A comparison of proposed legislative data privacy protections in the United States

The use of online consumer tracking methods has raised significant privacy concerns for consumers and policymakers for decades. Advertisers using these methods analyze web-viewing habits to predict consumer preferences and actions. The advertising industry in the United States has promoted self-regulatory principles to respond to these concerns. However, in December 2010, the U.S. Federal Trade Commission reported that these efforts “have been too slow and up to now have failed to provide adequate and meaningful protection.” President Barack Obama's administration has supported broader legislation for comprehensive protection of individuals' private data. The leading model for data privacy protection is the 1980 Organization for Economic Cooperation and Development (OECD) Guidelines on the Protection of Privacy and Transborder Flows of Personal Data. This article examines two leading legislative privacy proposals in the context of the OECD principles. This examination concludes that, although the proposals do not provide sufficient comprehensive privacy protections, they do fill significant gaps in current U.S. privacy laws.     

The legal effect of EU Regulations

The EU institutions are increasingly addressing harmonisation by means of regulation rather than the traditional use of directives. This is particularly impacting areas such as data protection, financial services regulation and European standardisation in Information and Communications Technology. More broadly, using directly applicable regulations which may have horizontal and vertical direct effect rather than directives has important administrative and constitutional implications for their application in national law and impacts on Member States' discretion to implement supplementary legislation which falls within the remit of the regulation in question. This is of particular concern where governments implement policies which might be in contravention of these rules. This may be the case in relation to the UK government's public procurement policy which mandates royalty free standards rather than royalty bearing standards with the option for the licence holder to licence royalty free.     

‘Modernising’ data protection Convention 108: A safe basis for a global privacy treaty?

Proposals for the reform or ‘modernisation’ of Council of Europe Data Protection Convention 108 have now been forwarded from the Convention's Consultative Committee for consideration by the Council of Ministers. This article assesses the changes proposed, which strengthen the obligations of Parties to implement the Convention as a matter of effective practice, not just as a law on paper. It tightens most of the existing data protection principles, and adds new ones which better align the Convention with the EU Directive (and proposed Regulation). The Convention Committee will have explicit new functions including assessing candidates for accession, and periodically reviewing implementation by existing parties. However, the proposals concerning the required standard for data export limitations are in some respects ill-defined and dangerous for data subjects. The existing standard that personal data can only be exported if the recipient provides ‘adequate’ protection has been abandoned for an undefined requirement of ‘appropriate’ protection. The article situates the risk of abandoning meaningful data export restrictions in the context of the USA's push for ‘interoperability’ of very different data protection standards.     

Some reflections on the duality of regime for software protection in the European Union

Although the framework for protection of computer programs has been established in the European Union more than two decades ago, it has not undergone any major changes. Opinions of Advocate General Yves Bot have convinced the Court to advance the concept of the plurality of copyright regimes applicable to software: source code, object code and documentation would be protected under the Software Directive, whereas interfaces, programming languages, data formats and software manuals are dealt with as literary works under the InfoSoc Directive. In SAS Institute v WPL, the Court also ruled that copyright in a computer program cannot be infringed where the lawful acquirer of the license neither decompiled the object code nor copied the source code of the computer program, but merely studied, observed and tested that program in order to reproduce its functionality in a second program. This ruling paves the way and acknowledges the reverse engineering efforts on the Old Continent.     

Are internet robots adequately regulated?

The robots.txt protocol allows website owners to specify whether and if so, what bots may access their sites. On the one hand, websites owners may have good reason to fend off bots. The bots may consume too much capacity, they may harvest data that are not suitable for presentation elsewhere on the web, or the owner may have reasons for disallowing bots that lie in the relation with user of the bot. On the other hand, search engines, aggregators and other users of bots may provide social beneficial services based on the data collected by bots, i.e. data that are freely available to anybody visiting the site manually. How should the law regulate disputes that arise in this context? Two legal regimes (trespass to chattels and unauthorised access) have been examined. Based on the characteristics of the disputes at hand, a number of desirable characteristics for an ideal form of regulation are identified. When testing the two regimes they are found to be lacking. A structure for a form of regulation is presented that allows the law to develop in a way that does more justice to the disputes at hand.     

American Indian religion in the iron house: searching for ‘some accommodation’

Religious freedom claims by American Indian prisoners are disfavored in law and policy more than most prisoner civil rights claims. This disfavor reflects the continuing influence of the cultural distance between traditional Indians and Christianity – a distance with an unfortunate history from the Indian point of view. The salutary effects of Christian religion within prisons have been assumed for as long as prisons have existed; this assumption is based upon scant evidence. Treating Indian religious expression as inferior to Christian religious expression within prisons is often allowed by law, but it is insupportable in policy without reference to the historical power relationship between Indians and the dominant culture. Indian spirituality, like Christianity, can engage prisoners in the moral discourse demanded by the tenets of restorative justice. Accommodation of Indian spirituality is as much in the public interest as accommodation of religion within prisons at all.     

A Bonfire of the Regulations,or Business as Usual? The UK Labour Market and the Political Economy of Brexit

Employment and labour market regulation initially appeared as one of the solid red lines in the UK's renegotiation of the country's place in the EU. The basic argument is that the UK's more deregulated labour market would sit uneasily in the more organised models, based on statutory instruments or collective bargaining, found on the continent. While there is a legitimate problem here, EU employment regulations appear manageable from the point of view of business, while unions see them as important tools for socially responsible economic restructuring. Most of UK employment case law is now deeply entangled with EU law; labour market regulations have, on the whole, become part of the way of doing business in the Single Market; and a simple cost–benefit analysis appears impossible because some costs are not quantifiable and the costs of others are reduced when taken as a bundle. Labour unions agree that transposition of European law needs to be done taking into account local sensitivities, while internationally oriented companies do not see EU regulations on the whole as detrimental to business. Importantly, though, the costs and benefits of EU employment regulations are not symmetrically distributed across different companies: large companies are better able to reap the rewards and accommodate the costs of operating in the Single Market than smaller companies.     

Europe after the U.S. Pivot

Insofar as Europe's security and cohesion have for decades been premised upon a strong American political and strategic engagement, Washington's intention to “rebalance” to Asia casts a shadow over the sustainability of a stable and coherent geopolitical order on the continent. This article argues that as the United States seeks to rebalance strategically towards the Asia-Pacific region a number of “indigenous” geopolitical trends are becoming increasingly important in Europe: an Anglo-French entente for a “maritime” Europe, a German-French “continental” project of economic and political integration, and Russia's resurgence across Europe's East. The growing prominence of competing geopolitical visions for Europe might even call into question the cohesion and direction of the institutional expressions of the U.S.- engineered Western order in Europe, namely the Atlantic Alliance and the European Union. Increasing geopolitical and institutional contestation, we contend, pose a number of challenges for both U.S. interests and European security.