User:Hotpink789!/sandbox
Chris Hoofnagle Rough Draft
[edit]Chris Jay Hoofnagle is an American professor at the University of California, Berkeley who teaches information privacy law, computer crime law, regulation of online privacy, internet law, and seminars on new technology.[1] Hoofnagle has contributed to the privacy literature by writing privacy law legal reviews and conducting research on the privacy preferences of Americans. Specifically, his research demonstrates that most Americans prefer not to be targeted online for advertising and despite claims to the contrary, young people care about privacy and take actions to protect it.[2][3][4] Hoofnagle has written scholarly articles regarding identity theft, consumer privacy, U.S. privacy laws, and privacy policy suggestions.
Privacy Literature Contributions
[edit]Identity Theft
[edit]Right now, most information about identity theft incidents is gathered from the victims whose identities are being stolen.[5] As a result, many aspects regarding identity theft are still unknown. This includes missing data on synthetic identity theft (situations of identity theft where victims aren’t aware of the crime), the fact that most victims don’t report identity theft to criminal authorities, and the fact that the FBI may decline to investigate identity theft cases due to lack of resources.[5] In fact, less than one in 32 victims of identity theft file an official complaint on the issue.[6]
Because of these issues, Hoofnagle argues that identity theft information should be gathered from financial institutions.[5] Financial institutions are at the center of identity theft crimes as they lend money to thieves, undergo nonpayment, and recharge victims after nonpayment. They have the most interaction with the imposter, which makes them the best player to gather information about identity theft, according to Hoofnagle.[5] Hoofnagle believes that financial institutions should be required to track the number of identity theft instances that taken place or been avoided, identify the targeted product of the thief, and report the loss suffered or avoided.[5] He argues that these policies will garner more information regarding identity theft, helping institutions avoid the problem in the future.[5]
Hoofnagle’s research also discovered that larger institutions that focused on credit card accounts had relatively higher rates of identity fraud than smaller institutions.[6] He argues that this may contradict consumer expectations, as consumers may believe that larger institutions have the tools necessary to avoid identity fraud problems.[6]
Social networking services
[edit]Although signing up for social networking services (SNSs) like Instagram and Facebook do not cost any money to access, Hoofnagle argues that there is a great price for this transaction: the collection of personal information.[7] As consumers post more on SNSs, the SNSs gather more and more personal information on the consumer.[8] Data can be collected directly by tracking the smartphone owner’s posts or storing information from other phone applications on the device.[9] It can also be collected indirectly from information that other people store about the smartphone owner on their own devices.[9] Hoofnagle argues that this transaction represents a loss of privacy for consumers.[7] By freely revealing personal information, consumers leave themselves more vulnerable to data collection, identity theft, fraud, and stalking.[7]
Additionally, consumers do not know how their information will be used in the future.[10] It is almost impossible to delete information that has been posted on SNSs, and consumers do not know how that information will be dealt with.[10]
Internet tracking
[edit]There are many methods of internet tracking, including Flash cookies, ETags, HTML5 local storage, Evercookies, and browser fingerprinting.[11] In a study, Hoofnagle discovered that compared to 2009, there was a dramatic increase in the use of standard cookies in 2011.[11] Additionally, most cookies were placed by third-party hosts, which is mainly made up of advertisers.[11]
Hoofnagle argues that modern privacy regulation would give consumers more choices in the marketplace.[11] He denies that government intervention of this kind is paternalistic in nature.
Commercial Data Brokers
[edit]Commercial data brokers (CDBs) are businesses that collect personal information on individuals and sell it.[12] Hoofnagle argues that CDBs like ChoicePoint perform law enforcement duties and should be regulated by the Privacy Act of 1974 as a result.[12] He argues that government access to CDBs gives law enforcement information that they would not be able to collect legally, presenting a significant legal issue.[12]
Hoofnagle presents four policy solutions to protect personal data from law enforcement. He believes that information collected on individuals should be minimized, there shouldn't be distinctions between commercial and government collection of information, public records should be compatible with modern technology, and the Privacy Act of 1974 should apply to CDBs.[12]
Physical vs Digital Goods
[edit]In “What We Buy When We Buy Now,” authors Aaron Perzanowski and Chris Hoofnagle explore a common misconception regarding consumer rights when buying digital goods; specifically, the misconception that the same regulations govern physical and digital media. The authors called their study The Mediashop Study. After conducting a web-based survey, they discovered that most consumers believe that digital goods and physical goods have the same rights to use and transfer. For example, just like an individual can easily transfer a physical book to someone, most consumers believe they have this same ability with digital books. This is not the case under current digital ownership rights. The study also revealed that consumers would be willing to pay more for the right to transfer digital goods and that adding a short notice that explains consumers’ digital rights would be effective in reducing consumer misperceptions. [13]
Privacy Policies
[edit]Hoofnagle argues that there are limitations to the FTC's privacy policy approach. The Federal Trade Commission (FTC) is the primary consumer protection agency in the United States.[14] Despite the FTC’s commitment to the self-regulation of privacy, Hoofnagle argues that consumers are very concerned about their private information being collected. In “The Federal Trade Commission and Consumer Privacy in the Coming Decade,” Hoofnalge and the other authors explain how most Americans believe that a company’s privacy policy explains how their information will remain private. However, in reality, privacy policies merely detail how website will use a consumer’s private information. Based on their research, the authors conclude that privacy notices alone are insufficient for consumer privacy. To advance privacy, the authors suggest that the FTC make three provisions: police the term “privacy policy,” consult with experts in usability to create privacy-protecting mechanisms, and set benchmarks for self-regulation.[15]
Privacy Law
[edit]Europe
[edit]The European Union's General Data Protection Regulation (GDPR) is the E.U. law on data protection. Hoofnagle argues that the GDPR is "the most consequential regulatory development in information policy in a generation." The GDPR applies to situations where "personal data" is "processed," so virtually all actions involving personal data are protected under the GDPR. The GDPR also places significant burden on data controllers (e.g. companies) to ensure the privacy of consumer information. For instance, they must keep records of all their data processing, adopt a data protection policy, and be transparent on their data usage. Exemptions to the regulations of the GDPR are data activity of personal use or national security. Consequences for breaking the rules of the GDPR include sanctions and fines, and Data Protection Authorities are the main enforcers of the GDPR's regulations. [16]
The United States
[edit]The U.S.'s Privacy Act of 1974 and Fair Credit Reporting Act of 1970 (FCRA) are the framework for U.S. privacy law. Hoofnagle argues that these regulations don't adequately protect privacy, as many companies have found loopholes to them. He argues that the problem with the Privacy Act is that it only applies to the federal government and private companies that work for the government. It does not apply to other private companies or data brokers. Hoofnagle additionally criticizes the FCRA for solely applying to "consumer reporting agencies" that use "consumer reports." Consumer reports solely concern communication on a consumer relating to credit evaluation, employment screening, insurance underwriting, or licensing, and all other uses are not protected by the FCRA.
Hoofnagle and Daniel Solove propose a series of regulations that they label as “The Model Regime” as solutions to the problems they propose with U.S. privacy law. These solutions include:
- Universal notice of when companies collect individuals’ private information
- Meaningful consent of consumers when data is collected
- Meaningful exercise of consumers’ rights,
- Effective individual management of consumer reporting
- Accessing personal information that companies store
- Greater security of information
- Disclosing security breaches
- Limiting use of social security numbers
- Regulating access to public records
- Limiting use of background checks
- Regulating private investigators
- Limiting government access to business and financial records
- Regulating government data mining
- Updating the Privacy Act
- Effectively enforcing privacy rights
Europe and U.S. Compared
[edit]One key divergence between the United States and Europe with regard to privacy is how privacy is discussed legally. In the U.S., conceptions of privacy are broadly categorized as "privacy" or "information privacy" issues. On the other hand, European law distinguishes between information privacy and data protection. While data protection ensures the due process of data, privacy refers to the right to a private life (e.g. private family life and private home).
Additionally, while the GDPR places the burden of the privacy of consumer information on data controllers, U.S. privacy law places this burden on data subjects. Individuals in the U.S. are responsible for reading privacy notices and determine for themselves whether they feel like their private information will be protected.
New Transaction Systems
[edit]In 2013, Hoofnagle conducted an experiment along with Jennifer Urban and Su Li regarding American opinion towards privacy in new transaction systems (e.g. mobile payment systems). An advantage of mobile payment systems is that they serve as a digital wallet, allowing consumers the convenience of making transactions online. They also have the potential for better payment security. However, a privacy concern that Hoofnagle and the authors identify is that this new technology allows merchants to collect personally-identifiable contact information regarding consumers, a feature that is not provided in a typical credit card transactions. The authors' research suggested that Americans are opposed to systems that track them when they browse stores and share their information after purchases (e.g. sharing their phone number). [17]
Cybercrime
[edit]In “Deterring Cybercrime: Focus on Intermediaries,” authors Aniket Kesari, Chris Hoofnagle, and Damon McCoy prove how intermediaries can limit cybercrime. According to the authors, cybercriminals rely on many intermediaries to commit illegal acts. These include methods of acquiring new customers, web hosting, collecting payments, and the delivery of products. While most of the legal scholarship on cybercrime grants intermediaries’ general immunity from the illegal acts of users, the authors argue that intermediaries should be required to take action against criminal activities of users. The authors list examples of current methods to force intermediaries to take action. An example of a government-led intervention includes domain name seizures. This is authorized by the PRO-IP Act, giving the federal government the authority to seize a website accused of illegal activity. An example of private companies limiting the harm of cybercriminals includes the eBay Verified Rights Online (VeRO) Program. This program prevents sellers from illegally marketing and selling items. [18]
The Tethered Economy
[edit]Tethering typically refers to linking mobile devices together. However, in “The Tethered Economy” by Chris Hoofnagle, Aniket Kesari, and Aaron Perzanowski, the authors refer to tethering as the connection and dependence of goods on sellers for their operation. Examples of tethered devices include Google Home, Amazon Alexa, smart kitchen appliances, and other Internet of Things devices. All of these items depend on consumers for their functionality. The benefits of tethering are that tethered products increase trade generativity, may be safer to use, and have the potential for new and personalized functions over time. One harm of tethering includes the fact that manufacturers decide the durability of products through bricking, feature reduction, altering the terms of the bargain. Tethering also presents information risks, since devices are constantly collecting information on consumer behavior. Lastly, tethering reduces choice and competition in the market, raising switching costs that may lock consumers into particular devices or platforms. For example, it may be hard to switch to Microsoft devices once a consumer already owns many Apple devices. [19]
The authors present legal interventions that can change the relationship between sellers and buyers and address the tethering of the economy. Contracts, tort law, and antitrust and consumer protection laws are all suggested reforms to address consumer problems that arise from tethering; however, the authors argue that no single approach will solve all of the problems discussed in the article. [19]
See also
[edit]- Information privacy
- Identity theft
- Identity fraud
- Privacy law
- Privacy law in the United States
- Consumer privacy
Outline (adding sections)
[edit]- Under “Work” Section
[edit]- - Identity theft
- - U.S. privacy law compared to E.U. privacy law
- How U.S. privacy law can be improved
- - Consumer Privacy
- - Methods of internet tracking
- - Social Networking Services
- - Commercial Data Brokers
- - FTC privacy regulation
- - A “Selected Publications” section
- list his journalistic articles with years they were published
Notes for article improvement
[edit]I will be reorganizing the page to make it easier to navigate, more succinct, and flow better. I will add a heading title “work” and under this, I will add subheadings about main topics that he has written articles about. For example, “identity theft,” “consumer privacy,” and “privacy law in the U.S. versus the E.U.” Within these subheadings, I will compile information from various sources he has written to demonstrate his ideas and research. I would also like to add a photo of Hoofnagle to make the page more interesting.
My ideas for article
[edit]I plan to contribute to the scholarly works section of my person's page. Particularly, I hope to clarify the problems he identifies with privacy law and the solutions he proposes. I also hope to add some of the criticisms he has received or how other scholars have expanded on his ideas.
Evaluate 2 articles assignment:
[edit]Information privacy Wikipedia article
Evaluating Content:
- Yes, everything in the article is relevant to the article topic, and there wasn’t anything that distracted me.
- All of these issues are still very relevant, so there isn’t anything out of date to my knowledge. However, most of the citations are from the 2000s and early 2010s, so there could be more updated articles cited. I don’t have enough of an expertise in information privacy, but if I were editing this article, I would look to see if there are any updated information privacy laws that have not been included in this page.
- No, I did not identify any notable equity gaps.
- Adding pictures would make the page more engaging and presentable.
Evaluating tone:
- Yes, the article is neutral and unbiased.
- No, no viewpoints were overrepresented or underrepresented.
Evaluating sources:
- I checked six citations and all of the links worked and supported the claims in the article.
- Yes, each fact is referenced with a reliable and neutral references.
- There are 38 sources cited, so the sources do come from a diverse array of authors and publications.
Checking the Talk Page:
- There is a discussion to change the title of the page to informational privacy instead of information privacy. There are arguments both for and against this on the talk page. Another user also said that one of the sources used is now unavailable. There are also multiple discussions criticizing certain wordings on the page.
- This article is rated a C class and high-importance on the project’s importance scale. It is a part of three Wikiprojects: Computing, Internet, and Mass surveillance.
- The way Wikipedia discusses this topic doesn’t differ from the way we’ve talked about it in class, but I didn’t realize how long talk pages could be. The ones we’ve looked at during training were not this long, and it was really interesting to read the discussions being held.
Facial recognition system Wikipedia article
Evaluating Content:
- Everything in the article was relevant to the topic. There were many grammatical errors throughout the piece, specifically the lack of commas in necessary places, which was very distracting for me while I was reading the article.
- The information is not out of date. There were a wide variety of articles used, from early 2000s to 2021, so the information in the article is still relevant. More information could be added in the sections concerning other countries, as some of these subsections contained disproportionately less information than others.
- The article included way more information on facial recognition in the Commonwealth, US, China, and Latin American compared to the EU, Greece, Italy, the Netherlands, and South Africa. This was concerning to me while reading.
- I thought the “additional uses” subsection was random. Instead of including a vague subsection like this, I think it would be more effective to elaborate on each of the topics mentioned here in its own unique subsection.
Evaluating tone:
- Yes, the article is neutral and unbiased.
- I noticed that the cons of the facial technology were more represented than the pros. The benefits of facial technology were underrepresented, and concerns were overrepresented.
Evaluating sources:
- I checked three sources, and only two of them were available. The third source, from the MIT Technology Review, said “We weren’t able to find the page you were looking for.”
- Most facts were referenced with reliable references. Some of the sources were from mainstream media outlets including The Verge and CBC News. The sources seemed to be neutral.
- The sources come from a diverse array of authors and publications.
Checking the talk page:
- There are conversations about sources that no longer exist and messages from users who want to expand certain sections of the article.
- This article is rated C-class and is a part of 5 Wikiprojects: Robotics, Human rights, Mass surveillance, Law enforcement, and Human-Computer Interaction.
- This Wikipedia article covers way more topics regarding the subject than I initially anticipated.
This is a user sandbox of Hotpink789!. You can use it for testing or practicing edits. This is not the sandbox where you should draft your assigned article for a dashboard.wikiedu.org course. To find the right sandbox for your assignment, visit your Dashboard course page and follow the Sandbox Draft link for your assigned article in the My Articles section. |
- ^ "Technology | Academics | Policy - Chris Hoofnagle". www.techpolicy.com. Retrieved 2021-04-01.
- ^ Turow, Joseph; King, Jennifer; Hoofnagle, Chris Jay; Bleakley, Amy; Hennessy, Michael (2009-09-29). "Americans Reject Tailored Advertising and Three Activities that Enable It". Rochester, NY.
{{cite journal}}
: Cite journal requires|journal=
(help) - ^ Clifford, Stephanie (2009-09-29). "Two-Thirds of Americans Object to Online Tracking". The New York Times. ISSN 0362-4331. Retrieved 2021-04-01.
- ^ Hoofnagle, Chris Jay; King, Jennifer; Li, Su; Turow, Joseph (2010-04-14). "How Different are Young Adults from Older Adults When it Comes to Information Privacy Attitudes and Policies?". Rochester, NY.
{{cite journal}}
: Cite journal requires|journal=
(help) - ^ a b c d e f Hoofnagle, Chris Jay (2007–2008). "Identity Theft: Making the Known Unknowns Known". Harvard Journal of Law & Technology. 21: 97.
{{cite journal}}
: CS1 maint: date format (link) - ^ a b c Hoofnagle, Chris Jay (2008–2009). "Towards a Market for Bank Safety". Loyola Consumer Law Review. 21: 155.
{{cite journal}}
: CS1 maint: date format (link) - ^ a b c Hoofnagle, Chris Jay; Whittington, Jan (2013–2014). "Free: Accounting for the Costs of the Internet's Most Popular Price". UCLA Law Review. 61: 606.
{{cite journal}}
: CS1 maint: date format (link) - ^ Whittington, Jan; Hoofnagle, Chris Jay (2011–2012). "Unpacking Privacy's Price". North Carolina Law Review. 90: 1327.
{{cite journal}}
: CS1 maint: date format (link) - ^ a b Hoofnagle, Chris Jay; Urban, Jennifer M. (2014). "Alan Westin's Privacy Homo Economicus". Wake Forest Law Review. 49: 261.
- ^ a b Whittington, Jan; Hoofnagle, Chris Jay (2011–2012). "Unpacking Privacy's Price". North Carolina Law Review. 90: 1327.
{{cite journal}}
: CS1 maint: date format (link) - ^ a b c d Hoofnagle, Chris Jay; Soltani, Ashkan; Good, Nathaniel; Wambach, Dietrich J. (2012). "Behavioral Advertising: The Offer You Can't Refuse". Harvard Law & Policy Review. 6: 273.
- ^ a b c d Hoofnagle, Chris Jay (2003–2004). "Big Brother's Little Helpers: How ChoicePoint and Other Commercial Data Brokers Collect and Package Your Data for Law Enforcement". North Carolina Journal of International Law and Commercial Regulation. 29: 595.
{{cite journal}}
: CS1 maint: date format (link) - ^ Perzanowski, Aaron; Hoofnagle, Chris Jay (2017). "WHAT WE BUY WHEN WE BUY NOW". University of Pennsylvania Law Review. 165 (2): 315–378. ISSN 0041-9907.
- ^ Hoofnagle, Chris Jay (2017-09-01). "FTC Regulation of Cybersecurity and Surveillance". Rochester, NY.
{{cite journal}}
: Cite journal requires|journal=
(help) - ^ Turow, Joseph; Hoofnagle, Chris Jay; Mulligan, Deirdre K.; Good, Nathaniel (2007–2008). "The Federal Trade Commission and Consumer Privacy in the Coming Decade". I/S: A Journal of Law and Policy for the Information Society. 3: 723.
{{cite journal}}
: CS1 maint: date format (link) - ^ Hoofnagle, Chris Jay; Sloot, Bart van der; Borgesius, Frederik Zuiderveen (2019-01-02). "The European Union general data protection regulation: what it is and what it means". Information & Communications Technology Law. 28 (1): 65–98. doi:10.1080/13600834.2019.1573501. ISSN 1360-0834.
- ^ Hoofnagle, Chris Jay; Urban, Jennifer M.; Li, Su (2012-04-24). "Mobile Payments: Consumer Benefits & New Privacy Concerns". Rochester, NY.
{{cite journal}}
: Cite journal requires|journal=
(help) - ^ Kesari, Aniket; Hoofnagle, Chris; McCoy, Damon (2017). "Deterring Cybercrime: Focus on Intermediaries". Berkeley Technology Law Journal. 32: 1093.
- ^ a b Hoofnagle, Chris Jay; Kesari, Aniket; Perzanowski, Aaron (2019). "The Tethered Economy". George Washington Law Review. 87: 783.