Children’s Right to Privacy on the Internet in the Digital Age

As access to the internet has become easier and more widespread in recent years, children have also started getting both increased and easier access to the internet, whether at home or at school. This access, coupled with a decrease in supervision while on the internet, implicates certain questions in regard to children. Questions involving data privacy rights are relevant to both adults and children in the digital age, but there are certain concerns that arise uniquely for children.This Note will focus on one piece of legislation that concerns data privacy rights for children—the Children’s Online Privacy Protection Act (COPPA) (16 C.F.R. § 312). The main question that this Note will seek to answer is whether COPPA is adequate in protecting children’s data privacy rights. Part II will explore the history behind COPPA and explain what it actually is, defining key terms as used in the legislation as well as explaining certain provisions. Part III will discuss problems that have arisen under COPPA recently, analyzing lawsuits that have occurred under COPPA as well as the legislation’s shortcomings which have been highlighted in recent events. Finally Part IV will offer possible solutions to these problems, explaining what other scholars have suggested as solutions to these problems as well as other suggestions

Time for Reapplication: A Review of FDA Sunscreen Regulation & Why it Needs an Update

Sunscreen is a staple in melanoma prevention and foreign innovation in formulation and application provide consumers with methods of sun protection. Nevertheless, FDA regulations designed to protect American consumers from ineffective sunscreens often act as a barrier to entry for these innovative, foreign sunscreens from reaching American consumers. This Note will address balancing concerns between consumer protection and promoting product innovation. The Note outlines the history of sunscreen regulation in the United States. Then it discusses the current regulatory framework and what sunscreen filters are currently available to American consumers before providing examples of foreign innovation in sunscreen formulation.

Privacy, Risk, Anonymization and Data Sharing in the Internet of Health Things

This paper explores a specific risk-mitigation strategy to reduce privacy concerns in the Internet of Health Things (IoHT): data anonymization. It contributes to the current academic debate surrounding the role of anonymization in the IoHT by evaluating how data controllers can balance privacy risks against the quality of output data and select the appropriate privacy model that achieves the aims underlying the concept of Privacy by Design. It sets forth several approaches for identifying the risk of re-identification in the IoHT as well as explores the potential for synthetic data generation to be used as an alternative method to anonymization for data sharing

Squaring the Circle Between Freedom of Expression and Platform Law

Among the greatest emerging challenges to global efforts to promote and protect human rights is the role of private sector entities in their actualization, since international human rights rules were designed to apply primarily, and in many cases solely, to the actions of governments. This paradigm is particularly evident in the expressive space, where private sector platforms play an enormously influential role in determining the boundaries of acceptable speech online, with none of the traditional guardrails governing how and when speech should be restricted. Many governments now view platform-imposed rules as a neat way of sidestepping legal limits on their own exercise of power, pressuring private sector entities to crack down on content which they would be constitutionally precluded from targeting directly. For their part, the platforms have grown increasingly uncomfortable with the level of responsibility they now wield, and in recent years have sought to modernize and improve their moderation frameworks in line with the growing global pressure they face. At the heart of these discussions are debates around how traditional human rights concepts like freedom of expression might be adapted to the context of “platform law.” This Article presents a preliminary framework for applying foundational freedom of expression standards to the context of private sector platforms, and models how the three-part test, which lies at the core of understandings of freedom of expression as a human right, could be applied to platforms’ moderation functions

Can the CCPA Access Right Be Saved? Realigning Incentives in Access Request Verification

The California Consumer Privacy Act access right has the potential to give Californians a level of control over their personal information that is unprecedented in the United States. However, consumer privacy interests will be in peril unless the access right is accompanied by an effective access request verification requirement. Requiring companies to respond to access requests when they cannot verify that the requestor is the subject of the requested data puts sensitive personal information at risk. Inversely, allowing companies to shirk their access request responsibilities by claiming that data is unverifiable diminishes consumers’ data control rights. Thus, in the context of access request verification policy, there is an inherent tension between privacy as confidentiality and privacy as control. The success of the access right, and thus all CCPA data control rights, hinges on an access request verification policy that successfully balances these competing privacy interests. The endemic identity theft caused by credit application verification systems demonstrates why such balancing cannot be wholly left to private companies. In the credit context, balancing has been driven by the profit maximization interests of businesses, which currently do not align with consumer privacy interests. Fortunately, several scholars have proposed methods for aligning these divergent interests. The strengths and weaknesses from these proposed solutions to identity theft provide a useful framework for building a system that incentivizes companies to prioritize consumer privacy when developing access request verification systems

Autonomous Vehicles: A Future Fast Approaching With No One Behind the Wheel

Driverless automobiles may redefine public safety and efficiency, while turning the automobile industry on its head. These innovative machines will pose a challenge to regulatory schemes spanning from transportation and insurance to products liability and internet laws. Enormous companies like BMW, Audi, Uber, and Google have already taken part in placing this rapidly growing technology into consumer hands. The rift that this innovation will create in other industries, coupled with the safety and privacy concerns surrounding its design, will be the catalyst for contentious legislative and legal debates. This Note will explore the ways in which industry flexibility, state and federal involvement, and clearer regulations may be carefully balanced to help the driverless car industry stay on the road. Part one will address the development and historical challenges of driverless vehicles, while parts two and three will look at potential solutions to these challenges

Governance of the Facebook Privacy Crisis

In November 2018, The New York Times ran a front-page story describing how Facebook concealed knowledge and disclosure of Russian-linked activity and exploitation resulting in Kremlin led disruption of the 2016 and 2018 U.S. elections, through the use of global hate campaigns and propaganda warfare. By mid-December 2018, it became clear that the Russian efforts leading up to the 2016 U.S. elections were much more extensive than previously thought. Two studies conducted for the United States Senate Select Committee on Intelligence (SSCI), by: (1) Oxford University’s Computational Propaganda Project and Graphika; and (2) New Knowledge, provide considerable new information and analysis about the Russian Internet Research Agency (IRA) influence operations targeting American citizens.By early 2019 it became apparent that a number of influential and successful high growth social media platforms had been used by nation states for propaganda purposes. Over two years earlier, Russia was called out by the U.S. intelligence community for their meddling with the 2016 American presidential elections. The extent to which prominent social media platforms have been used, either willingly or without their knowledge, by foreign powers continues to be investigated as this Article goes to press. Reporting by The New York Times suggests that it wasn’t until the Facebook board meeting held September 6, 2017 that board audit committee chairman, Erskin Bowles, became aware of Facebook’s internal awareness of the extent to which Russian operatives had utilized the Facebook and Instagram platforms for influence campaigns in the United States. As this Article goes to press, the degree to which the allure of advertising revenues blinded Facebook to their complicit role in offering the highest bidder access to Facebook users is not yet fully known. This Article can not be a complete chapter in the corporate governance challenge of managing, monitoring, and oversight of individual privacy issues and content integrity on prominent social media platforms. The full extent of Facebook’s experience is just now becoming known, with new revelations yet to come. All interested parties: Facebook users; shareholders; the board of directors at Facebook; government regulatory agencies such as the Federal Trade Commission (FTC) and Securities and Exchange Commission (SEC); and Congress must now figure out what has transpired and what to do about it. These and other revelations have resulted in a crisis for Facebook. American democracy has been and continues to be under attack. This article contributes to the literature by providing background and an account of what is known to date and posits recommendations for corrective action

Front Matter

Front Matter for Volume XX of the Pittsburgh Journal of Technology Law & Polic

Calculating Corporate Compliance & The Foreign Corrupt Practices Act

Technology is rapidly disrupting every industry and institution around the globe. Yet, corporate compliance has remained relatively unaffected by technological change when compared to other industries. If firms continue to lag behind in their compliance efforts, their risk exposure to the potentially lethal sanctions associated with major compliance failures will continue to increase with time. This is particularly true in the context of the Foreign Corrupt Practices Act. Generally, the Foreign Corrupt Practices Act (“FCPA”) is a regulatory statute that forbids bribery and false accounting for domestic firms doing business abroad. And, in the past decade the DOJ and SEC have begun aggressively enforcing the FCPA. Firms should begin using technology to develop more robust and cost-efficient compliance programs to insulate themselves from the FCPA’s harsh penalties. This Article provides an algorithm that allows firms to evaluate and improve their compliance programs in accordance with several published sources of guidance. Compliance scholars have made clear that it is critical for firms to maintain strong corporate compliance programs and have suggested different models and frameworks for internal evaluation and auditing. However, those suggestions fail to consider how technology may be used to improve the cost-efficiency of corporate compliance and ethics programs. This Article takes an informatics-based approach to evaluating and improving firm compliance by focusing on the most important compliance functions according to the Department of Justice (“DOJ”), courts, and other Government actors. Indeed, firms may drastically improve the cost-efficiency of their compliance efforts by adopting the analytical framework proposed in this Article

Front Matter

Front Matter for Volume XIX of the Pittsburgh Journal of Technology Law & Polic