LSN: Identity Theft (Sub-Topic)最新文献

{"title":"After Schrems II: A Proposal to Meet the Individual Redress Challenge","authors":"Kenneth R. Propp, Peter P. Swire","doi":"10.2139/ssrn.3680148","DOIUrl":"https://doi.org/10.2139/ssrn.3680148","url":null,"abstract":"In its Schrems II decision, the Court of Justice of the European Union (CJEU) invalidated the EU/US Privacy Shield, and cast doubt on the validity of standard contractual clauses, the principal alternative for transferring personal data from EU territory to the United States and other third countries. This article outlines a proposal for how to amend US law to meet the Court’s stated legal requirementthat an EU individual have a right to individual redress for violations of rights by US intelligence agencies.<br><br>In Schrems II, the CJEU stated that privacy protections in nations receiving data from the EU must be “essentially equivalent” to those afforded within the EU, including with respect “to any access by the public authorities to the personal data transferred [and] the relevant aspects of the legal system of that third country.” The CJEU identified two ways in which U.S. surveillance law lacks essential equivalence to EU safeguards. The first, and the focus of this article, is that the US lacks an “effective and enforceable” right of individual redress. <br><br>The article explains the history of the Schrems litigation and of previous EU/US negotiations on trans-Atlantic flows of personal data. Specifically, it discusses the CJEU’s finding that the Ombudsperson mechanism in the Privacy Shield for individual redress provided inadequate protections. Based on the CJEU’s decision, any future attempt by the United States to successfully address this perceived deficiency in judicial redress thus must have two dimensions: a credible fact-finding inquiry into classified surveillance activities in order to ensure protection of the individual’s rights, and the possibility of appeal to an independent judicial body that can remedy any violation of rights should it occur. For fact-finding, the authors propose that individual complaints be investigated by existing Privacy Civil Liberties Officers within the US intelligence community, or alternatively by the Privacy and Civil Liberties Oversight Board. Neither approach constitutes complete independence from the executive branch, and the possibility of such independence was narrowed by the US Supreme Court in its 2020 Seila Law opinion.<br><br>The independent review required by EU law would occur upon appeal to the US Foreign Intelligence Surveillance Court, composed of fully independent federal judges. Our proposal meets the US constitutional requirement of standing by imposing a legal duty on the agencies to examine complaints similar to the duty imposed under the Freedom of Information Act. If the agency does not meet the required standard of investigation and protection of rights, the judge can order the agency to correct any violation of individual rights. Creation of this judicial review function would require new federal legislation.<br><br>The article also discusses the legal standard for judicial review and suggests extending the new statutory protections to both US and EU persons. By meeting t","PeriodicalId":182513,"journal":{"name":"LSN: Identity Theft (Sub-Topic)","volume":"33 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-08-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122309698","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"The Brazilian Emergency Income Aid Bailout and Post-COVID-19 Consumers Surveillance","authors":"Marco Aurélio Rodrigues Cunha e Cruz, Afonso Oliva","doi":"10.2139/ssrn.3863400","DOIUrl":"https://doi.org/10.2139/ssrn.3863400","url":null,"abstract":"In this brief essay, we seek to present the outline of a future paper that will analyze the risks involved in the mechanism chosen by the Brazilian Federal Government for the granting of an Emergency Income Aid Bailout provided for in federal law no. 13982, that is, the opening of digital accounts for those who did not have bank accounts at the time of enrollment in the social program, thereby reaching the population that, at one time, was far from the State's inspection eyes in economic matters.<br><br>It is about the inclusion of about 30 million new consumers in the databases that also feed the recently regulated “Cadastro Positivo de Crédito”, the Brazilian version of the \"Credit Reports\", with the special detail that the fulfillment of certain legal requirements guarantees a greater categorization of these consumers, with direct impact on the most accurate deduction of the consumption profile of each citizen and, consequently, on the granting of credit in the country.<br><br>In the study that follows, it is attempted to demonstrate how the creation of these digital accounts - a maneuver used as a solution in the “state of exception” resulting from the COVID-19 pandemic, for the distribution of emergency income aid bailout - will have implications for future analysis of credit for those who were on the margins of the automated systems regulated by the Credit Reports, reflecting as yet another tool capable of reinforcing chronic surveillance over the Brazilian consumer market.<br>","PeriodicalId":182513,"journal":{"name":"LSN: Identity Theft (Sub-Topic)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131334052","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Excessive Data Collection: Privacy Considerations and Abuse of Dominance in the Era of Big Data","authors":"V. H. Robertson","doi":"10.2139/ssrn.3408971","DOIUrl":"https://doi.org/10.2139/ssrn.3408971","url":null,"abstract":"The present era of big data challenges many of the basic assumptions of competition law. One particularly pressing question is: to what extent should privacy considerations and data protection filter into competition law assessments? The paper focuses on personalized user data that companies gather through third-party tracking on the web. This practice allows the tracker to build comprehensive user profiles across platforms and devices, placing an unprecedented volume of up-to-date personal data in the hands of a small number of globally active companies. Focusing on the stage of data acquisition, the paper assesses two scenarios under which EU competition law may deem the vast amounts of data gathered by certain digital platforms excessive under Article 102(a) TFEU: excessive data “prices” and data policies as unfair trading conditions. In both cases, the competition law assessment is autonomous from other areas of the law: while a breach of data protection rules is not automatically a breach of competition law, a company adhering to data protection rules may still violate competition laws. The paper finds that EU competition law already possesses the necessary tools to address excessive data collection, while data protection rules provide much-needed context for this type of exploitative abuse.","PeriodicalId":182513,"journal":{"name":"LSN: Identity Theft (Sub-Topic)","volume":"7 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-06-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125581133","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Data Portability Under GDPR: Technical Challenges","authors":"Engin Bozdag","doi":"10.2139/ssrn.3111866","DOIUrl":"https://doi.org/10.2139/ssrn.3111866","url":null,"abstract":"Right to data portability under GDPR enables individuals to request a copy of their personal data, also for exporting it to other service providers’ platforms. While WP29 has issued a guideline, there are many questions about how to implement this right effectively. In this paper, we will focus on some of the more technical challenges as well as some of the complex tensions that ensue due to existing descriptions of what the right should entail. The prior includes matters like determining the right format and implementing possibilities for direct transmission and API’s. The latter focuses on issues like distinguishing provided (raw) from inferred (derived) data; separating data obtained under consent or contract from other data collected under different legal grounds; determining harm against other individuals’ rights and freedoms and potentially redacting personal data automatically; and the challenge of implementing portability “without hindrance” while at the same time implementing “appropriate security measures” which are mostly obstructive by nature.","PeriodicalId":182513,"journal":{"name":"LSN: Identity Theft (Sub-Topic)","volume":"49 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-01-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"117174354","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Identity Theft: a Pernicious and Costly Fraud","authors":"Julia S. Cheney","doi":"10.2139/SSRN.927415","DOIUrl":"https://doi.org/10.2139/SSRN.927415","url":null,"abstract":"On October 3, 2003, the Payment Cards Center of the Federal Reserve Bank of Philadelphia sponsored a workshop on identity theft to examine its growing impact on participants in our payments system. Avivah Litan, vice president and research director of financial services for Gartner Inc., led the workshop. The discussion began and this paper follows with a broad study of identity theft, at times compared with traditional payment fraud, and continues with an evaluation of its overall risk to consumers, merchants, and credit providers. The paper compares the incentives each such party has to address identity theft in concert with current market response to the crime. Finally, the paper concludes by posing several questions for further study. This paper supplements material from Litan’s presentation with additional research on the crime of identity theft.","PeriodicalId":182513,"journal":{"name":"LSN: Identity Theft (Sub-Topic)","volume":"4 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2003-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124617843","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}