Kim on Data Mining and the Challenges of Protecting Employee Privacy Under U.S. Law @WashULaw

Pauline Kim, Washington University in Saint Louis, School of Law, has published Data Mining and the Challenges of Protecting Employee Privacy Under U.S. Law at 40 Comparative Labor Law & Policy Journal 405 (2019). Here is the abstract.

Concerns about employee privacy have intensified with the introduction of data mining tools in the workplace. Employers can now readily access detailed data about workers’ online behavior or social media activities, purchase background information from data brokers, and collect additional data from workplace surveillance tools. When data mining techniques are applied to this wealth of data, it is possible to infer additional information about employees beyond the information that is collected directly. As a consequence, these tools can alter the meaning and significance of personal information depending upon what other information it is aggregated with and how the larger dataset is analyzed. With data mining, individual privacy may be threatened not by the types of information actually collected, but because of what can be inferred from it. This poses a challenge for the law, which often conceptualizes the harm of privacy intrusions in terms of the sensitivity or highly personal nature of information collected or disclosed. This article explores this dilemma by examining three examples of employee privacy protection under US law: anti-discrimination law’s protection of medical and genetic information, the common law privacy tort’s protection of embarrassing or humiliating intrusions or disclosures, and the Fair Credit Reporting Act’s protection against erroneous data. These laws all rest on the assumption that particular information can be identified as problematic and protected. However, because data mining techniques can infer new information, this approach will be largely ineffective in addressing the privacy threats posed by these technologies.

Download the article from SSRN at the link.

Scharf on Game of Drones: Rolling the Dice With Unmanned Aerial Vehicles and Privacy @UNLVLaw

Rebecca L. Scharf, University of Nevada, Las Vegas, School of Law, has published Game of Drones: Rolling the Dice with Unmanned Aerial Vehicles and Privacy. Here is the abstract.

This Article offers a practical three-part test for courts and law enforcement to utilize when faced with drone and privacy issues. Specifically addressing the question: how should courts analyze the Fourth Amendment’s protection against ‘unreasonable searches’ in the context of drones? The Supreme Court’s Fourth Amendment jurisprudence produced an intricate framework to address issues arising out of the intersection of technology and privacy interests. In prominent decisions, including United States v. Katz, California v. Ciraolo, Kyllo v. United States, and most notably, United States v. Jones, the Court focused on whether the use of a single technology, such as the use of photography, audio recording, heat sensors, or GPS violated an individual’s Fourth Amendment right to privacy. But now, one of the most complex and innovative technological advances in recent years, the unmanned aerial vehicle, or drone, has created an especially difficult issue for courts. Because a single drone can be fitted with multiple technologies, courts need to employ a multidimensional analysis to determine whether an individual’s Fourth Amendment rights have been violated. Thus, with technology advancing quicker than the Court can address, lower courts are left without direction on how to handle this important constitutional quandary, leaving individual right to privacy vulnerable. This Article builds on other scholars’ work promoting a “technology-based” definition of what constitutes a search, by creating a three-factor test for courts to utilize when faced with a drone privacy issue. Specifically arguing that courts should apply a presumption that a warrant is necessary absent exigent circumstances when law enforcement uses drones to survey an individual’s home or curtilage by considering: 1) What type of technology is the drone employing in the search, 2) What is the extent of the surveillance?; and 3) What is the extent of the privacy interference? No longer are the days of addressing the use of a singular technology, as courts will soon, if not already, be inundated with cases involving the intersection of multiple technologies through the use of drones and privacy. Although other scholarship explores drones and privacy concerns, this Article is novel in that it offers a practical approach for courts and law enforcement to utilize, while offering the historical framework for each factor. Guiding courts and law enforcement to handle privacy concerns with the use of drones will provide a structured and approachable analysis that can apply regardless of the drone-in-question’s capabilities and the amount of technologies used.

Download the article from SSRN at the link.

An Update on a Prosecutor's Request For Amazon Echo Data in a Murder Case

Bloomberg Law's Daniel Stoller updates us on the debate over an Arkansas prosecutor's request for information from Amazon for data from an Echo that might develop facts in a murder case. He notes that a parallel between this case and the Apple v. FBI encryption battle may not be so obvious. 

Balkin on The Three Laws of Robotics in the Age of Big Data @jackbalkin

Jack M. Balkin, Yale University Law School, is publishing The Three Laws of Robotics in the Age of Big Data in volume 78 of the Ohio State Law Journal (2017). Here is the abstract.

In his short stories and novels, Isaac Asimov imagined three law of robotics programmed into every robot. In our world, the "laws of robotics" are the legal and policy principles that should govern how human beings use robots, algorithms, and artificial intelligence agents. This essay introduces these basic legal principles using four key ideas: (1) the homunculus fallacy; (2) the substitution effect; (3) the concept of information fiduciaries; and (4) the idea of algorithmic nuisance. The homunculus fallacy is the attribution of human intention and agency to robots and algorithms. It is the false belief there is a little person inside the robot or program who has good or bad intentions. The substitution effect refers to the multiple effects on social power and social relations that arise from the fact that robots, AI agents, and algorithms substitute for human beings and operate as special-purpose people. The most important issues in the law of robotics require us to understand how human beings exercise power over other human beings mediated through new technologies. The "three laws of robotics" for our Algorithmic Society, in other words, should be laws directed at human beings and human organizations, not at robots themselves. Behind robots, artificial intelligence agents and algorithms are governments and businesses organized and staffed by human beings. A characteristic feature of the Algorithmic Society is that new technologies permit both public and private organizations to govern large populations. In addition, the Algorithmic Society also features significant asymmetries of information, monitoring capacity, and computational power between those who govern others with technology and those who are governed. With this in mind, we can state three basic "laws of robotics" for the Algorithmic Society: First, operators of robots, algorithms and artificial intelligence agents are information fiduciaries who have special duties of good faith and fair dealing toward their end-users, clients and customers. Second, privately owned businesses who are not information fiduciaries nevertheless have duties toward the general public. Third, the central public duty of those who use robots, algorithms and artificial intelligence agents is not to be algorithmic nuisances. Businesses and organizations may not leverage asymmetries of information, monitoring capacity, and computational power to externalize the costs of their activities onto the general public. The term "algorithmic nuisance" captures the idea that the best analogy for the harms of algorithmic decision making is not intentional discrimination but socially unjustified "pollution" - that is, using computational power to make others pay for the costs of one's activities. Obligations of transparency, due process and accountability flow from these three substantive requirements. Transparency - and its cousins, accountability and due process - apply in different ways with respect to all three principles. Transparency and/or accountability may be an obligation of fiduciary relations, they may follow from public duties, and they may be a prophylactic measure designed to prevent unjustified externalization of harms or in order to provide a remedy for harm.

Download the article from SSRN at the link.