How China is Weaponizing Privacy

editor Blog

Written by Noah Katz, Ohio State University Moritz College of Law

What is China’s new privacy law?

The Personal Information Protection Law (PIPL), which took effect in November 2021, is China’s first comprehensive data privacy law.[1] The PIPL’s impact is immense given that China is home to almost one billion internet users.[2] The new legislation provides a clear framework for regulating the use of personal data, but, if violated, businesses could face massive fines and may even be blacklisted by the Chinese government.[3]

  Continue reading

The Internet of Things – A Brief Exploration of Emerging Technology and the Status of American Privacy Regulations Developing Around It

editor Article

 Written by Chris McGhee, Jason Meuse, Christa Vo, & Kelsey Kenny as a final paper for the Fall 2021 session of Information Privacy Law 

A. Introduction

The Internet of Things is a term that describes the network of sensors embedded in otherwise mundane consumer products which collect data and connect to the internet.1 The capabilities of this technology range from offering simple conveniences to consumers, such as a light that turns on or off at the sound of clapping, to life-saving services like real-time blood sugar monitoring and insulin administration for diabetics or instant notice to emergency responders when a car accident occurs.2 To function properly, these devices rely on constant data input and network connectivity to trigger a mechanical function, or to teach an algorithm how to tailor its functions more succinctly to suit the needs of the individual consumer.3 Whether we are aware of it or not, the use of connected devices in our day-to-day lives is growing increasingly common; several sources predict that the world will have approximately 64 billion Internet of Things, “IoT,” devices by 2025.4 The era of digital commerce has incentivized the rapid development of invasive hardware and data analytics tools because, in the world of IoT, aggregate data is incredibly valuable,5 and consumers are “data goldmine[s].”6 Continue reading

Words of Wisdom from the Young Privacy Professionals Panel: Highlights and Takeaways 

editor Blog

KELSEY KENNY, Class of 2023

The evening of Thursday, November 4th, Maine Law’s Information Privacy Association, in collaboration with the Mortiz College of Law’s Data Privacy and Cyber Security Club, hosted an informal discussion panel to facilitate a dialogue between law students with an interest in information privacy and six professionals who have had success navigating the early stages of their evolving and dynamic careers in the field. Craig Carpenter, Caroline Hopland, Casey Waughn, Kenesa Ahmad, Lee Matheson, and Scott Bloomberg graciously contributed their time and insights to the forum. Continue reading

Predicting Drug Diversion: The Use of Data Analytics in Prescription Drug Monitoring

editor Article

CATHLEEN LONDON, MD CIPP/US, Class of 2022

Equifax just completed the acquisition of Appriss Insights,[1] who is rebranding as Bamboo Health.[2] How much data sharing goes on between the entities? Just as Appriss’ NarxCare score[3] is a black box[4], never subjected to peer review or outside scrutiny[5], this reorganization seems designed to hide data sharing. Continue reading

For Adequacy There Must Be a Private Right of Action

editor Blog

BRANDON BERG, Class of 2021 (Submitted while a student at Maine Law) 

We are still feeling the ripple effects from the European Court of Justice’s Schrems II decision. Among other things, the decision ripped apart the E.U.-U.S. Privacy Shield with particular exception to the data subject’s inability to seek redress from a court or tribunal. With the goal of U.S. adequacy in mind, the question becomes, how do we move forward? With several privacy bills currently being debated in Congress, one important question must be addressed: do these bills address the judicial remedy concerns cited in Schrems II? Continue reading