12th Annual Privacy Papers for Policymakers

FREE February 10, 2022 @ 1:00 PM ET

Overview

FPF is excited to announce the 12th Annual Privacy Papers for Policymakers winners and virtual awards! The award recognizes leading privacy scholarship that is relevant to policymakers in the U.S. Congress, at U.S. federal agencies, and international data protection authorities. View the full event recap here.

About the Privacy Papers for Policymakers Award

The selected papers highlight important work that analyzes current and emerging privacy issues and proposes achievable short-term solutions or new means of analysis that could lead to real-world policy solutions.

From the many nominated papers, the winning papers were selected by a diverse team of academics, advocates, and industry privacy professionals from FPF’s Advisory Board. This year’s papers explore smartphone platforms as privacy regulators, the concept of data loyalty, and global privacy regulation. The winning papers were ultimately selected because they contain solutions that are relevant for policymakers in the U.S. and abroad. To learn more about the submission and review process, read our Call for Nominations

About the Privacy Papers for Policymakers Event

The winning authors will join FPF to present their work at a virtual event with policymakers from around the world, academics, and industry privacy professionals. The event will be held on February 10, 2022, from 1:00 – 3:00 PM EST. The event is free and open to the general public. To register for the event, please click here.

We were honored to be joined by Colorado Attorney General Phil Weiser, who will provide the keynote address. Thank you to Honorary Co-Hosts Congresswoman Diana DeGette, Co-Chair of the Congressional Privacy Caucus and Senator Ed Markey.

To see the winning papers and virtual event recording from this year’s event click here.

To see the virtual event recording from last year’s 11th Annual Privacy Papers for Policymakers click here.

About the Winning Papers

The winners of the 12th Annual Privacy Papers for Policymakers Award are listed below. To learn more about the papers, judges, and authors, download the PPPM Digest.  

  • Privacy Harms, by Danielle Keats Citron, University of Virginia School of Law; and Daniel J. Solove, George Washington University Law School
    • This paper looks at how courts define harm in cases involving privacy violations and how the requirement of proof of harm impedes the enforcement of privacy law due to the dispersed and minor effects that most privacy violations have on individuals. However, when these minor effects are suffered at a vast scale, individuals, groups, and society can feel significant harm. This paper offers language for courts to refer to when litigating privacy cases and provides advice as to when privacy harm should be considered in a lawsuit.
  • The Flaws of Policies Requiring Human Oversight of Government Algorithms, by Ben Green, University of Michigan at Ann Arbor, Gerald Ford School of Public Policy, Harvard University, Berkman Klein Center for Internet & Society
    • In this paper, Green analyzes the use of human oversight of government algorithmic decisions. From this analysis, he concludes that humans are unable to perform the desired oversight responsibilities, and that by continuing to use human oversight as a check on these algorithms, the government legitimizes the use of these faulty algorithms without addressing the associated issues. The paper offers a more stringent approach to determining whether an algorithm should be incorporated into a certain government decision, which includes critically considering the need for the algorithm and evaluating whether people are capable of effectively overseeing the algorithm.
  • The Surprising Virtues of Data Loyalty, by Woodrow Hartzog, Northeastern University School of Law and Khoury College of Computer Sciences, Stanford Law School Center for Internet and Society; and Neil M. Richards, Washington University School of Law, Yale Information Society Project, Stanford Center for Internet and Society
    • The data loyalty responsibilities for companies that process human information are now being seriously considered in both the U.S. and Europe. This paper analyzes criticisms of data loyalty that argue that such duties are unnecessary, concluding that data loyalty represents a relational approach to data that allows us to deal substantively with the problem of platforms and human information at both systemic and individual levels. The paper argues that the concept of data loyalty has some surprising virtues, including checking power and limiting systemic abuse by data collectors.
  • Smartphone Platforms as Privacy Regulators, by Joris van Hoboken, Vrije Universiteit Brussels, Institute for Information Law, University of Amsterdam; and Ronan Ó Fathaigh, Institute for Information Law, University of Amsterdam
    • In this paper, the authors look at the role of online platforms and their impact on data privacy in today’s digital economy. The paper first distinguishes the different roles that platforms can have in protecting privacy in online ecosystems, including governing access to data, design of relevant interfaces, and policing the behavior of the platform’s users. The authors then provide an argument as to what platforms’ role should be in legal frameworks. They advocate for a compromise between direct regulation of platforms and mere self-regulation, arguing that platforms should be required to make official disclosures about their privacy-related policies and practices for their respective ecosystems.
  • Comparison of Various Compliance Points of Data Protection Laws in Ten Countries/Regions, by Jie (Jackie) Wang, W&W International Legal Team, Kinding Partners
    • China enacted the first codified personal information protection law in China in late 2021, the Personal Information Protection Law (PIPL). In this paper, Wong compares China’s PIPL with data protection laws in nine regions to assist overseas Internet companies and personnel who deal with personal information in better understanding the similarities and differences in data protection and compliance between each country and region.
  • “Did you know this camera tracks your mood?”: Understanding Privacy Expectations and Preferences in the Age of Video Analytics, by Shikun Zhang, Carnegie Mellon University; Yuanyuan Feng, University of Vermont; Lujo Bauer, Carnegie Mellon University; Lorrie Faith Cranor, Carnegie Mellon University; Anupam Das, North Carolina State University; and Norman Sadeh, Carnegie Mellon University
    • Cameras are everywhere, and with the innovation of video analytics, there are questions being raised about how individuals should be notified that they are being recorded. This paper studied 123 individuals’ sentiments across 2,328 video analytics deployments scenarios to inform their conclusion. In their conclusion, the researchers advocate for the development of interfaces that simplify the task of managing notices and configuring controls, which would allow individuals to communicate their opt-in/opt-out preference to video analytics operators.

In addition to the winning papers, FPF has selected two papers for Honorable Mention: Verification Dilemmas and the Promise of Zero-Knowledge Proofs by Kenneth Bamberger, University of California, Berkeley – School of Law; Ran Canetti, Boston University, Department of Computer Science, Boston University, Faculty of Computing and Data Science, Boston University, Center for Reliable Information Systems and Cybersecurity; Shafi Goldwasser, University of California, Berkeley – Simons Institute for the Theory of Computing; Rebecca Wexler, University of California, Berkeley – School of Law; and Evan Zimmerman, University of California, Berkeley – School of Law; and A Taxonomy of Police Technology’s Racial Inequity Problems by Laura Moy, Georgetown University Law Center.

FPF also selected a paper for the Student Paper Award, A Fait Accompli? An Empirical Study into the Absence of Consent to Third Party Tracking in Android Apps by Konrad Kollnig and Reuben Binns, University of Oxford; Pierre Dewitte, KU Leuven; Max van Kleek, Ge Wang, Daniel Omeiza, Helena Webb, and Nigel Shadbolt, University of Oxford. The Student Paper Award Honorable Mention was awarded to Yeji Kim, University of California, Berkeley – School of Law, for her paper, Virtual Reality Data and Its Privacy Regulatory Challenges: A Call to Move Beyond Text-Based Informed Consent.

Agenda

Program Agenda

Time

Item

Speakers

1:00 pm –
1:10 pm ET

10:00 am –
10:10 am PT

Welcome Remarks

  • Jules Polonetsky, CEO, Future of Privacy Forum
  • Amber Ezzell, Christopher Wolf Diversity Law Fellow, Future of Privacy Forum

1:10 pm –
1:30 pm ET

10:10 am –
10:30 am PT

Opening Keynote

  • Phil Weiser, Colorado Attorney General

1:30 pm –
1:45 am ET

10:30 am –
10:45 pm PT

Privacy Harms

    • This paper looks at how courts define harm in cases involving privacy violations and how the requirement of proof of harm impedes the enforcement of privacy law due to the dispersed and minor effects that most privacy violations have on individuals. However, when these minor effects are suffered at a vast scale, individuals, groups, and society can feel significant harm. This paper offers language for courts to refer to when litigating privacy cases and provides advice as to when privacy harm should be considered in a lawsuit.

 

Co-Authors 

  • Danielle Keats Citron, University of Virginia School of Law
  • Daniel J. Solove, George Washington University Law School

Discussant

  • Maneesha Mithal, Privacy & Cybersecurity Partner, Wilson Sonsini

1:45 pm –
2:00 pm ET

10:45 am –
11:00 am PT

The Surprising Virtues of Data Loyalty

    • The data loyalty responsibilities for companies that process human information are now being seriously considered in both the U.S. and Europe. This paper analyzes criticisms of data loyalty that argue that such duties are unnecessary, concluding that data loyalty represents a relational approach to data that allows us to deal substantively with the problem of platforms and human information at both systemic and individual levels. The paper argues that the concept of data loyalty has some surprising virtues, including checking power and limiting systemic abuse by data collectors.

Co-Authors

  • Woodrow Hartzog, Northeastern University School of Law and Khoury College of Computer Sciences, Stanford Law School Center for Internet and Society
  • Neil M. Richards, Washington University School of Law, Yale Information Society Project, Stanford Center for Internet and Society

Discussant

  • Sarah Holland, Public Policy Manager, Google

2:00 pm –
2:15 pm ET

11:00 am –
11:15 am PT

The Flaws of Policies Requiring Human Oversight of Government Algorithms

    • In this paper, Green analyzes the use of human oversight of government algorithmic decisions. From this analysis, he concludes that humans are unable to perform the desired oversight responsibilities and that by continuing to use human oversight as a check on these algorithms, the government legitimizes the use of these faulty algorithms without addressing the associated issues. The paper offers a more stringent approach to determining whether an algorithm should be incorporated into a certain government decision, which includes critically considering the need for the algorithm and evaluating whether people are capable of effectively overseeing the algorithm.

Author

  • Ben Green, University of Michigan at Ann Arbor, Gerald Ford School of Public Policy, Harvard University, Berkman Klein Center for Internet & Society

Discussant

  • Travis Hall, Telecommunications Policy Analyst, NTIA

2:15 pm –
2:30 pm ET

11:15 am –
11:30 am PT

Smartphone Platforms as Privacy Regulators

    • In this paper, the authors look at the role of online platforms and their impact on data privacy in today’s digital economy. The paper first distinguishes the different roles that platforms can have in protecting privacy in online ecosystems, including governing access to data, design of relevant interfaces, and policing the behavior of the platform’s users. The authors then provide an argument as to what platforms’ role should be in legal frameworks. They advocate for a compromise between direct regulation of platforms and mere self-regulation, arguing that platforms should be required to make official disclosures about their privacy-related policies and practices for their respective ecosystems.

Co-Authors

  • Joris van Hoboken, Vrije Universiteit Brussels, Institute for Information Law, University of Amsterdam
  • Ronan Ó Fathaigh, Institute for Information Law, University of Amsterdam

Discussant

  • Quentin Palfrey, President, International Digital Accountability Council

2:30 pm –
2:45 pm ET

11:30 am –
11:45 am PT

Comparison of Various Compliance Points of Data Protection Laws in Ten Countries/Regions

    • China enacted the first codified personal information protection law in China in late 2021, the Personal Information Protection Law (PIPL). In this paper, Wong compares China’s PIPL with data protection laws in nine regions to assist overseas Internet companies and personnel who deal with personal information in better understanding the similarities and differences in data protection and compliance between each country and region.

Author

  • Jie (Jackie) Wong, W&W International Legal Team, Kinding Partners

Discussant

  • Dr. Clarisse Girot, Managing Director for Asia Pacific, Future of Privacy Forum

2:45 pm –
3:00 pm ET

11:45 am –
12:00 pm PT

“Did you know this camera tracks your mood?”: Understanding Privacy Expectations and Preferences in the Age of Video Analytics

    • Cameras are everywhere, and with the innovation of video analytics, there are questions being raised about how individuals should be notified that they are being recorded. This paper studied 123 individuals’ sentiments across 2,328 video analytics deployments scenarios to inform their conclusion. In their conclusion, the researchers advocate for the development of interfaces that simplify the task of managing notices and configuring controls, which would allow individuals to communicate their opt-in/opt-out preference to video analytics operators.

Presenting Co-Authors

  • Shikun Zhang, Carnegie Mellon University; Yuanyuan Feng, University of Vermont; Lujo Bauer, Carnegie Mellon University
  • Norman Sadeh, Carnegie Mellon University

Discussant

  • John J. Howard, Principal Data Scientist, Maryland Test Facility

3:00 pm –
3:05 pm ET

12:00 pm –
12:05 pm PT

Closing Remarks

  • Amber Ezzell, Christopher Wolf Diversity Law Fellow, Future of Privacy Forum

Speaker

Phil Weiser

Colorado Attorney General, The Office of the Attorney General

Colorado Attorney General Phil Weiser was sworn in as the State’s 39th Attorney General on January 8, 2019. As the state’s chief legal officer, Attorney General Weiser is committed to protecting the people of Colorado and building an innovative and collaborative organization that will address a range of statewide challenges, from addressing the opioid epidemic to reforming our criminal justice system to protecting our land, air, and water.

Attorney General Weiser has dedicated his life to the law, justice, and public service. Before running for office, Weiser served as the Hatfield Professor of Law and Dean of the University of Colorado Law School, where he founded the Silicon Flatirons Center for Law, Technology, and Entrepreneurship and co-chaired the Colorado Innovation Council.

Weiser served as a Deputy Assistant Attorney General in the U.S. Department of Justice and as Senior Advisor for Technology and Innovation in the Obama Administration’s National Economic Council. He served on President Obama’s Transition Team, overseeing the Federal Trade Commission and previously served in President Bill Clinton’s Department of Justice as senior counsel to the Assistant Attorney General in charge of the Antitrust Division, advising on telecommunications matters.

Before his appointment at the Justice Department, Weiser served as a law clerk to Justices Byron R. White and Ruth Bader Ginsburg at the United States Supreme Court and to Judge David Ebel at the Tenth Circuit Court of Appeals in Denver, Colorado.

The son and grandson of Holocaust survivors, Weiser is deeply committed to the American Dream and ensuring opportunity for all Coloradans. Weiser lives in Denver with his wife, Dr. Heidi Wald, and their two children.