Search results

Perpetrators of technology-facilitated gender-based violence are taking advantage of increasingly automated and sophisticated privacy-invasive tools to carry out their abuse. Whether this be monitoring movements through stalkerware, using drones to nonconsensually film or harass, or manipulating and distributing intimate images online such as deepfakes and creepshots, invasions of privacy have become a significant form of gender-based violence. Accordingly, our normative and legal concepts of privacy must evolve to counter the harms arising from this misuse of new technology. Canada's Supreme Court recently addressed technology-facilitated violations of privacy in the context of voyeurism in R v Jarvis (2019) . The discussion of privacy in this decision appears to be a good first step toward a more equitable conceptualization of privacy protection. Building on existing privacy theories, this chapter examines what the reasoning in Jarvis might mean for “reasonable expectations of privacy” in other areas of law, and how this concept might be interpreted in response to gender-based technology-facilitated violence. The authors argue the courts in Canada and elsewhere must take the analysis in Jarvis further to fully realize a notion of privacy that protects the autonomy, dignity, and liberty of all.

This article attempts to explain and analyse the nature and characteristic features of a person’s privacy in the on‐line environment in order to assess how these features shape the need for protection. Since the internet has invaded our everyday lives, individual privacy is exposed in different ways in cyberspace. It is important to note that the Internet lacks the traditional characteristics of a ‘physical’ space, but the interests and inherent values protected by privacy remain the same in cyberspace. The article discusses the factors that shape a different nature of online privacy compared to its off line counterpart. Online privacy may not be a novel right, but it is definitely one exposed to a whole new environment which has its own special need for protection.

We live in an age of unparalleled access to personal data. Technological advances that seem second nature today allow for the mass accumulation of personal information by even the smallest of companies. The same technology also can be used directly by the state to accumulate mass information on its citizens. In the hands of government law enforcement officials, these surveillance advances also can be used to greatly enhance the state’s ability to exercise social control – a circumstance that has both positive and negative connotations. This chapter discusses the increasingly important confluence of privacy rights, surveillance, and social control as seen from a constitutional standpoint.

After years of limiting the expectations of privacy that citizens may have in their day-to-day lives, several recent Supreme Court decisions have attempted to take account of the privacy expectations held by individuals in today’s ever-evolving technological world, and in doing so have limited the ability of law enforcement to engage in surveillance without first obtaining a warrant. Yet more needs to be done. Specifically, the author argues that the law of standing must be updated to permit judicial claims by individuals who challenge the legality and constitutionality of comprehensive surveillance programs.

This paper aims to (a) summarize the legal and ethical foundations of privacy with connections to workplace emails and text messages, (b) describe trends and challenges related to “Bring Your Own Device” (BYOD), and (c) propose legal and nonlegal questions these trends will raise in the foreseeable future.

Based on a review of legal cases and scholarship related to workplace privacy, implications for BYOD practices are proposed.

Primarily due to property rights, employers in the USA have heretofore been granted wide latitude in monitoring employee communications. The BYOD trend has the potential to challenge this status quo.

BYOD programs present discernable threats to employee privacy. Attention is also directed toward contributing elements such as wearable technology, cloud computing and company cultures.

This study aims to discover the legal borderline between licit online marketing and illicit privacy-intrusive and manipulative marketing, considering in particular consumers’ expectations of privacy.

A doctrinal legal research methodology is applied throughout with reference to the relevant legislative frameworks. In particular, this study analyzes the European Union (EU) data protection law [General Data Protection Regulation (GDPR)] framework (as it is one of the most advanced privacy laws in the world, with strong extra-territorial impact in other countries and consequent risks of high fines), as compared to privacy scholarship on the field and extract a compliance framework for marketers.

The GDPR is a solid compliance framework that can help to distinguish licit marketing from illicit one. It brings clarity through four legal tests: fairness test, lawfulness test, significant effect test and the high-risk test. The performance of these tests can be beneficial to consumers and marketers in particular considering that meeting consumers’ expectation of privacy can enhance their trust. A solution for marketers to respect and leverage consumers’ privacy expectations is twofold: enhancing critical transparency and avoiding the exploitation of individual vulnerabilities.

This study is limited to the European legal framework scenario and to theoretical analysis. Further research is necessary to investigate other legal frameworks and to prove this model in practice, measuring not only the consumers’ expectation of privacy in different contexts but also the practical managerial implications of the four GDPR tests for marketers.

This study originally contextualizes the most recent privacy scholarship on online manipulation within the EU legal framework, proposing an easy and accessible four-step test and twofold solution for marketers. Such a test might be beneficial both for marketers and for consumers’ expectations of privacy.

This paper focuses on the complex nature of privacy and freedom of speech issues as they arise at the ISP. It addresses these critical issues by way of an examination of multiple specific contemporary examples and legal cases. Also discussed are a number of different approaches to more clearly define the status of the ISP and its multi‐faceted functions. Finally, some of the possible implications of various proposals for regulatory and legal schemes are examined. The author concludes that ultimately any such scheme must foreground the integral role that the ISP plays with respect to fundamental privacy and free speech rights on the Internet.

Broad coalitions of companies, governments, and research institutions in several countries are currently designing massive electronic infrastructures for their roadways. Known collectively as intelligent vehicle‐highway systems (IVHS), these technologies are intended to ease toll collection and commercial vehicle regulation, provide drivers with route and traffic information, improve safety and ultimately support fully automated vehicles. Although many aspects of IVHS are uncertain, some proposed designs require the system to collect vast amounts of data on individuals′ travel patterns, thus raising the potential for severe invasions of privacy. To make social choices about IVHS, it is necessary to reason about potentials for authoritarian uses of an IVHS infrastructure in the hypothetical future. Yet such reasoning is difficult, often veering towards Utopian or dystopian extremes. To help anchor the privacy debate, places IVHS privacy concerns in an institutional context, offering conceptual frameworks to discuss the potential interactions between IVHS technologies and the computer design profession, standards‐setting bodies, marketing organizations, the legal system and government administrative agencies.

The purpose of this paper is to make suggestions of how to improve the legal standing of consumers of digital content products.

The analysis in this paper is based on desk research and comparative legal research, among others in the context of research performed in the context of a grant from the Netherlands Organization for Scientific Research (NWO) and, in parts, on a study performed for the European Commission by Loos et al.

This paper demonstrates that the legal and technical complexities of digital content products and the resulting lack of a clear notion of which product characteristics are still reasonable and normal can result in uncertainty for consumers and businesses, or even a lower level of protection for digital content consumers, as compared to consumers of more conventional products. In order to improve the protection of digital content consumers, defaults for the main functionalities and characteristics of digital content products may be needed. The article describes possible routes to create such defaults and concludes with suggestions for the way forward.

The article suggests a new approach to improving the legal standing of digital consumers, one that takes into account the situation of digital consumers as well as the need for flexibility and room for innovation for digital content businesses. It is based on extensive legal and comparative research into the present legal framework and develops a new approach of conceptualizing the legal obstacles that digital consumers can be confronted with.

Concerns over data-processing activities that may lead to privacy violations or harms have motivated the development of legal frameworks and standards. Further, software engineers are increasingly expected to develop and maintain privacy-aware systems that both comply with such frameworks and standards and meet reasonable expectations of privacy. This paper aims to facilitate reasoning about privacy compliance, from legal frameworks and standards, with a view to providing necessary technical assurances.

The authors show how the standard extension mechanisms of the UML meta-model might be used to specify and represent data-processing activities in a way that is amenable to privacy compliance checking and assurance.

The authors demonstrate the usefulness and applicability of the extension mechanisms in specifying key aspects of privacy principles as assumptions and requirements, as well as in providing criteria for the evaluation of these aspects to assess whether the model meets these requirements.

First, the authors show how key aspects of abstract privacy principles can be modelled using stereotypes and tagged values as privacy assumptions and requirements. Second, the authors show how compliance with these principles can be assured via constraints that establish rules for the evaluation of these requirements.