Brainscape's Knowledge GenomeTM


Top Flashcards (Certified)
All Flashcards

F23 > Privacy > Flashcards

Privacy Flashcards

1
Q

Right to privacy

A

“Right to be let alone”

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Types of privacy

A

a. Informational privacy
i. Communications and information created by or about individuals
b. Decisional privacy
i. Decisions about family life, health care, and individual autonomy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Prosser’s privacy torts

A

i. Intrusion upon seclusion
ii. Public disclosure of private facts
iii. False light
iv. Appropriation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Intrusion upon seclusion

A

i. Intentional intrusion, physical or otherwise
ii. Upon solitude or seclusion of another is subject to liability if
iii. Intrusion would be highly offensive to reasonable person

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Public disclosure of private facts

A

i. One who gives publicity to matter concerning the private life of another is subject to liability if matter publicized is:
1. Highly offensive to reasonable person and
2. Not of legitimate concern to the public

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

False light

A

i. One who gives publicity to matter concerning another that places the other before the public in a false light is subject to liability if:
1. Highly offensive to reasonable person
2. Actor had knowledge of or acted in reckless disregard as to falsity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Appropriation

A

i. One who appropriates
ii. To his or her own use or benefit
iii. Name or likeness of another
1. Exception
a. Newsworthiness
i. Real relationship between subject and topic of public interest

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Right of publicity

A

i. One who appropriates the commercial value of a person’s identity
ii. By using without consent the person’s name or likeness
iii. For purposes of trade

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Defamation

A

i. False or defamatory statement concerning another
ii. Unprivileged publication to a third party
iii. Fault amounting at least to negligence on part of publisher
iv. Either actionability of the statement irrespective of special harm or existence of special harm caused by publication
v. Exception
1. Public figure
a. If public figure
b. Actual malice
i. Knowledge of or reckless disregard for falsity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Intentional infliction of emotional distress

A

i. Extreme and outrageous conduct
ii. Intentionally or recklessly causes
iii. Severe emotional distress to another

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Tiers of scrutiny (1A)

A

i. Strict scrutiny
1. If protected speech
2. Content-based
3. Then strict
ii. Intermediate scrutiny
1. Protected speech
a. If protected speech
b. Content-neutral
i. Regulates time, place, or manner of speaking
c. Then intermediate
2. Commercial speech
a. If commercial speech
b. Protected (not misleading or unlawful)
c. Then intermediate
iii. No 1A review
1. Unprotected speech
a. Fighting words
b. Incitement of violence
c. Defamation
d. Obscenity
b. Exception
i. Anonymous speech
1. Generally, forbidding anonymity chills free speech

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Duty of confidentiality

A

a. Duty of confidentiality
i. Duty to patient
ii. Breach
b. Duty of disclosure if:
i. Special relationship
ii. Victim identifiable
iii. Harm is foreseeable and serious

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

HIPAA (structure)

A

a. Structure
i. Covered entity
ii. Protected health information

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Privacy rule

A

i. Exceptions
1. Consent
2. Marketing (within organization)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Security rule

A

Only covers electronic data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Constitutional privacy rights

A

i. First Amendment
1. Free speech, association
ii. Third Amendment
1. Quartering soldiers
iii. Fourth Amendment
1. Searches and seizures
iv. Fifth Amendment
1. Self-incrimination
v. Fourteenth Amendment
1. Substantive due process

17
Q

Zones of privacy

A

i. Liberty
ii. Due process
iii. Equal protection

18
Q

Constitutional torts

A
  1. Any person
  2. Deprived of rights, privileges, or immunities secured by Constitution
  3. Liable to the injured party
19
Q

Personal identifying information (PII)

A

i. URLs or IP addresses
ii. Account numbers
iii. Device IDs or serial numbers
iv. Geographic information
v. Phone and fax number
vi. Medical and health info
vii. Email addresses
viii. Address
ix. Biometric identifiers
x. Birthdate
xi. Social security

20
Q

Standing

A

i. (1) Injury in fact
1. Concrete and particularized
2. Actual or imminent, not conjectural or hypothetical
ii. (2) Fairly traceable
iii. (3) Likely that injury will be redressed by court order

21
Q

FTC (authority)

A

i. Statutory
1. COPPA
2. FCA (shared with FCC)
ii. Section 5
1. Unfair
2. Deceptive

22
Q

FTC (enforcement; common scenarios)

A

i. Broken promises
ii. Lack of notice
iii. Retroactive privacy policy

23
Q

Video Privacy Protection Act

A
  1. Scope
    a. Requires user consent
    b. Covers all video service providers
    c. Including online streaming
  2. Opt in disclosure
    a. Consent obtained for two=year period
    b. Consent can be withdrawn
    c. Must provide “clear and conspicuous” opportunity to withdraw
  3. Exceptions
    a. Ordinary course of business (all data)
    b. Internal marketing (all data)
    c. Given opportunity to opt out (name and address only)
  4. Destruction of records
    a. As soon as practicable
  5. Preemption
    a. Floor, not ceiling
  6. Enforcement
    a. Private right of action when provider knowingly discloses consumer data
24
Q

Cable Communications Policy Act

A
  1. Notice and access
    a. Notify of nature and use of personal information collected
  2. Limitations on data collection
    a. Consent required
  3. Exceptions
    a. Ordinary course of business (all data)
    b. Court order (all data)
    c. Given opportunity to opt out (name and address only)
  4. Data destruction
    a. When no longer necessary
  5. Government access to cable information
    a. Court order if:
    i. Clear and convincing evidence of criminal activity
    ii. Used as material evidence in the case
    iii. Subject afforded opportunity to contest claim
  6. Enforcement
    a. Private cause of action
    b. Minimum $1000 fine
    c. $100 for each day of violation
  7. New cable services and product
    a. Arguably covered
25
Federal Communications Act
1. Primary protection a. Requires common carriers to protect confidentiality of propriety information 2. Customer proprietary network information a. Customer proprietary network information (CPNI) i. Technical information ii. Billing information 3. Common carriers a. Internet providers arguably covered 4. Disclosure of CPNI a. As required by law b. With consent c. In providing service from which CPNI is derived 5. Limits when obtaining CPNI from another carrier a. Only for purpose provided b. Not for internal marketing 6. Customer access a. Upon written request 7. Unjust and unreasonable practices a. Broad protection against unjust and unreasonable practices 8. FCC enforcement a. FTC charged with enforcement 9. FCC and FTC jurisdiction a. FTC (broad) b. FCC (common carriers)
26
Children's Privacy Protection Act (COPPA)
1. Scope a. Covers operators of websites or online services b. Directed to children or c. Actual acknowledge that it is collecting data of children under 13 2. Personal information a. Voice, audio, or image b. Geolocation c. Online contact information (screenname, IP address, etc.) 3. Collection of personal information a. Broadly defined i. Requesting, prompting, or encouraging ii. Enabling child to make information publicly available 4. Notice a. Privacy policy i. Information collected ii. How information is used iii. Disclosure practices 5. Consent a. Parental consent 6. Right to restrict uses of personal information a. Parents can: i. Request types of information collected ii. Refuse further use or collection iii. Request information collected 7. Liability when sites operate in connection with third parties a. Both operators and third parties liable b. As long as they have actual knowledge 8. Enforcement a. Enforced by FTC 9. Preemption a. Preempts state law 10. Safe harbor a. Certain guidelines comply with COPPA
27
Telephone Consumer Protections Act
1. Unsolicited calls a. No existing relationship b. No consent 2. Do-not-call list a. Companies required to maintain do-not-call lists 3. National do-not-call registry a. Authorizes single national database 4. Exceptions a. When customer initiates the call b. Established business relationship c. Customer previously consented 5. Automatic telephone dialing system a. Prior express consent 6. Texting a. Customers must opt in 7. Private right of action a. Private right of action after requesting to stop calling 8. Affirmative defense a. Telemarketers argue they took reasonable practices to prevent spam calls 9. Prohibition on using pre-recorded messages a. Prohibited b. Unless consent 10. Fax machines a. Prohibited 11. State enforcement a. States may initiate action against telemarketers
28
European Convention on Human Rights (Art. 8)
i. Right to respect for private and family life 1. Right to respect for his private and family life, his home and his correspondence 2. No interference by public authority except a. National security b. Public safety and economic wellbeing of country c. Prevention of disorder or crime d. Protection of health or morals e. Protection of rights and freedoms of others
29
General Data Protection Regulation (GDPR)
i. Extraterritorial reach 1. Covers all processing of personal data of or related to EU ii. Limits on data processing 1. Personal data is subject to the following limits: a. “processed lawfully, fairly and in a transparent manner” (lawfulness, fairness, and transparency); b. “collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes” (purpose limitation); c. data minimization; d. data accuracy; e. limited storage; f. integrity; g. data security; h. accountability for the data controller i. independent data protection authorities iii. Rights to rectification and erasure 1. Right to rectification a. Right to correct inaccurate personal data 2. Right to erasure a. Right to be forgotten iv. Consent 1. Must be given unambiguously 2. Can be withdrawn at any time v. Controllers and processors 1. Controller a. Determines purposes and means of processing personal data 2. Processor a. Processes personal data on behalf of controller vi. Limits on processing of sensitive data and automated decision making 1. Prohibits processing of personal data revealing: a. Race or ethnic original political opinions b. Religious or philosophical beliefs c. Trade union memberships 2. Prohibits processing of personal data: a. Genetic data b. Biometric data for the purposes of identification c. Data concerning health d. Data concerning person’s sex life or sexual orientation vii. Monetary finds 1. “Effective, proportionate, and dissuasive” viii. Independent supervisory authorities 1. Completely independent 2. Financially supported by member states ix. European Data Protection Board’s consistency mechanism 1. Power to make: a. Non-minding recommendations and b. Binding decisions in individual cases x. Adequacy standard 1. Requires adequate level of protection before transfer of data to a non-EU country
30
California Consumer Privacy Act (CCPA) as amended by California Privacy Rights Act (CPRA)
i. Scope 1. All companies that: a. Collect and maintain personal data from California residents, do business in the state, and: i. Exceed $25 million in gross revenue ii. Buys, sells, shares personal information of 100,000 people or more iii. Derives 50% or more of annual revenue from selling or sharing personal information ii. Personal information 1. Information that identifies or relates to consumer or household iii. Consumer rights 1. Right to be notified regarding personal information collected and purpose of use 2. Right to request and receive disclosures regarding personal information 3. Right to data portability 4. Right to data deletion 5. Right to opt out of sale of personal information to third parties 6. Right to opt in for children’s personal information 7. Right to opt out of sharing personal information (ads) 8. Right to opt out of use and disclosure of “sensitive personal information” 9. Right to correct inaccurate personal information 10. Right to enhanced transparency regarding business practices, data retention, etc. 11. Right regarding automated decision making iv. Sale 1. Selling, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating consumer’s personal information to another business or third party v. Enforcement 1. Enforced by California Privacy Protection vi. Right of action 1. No private right of action unless: 2. “Unauthorized access and exfiltration, theft, or disclosure” of a consumer’s nonencrypted or nonredacted personal information vii. Opportunity to cure 1. If cure possible 2. 30 days to cure and 3. Notify consumer that violation has been cured

F23 (4 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions