格雷姆-里奇-比利利法案,信息隐私和默认规则的限制

IF 3 3区 社会学 Q1 LAW
E. Janger, P. Schwartz
{"title":"格雷姆-里奇-比利利法案,信息隐私和默认规则的限制","authors":"E. Janger, P. Schwartz","doi":"10.2139/SSRN.319144","DOIUrl":null,"url":null,"abstract":"The Gramm-Leach-Bliley Act (GLB Act) of 1999 sought to provide new rules for financial privacy. Only a few years after the GLB Act's enactment, however, it appears to have failed as far as privacy protection is concerned. The Act has pleased neither privacy advocates nor the financial industry. It may, in fact, be a rare legislative feat to have a single statute create so many diverse critics so quickly. This Article examines the GLB Act and its shortcomings through reference to and refinement of theoretical work regarding the law of incomplete contracts. The key scholarship concerns information sharing and \"defaults,\" or background rules, for filling gaps in agreements. We explore three possible kinds of defaults: majoritarian, information forcing, and norm enforcing. This Article finds that the GLB Act's privacy safeguards are highly problematic as examples of either a majoritarian or information forcing default. The GLB Act also raises difficulties if evaluated as a background rule that seeks to enforce norms. In our judgment, information privacy should be conceptualized as a norm constitutive of a democratic society. The access to personal information and limits on it help form the nature of the society in which we live and shape our individual identities. For example, the structure of access to personal information can have a decisive impact on the extent to which certain actions or expressions of identity are encouraged or discouraged. Our concept of \"constitutive privacy\" suggests that information privacy is a kind of commons that requires some degree of social control to construct and preserve. Default rules, when viewed from this normative perspective, should have a limited role in norm enforcement because of the current poor functioning of the privacy market between consumers and financial institutions. In particular, the presence of bounded rationality along with coordination problems makes default rules a risky choice in this context of information privacy. Under such conditions, the law should generally seek to minimize harms that flow from reliance on bargaining among consumers and data processors. In this Article's final section, we explore ways in which to make the GLB Act's mandatory rules more flexible, and we propose possible revisions to the existing \"notice and opt-out\" default in the GLB Act. Finally, we revisit the GLB Act's opt-out requirement. We propose to improve upon this requirement by using social science research concerning the power of \"frames.\" We also discuss the possible merits of a shift to an opt-in requirement.","PeriodicalId":47393,"journal":{"name":"Minnesota Law Review","volume":"86 1","pages":"1219-1262"},"PeriodicalIF":3.0000,"publicationDate":"2002-09-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://sci-hub-pdf.com/10.2139/SSRN.319144","citationCount":"41","resultStr":"{\"title\":\"The Gramm-Leach-Bliley Act, Information Privacy, and the Limits of Default Rules\",\"authors\":\"E. Janger, P. Schwartz\",\"doi\":\"10.2139/SSRN.319144\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The Gramm-Leach-Bliley Act (GLB Act) of 1999 sought to provide new rules for financial privacy. Only a few years after the GLB Act's enactment, however, it appears to have failed as far as privacy protection is concerned. The Act has pleased neither privacy advocates nor the financial industry. It may, in fact, be a rare legislative feat to have a single statute create so many diverse critics so quickly. This Article examines the GLB Act and its shortcomings through reference to and refinement of theoretical work regarding the law of incomplete contracts. The key scholarship concerns information sharing and \\\"defaults,\\\" or background rules, for filling gaps in agreements. We explore three possible kinds of defaults: majoritarian, information forcing, and norm enforcing. This Article finds that the GLB Act's privacy safeguards are highly problematic as examples of either a majoritarian or information forcing default. The GLB Act also raises difficulties if evaluated as a background rule that seeks to enforce norms. In our judgment, information privacy should be conceptualized as a norm constitutive of a democratic society. The access to personal information and limits on it help form the nature of the society in which we live and shape our individual identities. For example, the structure of access to personal information can have a decisive impact on the extent to which certain actions or expressions of identity are encouraged or discouraged. Our concept of \\\"constitutive privacy\\\" suggests that information privacy is a kind of commons that requires some degree of social control to construct and preserve. Default rules, when viewed from this normative perspective, should have a limited role in norm enforcement because of the current poor functioning of the privacy market between consumers and financial institutions. In particular, the presence of bounded rationality along with coordination problems makes default rules a risky choice in this context of information privacy. Under such conditions, the law should generally seek to minimize harms that flow from reliance on bargaining among consumers and data processors. In this Article's final section, we explore ways in which to make the GLB Act's mandatory rules more flexible, and we propose possible revisions to the existing \\\"notice and opt-out\\\" default in the GLB Act. Finally, we revisit the GLB Act's opt-out requirement. We propose to improve upon this requirement by using social science research concerning the power of \\\"frames.\\\" We also discuss the possible merits of a shift to an opt-in requirement.\",\"PeriodicalId\":47393,\"journal\":{\"name\":\"Minnesota Law Review\",\"volume\":\"86 1\",\"pages\":\"1219-1262\"},\"PeriodicalIF\":3.0000,\"publicationDate\":\"2002-09-30\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"https://sci-hub-pdf.com/10.2139/SSRN.319144\",\"citationCount\":\"41\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Minnesota Law Review\",\"FirstCategoryId\":\"90\",\"ListUrlMain\":\"https://doi.org/10.2139/SSRN.319144\",\"RegionNum\":3,\"RegionCategory\":\"社会学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"LAW\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Minnesota Law Review","FirstCategoryId":"90","ListUrlMain":"https://doi.org/10.2139/SSRN.319144","RegionNum":3,"RegionCategory":"社会学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"LAW","Score":null,"Total":0}
引用次数: 41

摘要

1999年的格雷姆-里奇-比利利法案(GLB法案)试图为金融隐私提供新的规则。然而,在GLB法案颁布仅仅几年之后,就隐私保护而言,它似乎已经失败了。该法案既没有取悦隐私权倡导者,也没有取悦金融业。事实上,这可能是一个罕见的立法壮举,一个单一的法规如此迅速地产生了如此多的不同的批评。本文通过对不完全合同法理论工作的借鉴和完善,考察了GLB法及其不足。关键的奖学金涉及信息共享和“默认”,即填补协议空白的背景规则。我们探讨了三种可能的默认类型:多数主义、信息强制和规范强制。本文发现,GLB法案的隐私保护是非常有问题的,作为多数主义或信息强制默认的例子。如果将《GLB法案》作为一项旨在执行规范的背景规则来评估,也会遇到困难。在我们看来,信息隐私应该被概念化为民主社会的一种构成规范。对个人信息的获取和限制有助于形成我们所生活的社会的本质,并塑造我们的个人身份。例如,访问个人信息的结构可以对鼓励或阻止某些行为或身份表达的程度产生决定性影响。我们的“构成性隐私”概念表明,信息隐私是一种公地,需要一定程度的社会控制来构建和保护。从这个规范的角度来看,默认规则在规范执行方面的作用应该有限,因为目前消费者和金融机构之间的隐私市场运作不佳。特别是,有限理性和协调问题的存在使得默认规则在这种信息隐私环境下成为一种有风险的选择。在这种情况下,法律通常应该寻求将依赖消费者和数据处理者之间的讨价还价所带来的危害降到最低。在本文的最后一节中,我们将探讨使GLB法案的强制性规则更加灵活的方法,并对GLB法案中现有的“通知和选择退出”默认值提出可能的修订。最后,我们重新审视GLB法案的选择退出要求。我们建议利用社会科学研究“框架”的力量来改进这一要求。我们还讨论了转向可选加入要求的可能优点。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
The Gramm-Leach-Bliley Act, Information Privacy, and the Limits of Default Rules
The Gramm-Leach-Bliley Act (GLB Act) of 1999 sought to provide new rules for financial privacy. Only a few years after the GLB Act's enactment, however, it appears to have failed as far as privacy protection is concerned. The Act has pleased neither privacy advocates nor the financial industry. It may, in fact, be a rare legislative feat to have a single statute create so many diverse critics so quickly. This Article examines the GLB Act and its shortcomings through reference to and refinement of theoretical work regarding the law of incomplete contracts. The key scholarship concerns information sharing and "defaults," or background rules, for filling gaps in agreements. We explore three possible kinds of defaults: majoritarian, information forcing, and norm enforcing. This Article finds that the GLB Act's privacy safeguards are highly problematic as examples of either a majoritarian or information forcing default. The GLB Act also raises difficulties if evaluated as a background rule that seeks to enforce norms. In our judgment, information privacy should be conceptualized as a norm constitutive of a democratic society. The access to personal information and limits on it help form the nature of the society in which we live and shape our individual identities. For example, the structure of access to personal information can have a decisive impact on the extent to which certain actions or expressions of identity are encouraged or discouraged. Our concept of "constitutive privacy" suggests that information privacy is a kind of commons that requires some degree of social control to construct and preserve. Default rules, when viewed from this normative perspective, should have a limited role in norm enforcement because of the current poor functioning of the privacy market between consumers and financial institutions. In particular, the presence of bounded rationality along with coordination problems makes default rules a risky choice in this context of information privacy. Under such conditions, the law should generally seek to minimize harms that flow from reliance on bargaining among consumers and data processors. In this Article's final section, we explore ways in which to make the GLB Act's mandatory rules more flexible, and we propose possible revisions to the existing "notice and opt-out" default in the GLB Act. Finally, we revisit the GLB Act's opt-out requirement. We propose to improve upon this requirement by using social science research concerning the power of "frames." We also discuss the possible merits of a shift to an opt-in requirement.
求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
CiteScore
1.40
自引率
0.00%
发文量
1
期刊介绍: In January 1917, Professor Henry J. Fletcher launched the Minnesota Law Review with lofty aspirations: “A well-conducted law review . . . ought to do something to develop the spirit of statesmanship as distinguished from a dry professionalism. It ought at the same time contribute a little something to the systematic growth of the whole law.” For the next forty years, in conjunction with the Minnesota State Bar Association, the faculty of the University of Minnesota Law School directed the work of student editors of the Law Review. Despite their initial oversight and vision, however, the faculty gradually handed the editorial mantle over to law students.
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信