5. Enforcement of Privacy and Security Laws Flashcards
What are the three legal action bodies?
- civil litigation
- Criminal litigation
- Adminsitrative Enforcement
What are the elements for Civil litigation? Definition-D Initiated by- I Burden of Proof- B Punishment-P Source of Law-S
D-Disputes between indv/orgs I-Private party/government B-Preponderance of evidence P-Monetary compensation or injunction S-Tort and Contracts
What are the elements of Criminal litigation? Definition-D Initiated by- I Burden of Proof- B Punishment-P Source of Law-S
D-Court proceedings for criminal prosecution
I-Government
B-Beyond a reasonable doubt
P-Fines, restitution, incarceration, death
S-Constitutions and Case law
What are the elements of Administrative enforcement? Definition-D Initiated by- I Burden of Proof- B Punishment-P Source of Law-S
D-Adjudication by an agency I-Governmental agency B-Burden of persuasion P-Actions, fines S-statues that create and empower an agency
What are the categories for civil litigation arising from tort or contracts?
- Negligence- absence of/failure to exercise proper or ordinary care.
- Breach of warranty- Failure of a seller to fulfill terms as promise, claim, rep
- Misrepresentation: False security about the safety or product or service
- defamation- defamed by libel (written) slander(oral)
- Strict tort liability- extension of responsibility of the vendor who might be injured by a product or service
- Statutory actions- action required permitted or enacted by statue
The FTC has responsibility over what three regs?
- COPPA
- CAN-SPAM
- HITECH (Shared)
Emerging Tech: What are data brokers?
are entities that collect, aggregate and sell individuals’ personal data, derivatives and inferences from disparate public or private sources.
- Data is often gathered without the data subject’s knowledge or consent
- Data can be combined to reveal personal information not available from a single source
- The FTC encourages data minimization practices and calls for federal legislation
- Vermont and California have data broker laws
Emerging Tech: what is bulk data?
a term used to describe the large data sets that organizations have been able to collect due to the exponential growth in the amount and availability of data.
Concerns about big data often revolve around a lack of clear notice to data subjects about how their data will be used, as well as how advanced analytics can be used to repurpose data in ways the data subject did not agree to when the data was collected.
Emerging Tech: What is Artificial Intelligence?
a broad term used to describe a process where machines learn from experience, adjusting to new inputs and potentially performing tasks previously done by humans.
Often used for automated decision-making
• The FTC states that “AI tools should be transparent, explainable, fair and empirically sound, while fostering accountability”
Emerging Tech: What are Biometrics?
are physical or behavioral characteristics that can be used to digitally identify individuals. They include fingerprints, facial patterns, voice patterns and retinal images.
- Privacy concerns: Biometrics are inherently identifying, cannot be changed if compromised, can be collected without the individual’s knowledge or consent and can be used to track locations and activities
- Several states have laws or statutes governing the use of biometrics, including Illinois, Texas, Washington, California, New York and Arkansas
Emerging Tech: What is the Internet of Things?
a term used to describe the many devices that are connected to the internet. Any device that is built with a network interface can be assigned an IP address
to allow for automation and remote access.
- Includes “smart” devices (such as phones, TVs, homes), connected cars, wearable technology, biometric scanners, tracking devices
- Potential for data to be collected and shared without the data subject’s knowledge or consent
- Collected data can be used in targeted advertising
- May allow for cross-device tracking of individuals
- Concerns include effects on data security, data minimization, notice and choice
What are the key concepts of Department of Commerce?
- Leading role in federal privacy policy development
2. EU-U.S. Privacy Shield administration; leads diplomatic discussions on replacement/enhancement
What are the key concepts of Department of Homeland Security?
- E-Verify program; rules for air traveler records (TSA)
* Immigration; other border issues (Immigration and Customs Enforcement)
What are the key concepts of the Sate Department?
• Negotiates on privacy issues with other countries and in multinational groups
What are the key concepts of Department of Health and Human Services/Office for Civil Rights?
- Involved in enforcing HIPAA rules
* Works in conjunction with the Department of Justice to refer possible criminal violations of HIPAA