Showing posts with label data protection laws. Show all posts
Showing posts with label data protection laws. Show all posts

Saturday, July 6, 2024

THE GREAT SCRAPE: THE CLASH BETWEEN SCRAPING AND PRIVACY; SSRN, July 3, 2024

Daniel J. SoloveGeorge Washington University Law School; Woodrow HartzogBoston University School of Law; Stanford Law School Center for Internet and SocietyTHE GREAT SCRAPETHE CLASH BETWEEN SCRAPING AND PRIVACY

"ABSTRACT

Artificial intelligence (AI) systems depend on massive quantities of data, often gathered by “scraping” – the automated extraction of large amounts of data from the internet. A great deal of scraped data is about people. This personal data provides the grist for AI tools such as facial recognition, deep fakes, and generative AI. Although scraping enables web searching, archival, and meaningful scientific research, scraping for AI can also be objectionable or even harmful to individuals and society.


Organizations are scraping at an escalating pace and scale, even though many privacy laws are seemingly incongruous with the practice. In this Article, we contend that scraping must undergo a serious reckoning with privacy law. Scraping violates nearly all of the key principles in privacy laws, including fairness; individual rights and control; transparency; consent; purpose specification and secondary use restrictions; data minimization; onward transfer; and data security. With scraping, data protection laws built around

these requirements are ignored.


Scraping has evaded a reckoning with privacy law largely because scrapers act as if all publicly available data were free for the taking. But the public availability of scraped data shouldn’t give scrapers a free pass. Privacy law regularly protects publicly available data, and privacy principles are implicated even when personal data is accessible to others.


This Article explores the fundamental tension between scraping and privacy law. With the zealous pursuit and astronomical growth of AI, we are in the midst of what we call the “great scrape.” There must now be a great reconciliation."

Thursday, January 30, 2020

Facebook pays $550m settlement for breaking Illinois data protection law; The Guardian, January 30, 2020

Alex Hern, The Guardian; Facebook pays $550m settlement for breaking Illinois data protection law

"Facebook has settled a lawsuit over facial recognition technology, agreeing to pay $550m (£419m) over accusations it had broken an Illinois state law regulating the use of biometric details...

It is one of the largest payouts for a privacy breach in US history, a marker of the strength of Illinois’s nation-leading privacy laws. The New York Times, which first reported the settlement, noted that the sum “dwarfed” the $380m penalty the credit bureau Equifax agreed to pay over a much larger customer data breach in 2017."

Wednesday, April 4, 2018

Grindr Sets Off Privacy Firestorm After Sharing Users’ H.I.V.-Status Data; The New York Times, April 3, 2018

Natasha Singer, The New York Times; Grindr Sets Off Privacy Firestorm After Sharing Users’ H.I.V.-Status Data

"Grindr, the social network aimed at gay, bisexual and transgender men, is facing a firestorm of criticism for sharing users’ H.I.V. status, sexual tastes and other intimate personal details with outside software vendors.

The data sharing, made public by European researchers on Saturday and reported by BuzzFeed on Monday, set off an outcry from many users. By Monday night, the company said it would stop sharing H.I.V. data with outside companies."