Amid growing concern about the use and abuse of personal data over the last decade, there is an emerging suggestion that regulators may need to turn their attention towards the concentrations of power deriving from large-scale data accumulation. No longer the preserve of data protection or privacy law, personal data is receiving attention within competition and antitrust law.Recent mergers and acquisitions between large digital technology platforms have raised important questions about how these different areas intersect and how they can complement one another in order to protect consumer welfare while ensuring competitive markets. This paper draws attention to one particularly complicated kind of digital data-intensive industry: that of third party tracking, in which a firm does not (only or primarily) collect and process personal data of its own customers or users, but rather collects and processes data from the users of other ‘first party’ services.Mergers and acquisitions between firms active in the third party tracking industry raise unique challenges for privacy and fundamental rights which are often missed in regulatory decisions and academic discussions of data and market concentration. In this paper, we combine empirical and normative insights to shed light on the role of competition regulators in addressing the specific challenges of mergers and acquisitions in the third party tracking industry. After critically assessing some of the US and EU case law in this area, we argue that a bolder approach is needed; one that engages in a pluralist analysis of economic and noneconomic concerns about concentrations of power and control over data.
{"title":"Dissolving Privacy, One Merger at a Time: Competition, Data and Third Party Tracking","authors":"Reuben Binns, Elettra Bietti","doi":"10.2139/ssrn.3269473","DOIUrl":"https://doi.org/10.2139/ssrn.3269473","url":null,"abstract":"Amid growing concern about the use and abuse of personal data over the last decade, there is an emerging suggestion that regulators may need to turn their attention towards the concentrations of power deriving from large-scale data accumulation. No longer the preserve of data protection or privacy law, personal data is receiving attention within competition and antitrust law.Recent mergers and acquisitions between large digital technology platforms have raised important questions about how these different areas intersect and how they can complement one another in order to protect consumer welfare while ensuring competitive markets. This paper draws attention to one particularly complicated kind of digital data-intensive industry: that of third party tracking, in which a firm does not (only or primarily) collect and process personal data of its own customers or users, but rather collects and processes data from the users of other ‘first party’ services.Mergers and acquisitions between firms active in the third party tracking industry raise unique challenges for privacy and fundamental rights which are often missed in regulatory decisions and academic discussions of data and market concentration. In this paper, we combine empirical and normative insights to shed light on the role of competition regulators in addressing the specific challenges of mergers and acquisitions in the third party tracking industry. After critically assessing some of the US and EU case law in this area, we argue that a bolder approach is needed; one that engages in a pluralist analysis of economic and noneconomic concerns about concentrations of power and control over data.","PeriodicalId":179517,"journal":{"name":"Information Privacy Law eJournal","volume":"57 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-10-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114286961","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
This paper studies the advantages and challenges of digital payments. Large banks are transformed into platforms that share clients without losing control of the business. We are facing an open banking that combines finance and technology offering safety in a digital environment. These changes involve important regulatory challenges. The model of the European Union becomes a universal reference. It forces Banks to share customer data with technology firms. It prioritizes giving clients the power over their data with the security offered by the access through APIs. It gets right by combining financial regulation with data protection. It encourages innovation in a regulated framework. The objective is to reconcile innovation with the safety and stability of the financial system. La version en espanol de este articulo se puede encontrar en: https://ssrn.com/abstract=3264759.
本文研究了数字支付的优势和挑战。大型银行正在转型为共享客户的平台,同时又不会失去对业务的控制。我们正面临着一个将金融和技术相结合的开放银行,在数字环境中提供安全。这些变化涉及重大的监管挑战。欧盟的模式成为一个普遍的参考。它迫使银行与科技公司共享客户数据。它优先考虑通过api访问提供的安全性,让客户端对其数据具有控制权。通过将金融监管与数据保护结合起来,它是正确的。它鼓励在受监管的框架内进行创新。其目标是协调创新与金融体系的安全和稳定。西班牙语版de este articulo se puede encontrar en: https://ssrn.com/abstract=3264759。
{"title":"Digitalisation of Payment Services","authors":"F. Zunzunegui","doi":"10.2139/SSRN.3256281","DOIUrl":"https://doi.org/10.2139/SSRN.3256281","url":null,"abstract":"This paper studies the advantages and challenges of digital payments. Large banks are transformed into platforms that share clients without losing control of the business. We are facing an open banking that combines finance and technology offering safety in a digital environment. These changes involve important regulatory challenges. The model of the European Union becomes a universal reference. It forces Banks to share customer data with technology firms. It prioritizes giving clients the power over their data with the security offered by the access through APIs. It gets right by combining financial regulation with data protection. It encourages innovation in a regulated framework. The objective is to reconcile innovation with the safety and stability of the financial system. La version en espanol de este articulo se puede encontrar en: https://ssrn.com/abstract=3264759.","PeriodicalId":179517,"journal":{"name":"Information Privacy Law eJournal","volume":"17 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-09-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131554792","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2018-08-29DOI: 10.17159/1727-3781/2018/V21I0A1703
Charles Maimela
The duty of employers to reasonably accommodate employees living with disabilities is fundamental and is invoked on a daily basis in response to various health conditions which employees experience, such as cancer. While executing this fundamental duty, employers must be mindful of other rights which employees have, such as the right to privacy. Employers run the risk of violating the employees' right to privacy in the process of accommodating them if the employer discloses confidential medical information which must be used only for the purpose of making accommodations for the employee concerned, in this context an employee with cancer. This paper focuses on the duty of employers to reasonably accommodate such employees, and the right to privacy of the employees. Further, this paper aims to investigate if a balance can be maintained between the duty of the employer to make such accommodations and the right to privacy of the employees � �
{"title":"The Reasonable Accommodation of Employees with Cancer and their Right to Privacy in the Workplace","authors":"Charles Maimela","doi":"10.17159/1727-3781/2018/V21I0A1703","DOIUrl":"https://doi.org/10.17159/1727-3781/2018/V21I0A1703","url":null,"abstract":"The duty of employers to reasonably accommodate employees living with disabilities is fundamental and is invoked on a daily basis in response to various health conditions which employees experience, such as cancer. While executing this fundamental duty, employers must be mindful of other rights which employees have, such as the right to privacy. Employers run the risk of violating the employees' right to privacy in the process of accommodating them if the employer discloses confidential medical information which must be used only for the purpose of making accommodations for the employee concerned, in this context an employee with cancer. This paper focuses on the duty of employers to reasonably accommodate such employees, and the right to privacy of the employees. Further, this paper aims to investigate if a balance can be maintained between the duty of the employer to make such accommodations and the right to privacy of the employees \u0000 \u0000 ","PeriodicalId":179517,"journal":{"name":"Information Privacy Law eJournal","volume":"16 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-08-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132443084","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
In 2018, the Supreme Court of the United States had the opportunity to revisit the Stored Communications Act and decide the question of whether the Act could be applied extraterritorially. Instead of answering the question directly, the Court left the question for Congress to decide. Congress took this opportunity and passed the CLOUD Act, legislation that acts more as a temporary fix instead of addressing the real issue: the Stored Communications Act no longer properly accommodates modern technology. This article begins with a reading of the Stored Communications Act, describing the limits of law enforcement’s ability to obtain a warrant, including the seemingly arbitrary decisions that Congress made with respect to certain kinds of data. The article then analyzes the issue that Congress addressed through the CLOUD Act and how the paradigm shifted for extraterritorial data before turning to a different example of where the Stored Communications Act falls short: distributed storage technology. The article provides a detailed examination of how this technology works and why it does not fit within the CLOUD Act paradigm. Finally, the article concludes that the Stored Communications Act cannot be fixed through patchwork legislation; instead, the entire Act needs to be reformed to accommodate current and emerging technology. The article recognizes that although there are two diametrically opposed approaches that Congress can take, a privacy-first approach is preferable and better supported both historically and when examining society’s utilization of the internet.
{"title":"Arbitrary and Outdated: Reforming the Stored Communications Act","authors":"Mitchol Dunham","doi":"10.2139/ssrn.3258774","DOIUrl":"https://doi.org/10.2139/ssrn.3258774","url":null,"abstract":"In 2018, the Supreme Court of the United States had the opportunity to revisit the Stored Communications Act and decide the question of whether the Act could be applied extraterritorially. Instead of answering the question directly, the Court left the question for Congress to decide. Congress took this opportunity and passed the CLOUD Act, legislation that acts more as a temporary fix instead of addressing the real issue: the Stored Communications Act no longer properly accommodates modern technology. This article begins with a reading of the Stored Communications Act, describing the limits of law enforcement’s ability to obtain a warrant, including the seemingly arbitrary decisions that Congress made with respect to certain kinds of data. The article then analyzes the issue that Congress addressed through the CLOUD Act and how the paradigm shifted for extraterritorial data before turning to a different example of where the Stored Communications Act falls short: distributed storage technology. The article provides a detailed examination of how this technology works and why it does not fit within the CLOUD Act paradigm. Finally, the article concludes that the Stored Communications Act cannot be fixed through patchwork legislation; instead, the entire Act needs to be reformed to accommodate current and emerging technology. The article recognizes that although there are two diametrically opposed approaches that Congress can take, a privacy-first approach is preferable and better supported both historically and when examining society’s utilization of the internet.","PeriodicalId":179517,"journal":{"name":"Information Privacy Law eJournal","volume":"23 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-08-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131943498","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
A C21st bill of rights needs to address Internet-related issues such as collection and dissemination of personal data, lawful interception, provision of access, and government-enforced shutdowns. However, the uncertain nature of Internet access means firstly that it ought not to be a right, and secondly that institutions and practices need to be designed to benefit from the Internet, to be secure from any threats and to be able to be transformed as technologies change. These complex and evolving challenges call for institutional reforms to support enforcement of existing rights of freedom of expression, privacy and safety, combined with good governance and the rule of law in a digital age. In particular, it requires independent data protection agencies that can share challenges and experiences with their counterparts and which can publicise data breaches and emerging issues. It requires openness, with disclosure of governmental and regulatory activities (e.g., impact and threat assessments), with judicial appeals against decisions and parliamentary oversight of ministers and agencies. Transparency will not be enough to stop autocratic states from shutting down parts of the Internet, when faced with real or imagined opponents, such governments seem able to ignore international protests. Much greater transparency is necessary on national security and the way it used to curtail rights to privacy and safety, and the practice of intrusive surveillance. Good governance at national level can be improved and supported by international cooperation (e.g., peer review, threat assessment, and training).
{"title":"The Internet and Human Rights: Access, Shutdowns, and Surveillance","authors":"E. Sutherland","doi":"10.2139/SSRN.3203883","DOIUrl":"https://doi.org/10.2139/SSRN.3203883","url":null,"abstract":"A C21st bill of rights needs to address Internet-related issues such as collection and dissemination of personal data, lawful interception, provision of access, and government-enforced shutdowns. However, the uncertain nature of Internet access means firstly that it ought not to be a right, and secondly that institutions and practices need to be designed to benefit from the Internet, to be secure from any threats and to be able to be transformed as technologies change. These complex and evolving challenges call for institutional reforms to support enforcement of existing rights of freedom of expression, privacy and safety, combined with good governance and the rule of law in a digital age. In particular, it requires independent data protection agencies that can share challenges and experiences with their counterparts and which can publicise data breaches and emerging issues. It requires openness, with disclosure of governmental and regulatory activities (e.g., impact and threat assessments), with judicial appeals against decisions and parliamentary oversight of ministers and agencies. Transparency will not be enough to stop autocratic states from shutting down parts of the Internet, when faced with real or imagined opponents, such governments seem able to ignore international protests. Much greater transparency is necessary on national security and the way it used to curtail rights to privacy and safety, and the practice of intrusive surveillance. Good governance at national level can be improved and supported by international cooperation (e.g., peer review, threat assessment, and training).","PeriodicalId":179517,"journal":{"name":"Information Privacy Law eJournal","volume":"45 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-06-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114225049","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
This chapter provides a critical account of the substantive content of the GDPR. Particular emphasis is put on the concepts of personal data, data controller/processor and consent. New user rights including the co-called right to be forgotten, the alleged "right to an explanation" and data portability are also interrogated. Important adjunct issues such as territorial and material scope, privacy by design, enforcement and data exports are also explored.
{"title":"Data Protection: Enter the General Data Protection Regulation","authors":"L. Edwards","doi":"10.2139/SSRN.3182454","DOIUrl":"https://doi.org/10.2139/SSRN.3182454","url":null,"abstract":"This chapter provides a critical account of the substantive content of the GDPR. Particular emphasis is put on the concepts of personal data, data controller/processor and consent. New user rights including the co-called right to be forgotten, the alleged \"right to an explanation\" and data portability are also interrogated. Important adjunct issues such as territorial and material scope, privacy by design, enforcement and data exports are also explored.","PeriodicalId":179517,"journal":{"name":"Information Privacy Law eJournal","volume":"11 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-05-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"117079138","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The Measurement Guide helps governments, civil society, and researchers to understand how to assess open data activities based on the Open Data Charter (the ‘Charter’) principles. It seeks to shed light on the often opaque and jargon-filled world of open data measurement. � �The Measurement Guide is an analysis of the Charter principles and how they are assessed based on current open government data measurement tools – with a focus on commitments that can be measured, commitments that cannot be measured, and existing gaps (e.g. commitments that have not been measured). � �The Measurement Guide is made for governments, civil society, and researchers to under- stand how the Charter principles can be measured. It provides insights from open data experts and members of organizations who work on open data measurement tools. Analysis of the coverage of the five leading open data measurement tools reveals that only parts of Charter principle commitments, and their components, are being measured; or that some commitments could be measured in the future. � �However, some Charter concepts are either too broad (e.g. “high-quality data”, “usability by the widest range of users”), or lack a shared interpretation, which makes them difficult to find a common indicator.
{"title":"Open Data Charter Measurement Guide","authors":"Ana Brandusescu, Danny Lämmerhirt","doi":"10.2139/ssrn.3331162","DOIUrl":"https://doi.org/10.2139/ssrn.3331162","url":null,"abstract":"The Measurement Guide helps governments, civil society, and researchers to understand how to assess open data activities based on the Open Data Charter (the ‘Charter’) principles. It seeks to shed light on the often opaque and jargon-filled world of open data measurement. \u0000 \u0000The Measurement Guide is an analysis of the Charter principles and how they are assessed based on current open government data measurement tools – with a focus on commitments that can be measured, commitments that cannot be measured, and existing gaps (e.g. commitments that have not been measured). \u0000 \u0000The Measurement Guide is made for governments, civil society, and researchers to under- stand how the Charter principles can be measured. It provides insights from open data experts and members of organizations who work on open data measurement tools. Analysis of the coverage of the five leading open data measurement tools reveals that only parts of Charter principle commitments, and their components, are being measured; or that some commitments could be measured in the future. \u0000 \u0000However, some Charter concepts are either too broad (e.g. “high-quality data”, “usability by the widest range of users”), or lack a shared interpretation, which makes them difficult to find a common indicator.","PeriodicalId":179517,"journal":{"name":"Information Privacy Law eJournal","volume":"61 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-05-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131954399","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
This paper considers why awards of gain-based relief for breach of privacy are uncommon. There are three reasons for this. First, there are arguably two possible measures of gain-based relief: the reasonable fee and the account of profits. In relation to the latter, the account of profits is a personal remedy, but the proprietary constructive trust can also sometimes be used to achieve a similar result. Second, there is uncertainty about the nature of the cause of action, particularly in Australia. The availability of specific kinds of gain-based relief has generally been predicated on the historical origin of the particular cause of action. Unfortunately, the categorisation of breach of privacy is uncertain, and it has been seen both as a tort and as a species of equitable breach of confidence. This has ramifications for the availability of remedies, particularly in Australia. The equitable remedy of account of profits is more likely to be awarded for equitable causes of action, and only exceptionally for common law causes of action, if at all. By contrast, reasonable fee awards are more likely to be available for certain torts. Thirdly, accounts of profits are generally unwieldy and difficult to calculate, and courts find it difficult to apportion profits to the breach. �It is suggested that the remedies available for breach of privacy should be uncoupled from the debates about historical origin. Instead the focus should be upon the normative basis of the cause of action (whether it is conceived of as equitable or tortious, or as a mixture of both), as this will determine what remedies should be available. It will be suggested that accounts of profit should be available for breach of privacy, but only exceptionally, where compensatory damages are inadequate, an injunction is unavailable, the defendant’s breach was advertent and the defendant made a profit. Moreover the difficulties of calculation mentioned above should be dealt with by reversing the burden of proof, and requiring the defendant to show that any net profit was not attributable to the breach. By contrast, it will be argued that reasonable fee awards should not be made, and nor should Lord Cairns’ Act be used (even in a beneficent interpretation) to enable gain-based awards.
{"title":"Gain-Based Relief for Breach of Privacy","authors":"K. Barnett","doi":"10.2139/ssrn.3173951","DOIUrl":"https://doi.org/10.2139/ssrn.3173951","url":null,"abstract":"This paper considers why awards of gain-based relief for breach of privacy are uncommon. There are three reasons for this. First, there are arguably two possible measures of gain-based relief: the reasonable fee and the account of profits. In relation to the latter, the account of profits is a personal remedy, but the proprietary constructive trust can also sometimes be used to achieve a similar result. Second, there is uncertainty about the nature of the cause of action, particularly in Australia. The availability of specific kinds of gain-based relief has generally been predicated on the historical origin of the particular cause of action. Unfortunately, the categorisation of breach of privacy is uncertain, and it has been seen both as a tort and as a species of equitable breach of confidence. This has ramifications for the availability of remedies, particularly in Australia. The equitable remedy of account of profits is more likely to be awarded for equitable causes of action, and only exceptionally for common law causes of action, if at all. By contrast, reasonable fee awards are more likely to be available for certain torts. Thirdly, accounts of profits are generally unwieldy and difficult to calculate, and courts find it difficult to apportion profits to the breach. \u0000It is suggested that the remedies available for breach of privacy should be uncoupled from the debates about historical origin. Instead the focus should be upon the normative basis of the cause of action (whether it is conceived of as equitable or tortious, or as a mixture of both), as this will determine what remedies should be available. It will be suggested that accounts of profit should be available for breach of privacy, but only exceptionally, where compensatory damages are inadequate, an injunction is unavailable, the defendant’s breach was advertent and the defendant made a profit. Moreover the difficulties of calculation mentioned above should be dealt with by reversing the burden of proof, and requiring the defendant to show that any net profit was not attributable to the breach. By contrast, it will be argued that reasonable fee awards should not be made, and nor should Lord Cairns’ Act be used (even in a beneficent interpretation) to enable gain-based awards.","PeriodicalId":179517,"journal":{"name":"Information Privacy Law eJournal","volume":"8 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-05-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121364743","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Recent progress in information technologies provides sellers with detailed knowledge about consumers' preferences, approaching perfect price discrimination in the limit. We construct a model where consumers with less strategic sophistication than the seller's pricing algorithm face a trade-off when buying. They choose between a direct, transaction cost-free sales channel and a privacy-protecting, but costly, anonymous channel. We show that the anonymous channel is used even in the absence of an explicit taste for privacy if consumers are not too strategically sophisticated. This provides a micro-foundation for consumers' privacy choices. Some consumers benefit but others suffer from their anonymization. (This abstract was borrowed from another version of this item.) (This abstract was borrowed from another version of this item.) (This abstract was borrowed from another version of this item.) (This abstract was borrowed from another version of this item.) (This abstract was borrowed from another version of this item.) (This abstract was borrowed from another version of this item.) (This abstract was borrowed from another version of this item.) (This abstract was borrowed from another version of this item.) (This abstract was borrowed from another version of this item.) (This abstract was borrowed from another version of this item.) (This abstract was borrowed from another version of this item.) (This abstract was borrowed from another version of this item.) (This abstract was borrowed from another version of this item.) (This abstract was borrowed from another version of this item.)
{"title":"Consumers' Privacy Choices in the Era of Big Data","authors":"Sebastian Dengler, J. Prüfer","doi":"10.2139/ssrn.3159028","DOIUrl":"https://doi.org/10.2139/ssrn.3159028","url":null,"abstract":"Recent progress in information technologies provides sellers with detailed knowledge about consumers' preferences, approaching perfect price discrimination in the limit. We construct a model where consumers with less strategic sophistication than the seller's pricing algorithm face a trade-off when buying. They choose between a direct, transaction cost-free sales channel and a privacy-protecting, but costly, anonymous channel. We show that the anonymous channel is used even in the absence of an explicit taste for privacy if consumers are not too strategically sophisticated. This provides a micro-foundation for consumers' privacy choices. Some consumers benefit but others suffer from their anonymization. (This abstract was borrowed from another version of this item.) (This abstract was borrowed from another version of this item.) (This abstract was borrowed from another version of this item.) (This abstract was borrowed from another version of this item.) (This abstract was borrowed from another version of this item.) (This abstract was borrowed from another version of this item.) (This abstract was borrowed from another version of this item.) (This abstract was borrowed from another version of this item.) (This abstract was borrowed from another version of this item.) (This abstract was borrowed from another version of this item.) (This abstract was borrowed from another version of this item.) (This abstract was borrowed from another version of this item.) (This abstract was borrowed from another version of this item.) (This abstract was borrowed from another version of this item.)","PeriodicalId":179517,"journal":{"name":"Information Privacy Law eJournal","volume":"28 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-04-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134166546","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
This submission responds to the Final Report of the Review into Open Banking in Australia released by Treasury on 9 February 2018. The proposed ‘Open Banking’ regime, if implemented, will be the first incarnation of the broader ‘Open Data’ regime proposed for Australia. The Productivity Commission recommended the enactment of a ‘Consumer Data Right’ to secure the necessary ‘social licence’ for the greatly increasing collection and disclosure of personal information contemplated as part of the proposed ‘Open Data’ regime. The stated goal of the Consumer Data Right is that consumers should be empowered. This goal will not be achieved if the net effect of the Open Data regime is that a much larger amount of Australian consumers’ personal information is collected, processed and disclosed in a way that exacerbates inequalities in bargaining power, information asymmetries, discriminatory treatment and exclusion of vulnerable groups, especially if their existing exposure to risk without an effective remedy is not addressed. It is unsafe to promote a revolutionary increase in the exposure of the personal information of Australians without proportionate increases in the currently deficient legal protection of that personal information. This submission advocates increased substantive privacy protections, broader application of those protections, greater supervisory, investigative and representative powers for the relevant regulator, and penalties which are sufficient to achieve appropriate deterrence.
{"title":"Joint Submission to Treasury on the Open Banking Review Final Report","authors":"Katharine Kemp, D. Vaile","doi":"10.2139/SSRN.3150138","DOIUrl":"https://doi.org/10.2139/SSRN.3150138","url":null,"abstract":"This submission responds to the Final Report of the Review into Open Banking in Australia released by Treasury on 9 February 2018. The proposed ‘Open Banking’ regime, if implemented, will be the first incarnation of the broader ‘Open Data’ regime proposed for Australia. The Productivity Commission recommended the enactment of a ‘Consumer Data Right’ to secure the necessary ‘social licence’ for the greatly increasing collection and disclosure of personal information contemplated as part of the proposed ‘Open Data’ regime. The stated goal of the Consumer Data Right is that consumers should be empowered. This goal will not be achieved if the net effect of the Open Data regime is that a much larger amount of Australian consumers’ personal information is collected, processed and disclosed in a way that exacerbates inequalities in bargaining power, information asymmetries, discriminatory treatment and exclusion of vulnerable groups, especially if their existing exposure to risk without an effective remedy is not addressed. It is unsafe to promote a revolutionary increase in the exposure of the personal information of Australians without proportionate increases in the currently deficient legal protection of that personal information. This submission advocates increased substantive privacy protections, broader application of those protections, greater supervisory, investigative and representative powers for the relevant regulator, and penalties which are sufficient to achieve appropriate deterrence.","PeriodicalId":179517,"journal":{"name":"Information Privacy Law eJournal","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-03-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129953755","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: