: http://papers.ssrn.com/sol3/papers.cfm?abstract_id=1615101

Workshop draft abstract:

In 1890 Samuel Warren and Louis Brandies proposed a unified theory of invasion of privacy tort liability.  Over the subsequent decades, information privacy law became increasingly fragmented and decreasingly coherent.  William Prosser’s 1960 article, Privacy, which heavily influenced the Restatement of Torts, endorsed and hastened this trend toward fragmentation, which spread from tort law to the various statutory branches of information privacy law.  This article argues for the reunification of privacy law in two connected ways.  First, Prosser’s fragmented privacy tort should be replaced with a unitary tort for invasion of privacy that looks to the private or public nature of the information, the degree to which a defendant’s conduct violates existing social norms, and the social welfare implications of the defendant’s conduct.  Second, the reunified common law of torts should become the model for judicial interpretation of various other branches of information privacy law, such as the Freedom of Information Act’s privacy provisions, the Privacy Act, and the constitutional right of information privacy.  The Article explains how this can be done and why it is desirable.  Indeed, in its most recent Freedom of Information Act and Privacy Act cases, the United States Supreme Court has suggested that drawing on common law tort principles is the appropriate methodology for interpreting privacy-related federal statutes.

The final section of the article argues that the pending United States Supreme Court case of Nelson v. NASA is an ideal vehicle for pushing the law of information privacy back towards its relatively coherent and unified origins.  Nelson will be the first Supreme Court privacy case in thirty-three years to confront the question of whether the Constitution protects a right to information privacy apart from the Fourth Amendment context.  Because the common law tort cause of action and constitutional action involve similar harms and considerations, it is appropriate to reconcile the presently divergent doctrines, but this could be done in one of two ways.  The most sensible approach to reunification is to conclude, as the Sixth Circuit has, that there is no such thing as a constitutional right to information privacy, and that such rights are appropriately vindicated via tort remedies.  An alternative approach would be to recognize the existence of a constitutional right, as most circuit courts have, but to hold that the elements of a constitutional violation mimic those associated with the reunified privacy tort.