October 2019 - JoeJerome.com - Ramblings on Privacy in a Data-Driven Society

Discussing Location Data in Kotaku

Oct 21

There’s a quick blurb from me in a feature story on Kotaku about the implications of PokemonGo-developer Niantic’s vast collection of geolocation data for its Real World Platform. It’s an interesting read into location-based apps, augmented reality, and gaming as a sort of gatekeeper into what comes next:

“Any time an app collects location data, you have to hope the app developer has given some thought to the risks involved, but this is hard to tell from a privacy policy alone,” said Joseph Jerome, a privacy consultant. “A lot of companies will say that IP addresses and other technical information is not personal. Niantic is not making [these claims], which is a good thing.”

Federalist Society Podcast: California Consumer Privacy Act

Oct 10

In this episode of the Federalist Society’s Tech Roundup, I join the Mercatus Center’s Adam Thierer and TechFreedom’s Ian Adams to bring a privacy advocate’s perspective to the looming California Consumer Privacy Act. It’s a good discussion of the relative merits of privacy laws at the state or federal level, and I only interrupt Ian a couple times:

This podcast features a fascinating back-and-forth on the implications of new amendments to California’s privacy law, CCPA (California Consumer Privacy Act). Is California setting the law of the land? How will the FTC respond? What will this mean for interstate online commerce? These and other questions are explored in the episode.

Privacy and Private Rights of Action

Oct 04

As Congress continues to slog through the process of crafting a comprehensive federal privacy framework, two intractable issues have emerged: federal preemption and private rights of action. These two issues are intertwined because they get at the core of how privacy rights and obligations should be enforced. While preemption has received most of the attention, a carefully constructed private right of action could also play an important role in advancing privacy rights at the national level. Instead, any inclusion of a private right of action has been treated as an all-or-nothing proposition.

Privacy advocates recommend individuals be permitted to privately enforce federal privacy protections through a statutory private right of action without any showing of harm. Meanwhile, industry-friendly proposals treat private rights of action as a non-starter. Both sides are locked into absolutist positions, and lawmakers’ efforts to craft an impactful privacy law have been hurt in the process.

In this post for IAPP’s Privacy Perspectives, I get into the nuance of private enforcement and offer up several ideas for how lawmakers could incorporate private rights of action into a national privacy law.

Face Tracking in the Workplace Warrants Consideration of Facial Analysis and Emotion Detection, Not Just Facial Recognition

Oct 01

I spent this summer beginning to research and write on “facial analysis” applications, which can probably best be thought of as a subset of facial recognition technologies (FRTs). In light of some recent headlines and excellent work from the ACLU, I posted a belated blog on the topic.

Monthly Archives: October 2019