The Privacy Risks of Direct-To-Consumer Genetic Testing: A Case Study Of 23andme And Ancestry

Samual A. Garner and Jiyeon Kim
Direct-to-consumer genetic testing (DTC-GT) companies have proliferated and expanded in recent years. Using biospecimens directly submitted by consumers, these companies sequence and analyze the individual’s genetic information to provide a wide range of services including information on health and ancestry without the guidance of a healthcare provider. Given the sensitive nature of genetic information, however, there are growing privacy concerns regarding DTC-GT company data practices. We conduct a rigorous analysis,…

The Ironic Privacy Act

Margaret Hu
This Article contends that the Privacy Act of 1974, a law intended to engender trust in government records, can be implemented in a way that inverts its intent. Specifically, pursuant to the Privacy Act’s reporting requirements, in September 2017, the U.S. Department of Homeland Security (DHS) notified the public that record systems would be modified to encompass the collection of social media data. The notification justified the collection of social…

Privacy’s Past: The Ancient Concept and Its Implications for The Current Law of Privacy

Keigo Komamura
Privacy is a mysterious concept. The more apparent its significance in the real world becomes, the more obscure the core and the limitations of the concept become. In the digital age, it is urgent that the legal framework to protect privacy should be enhanced more than ever before. At the same time, the right-based model of privacy which has long been dominant in theory and practice is now challenged by…

Privacy Governance for Institutional Trust (Or Are Privacy Violations Akin to Insider Trading?)

Kirsten Martin
Currently, we frame individuals online as in a series of exchanges with specific firms, and privacy, accordingly, is governed to ensure trust within those relationships. However, the focus on the relationship between consumers and specific firms does not capture how the online environment behaves. The aggregation and secondary use of consumer data is performed by market actors behind the scenes without any relationship with consumers. Trusting a single firm is…

The Pathologies of Digital Consent

Neil Richards and Woodrow Hartzog
Consent permeates both our law and our lives—particularly in the digital context. Consent is the foundation of the relationships we have with search engines, social networks, commercial web sites, and any one of the dozens of other digitally mediated businesses we interact with regularly. We are frequently asked to consent to terms of service, privacy notices, the use of cookies, and so many other commercial practices. Consent is important, but…

The Consent Myth: Improving Choice for Patients of The Future

Charlotte A. Tschider
Consent has enjoyed a prominent position in the American privacy system since at least 1970, though historically, consent emerged from traditional notions of tort and contract. Largely because consent has an almost deferential power as a proxy for consumer choice, organizations increasingly use consent as a de facto standard for demonstrating privacy commitments. The Department of Health and Human Services and the Federal Trade Commission have integrated the concept of…

Safe Social Spaces

Ari Ezra Waldman
Technologies that mediate social interaction can put our privacy and our safety at risk. Harassment, intimate partner violence and surveillance, data insecurity, and revenge porn are just a few of the harms that bedevil technosocial spaces and their users, particularly users from marginalized communities. This Article seeks to identify the building blocks of safe social spaces, or environments in which individuals can share personal information at low risk of privacy…