New Hampshire voters overwhelmingly approved a ballot measure that guarantees a constitutional right to information privacy in the state. The measure, which received 80% of the vote, amends Article 2 in the New Hampshire Bill of Rights providing that “an individual’s right to live free from governmental intrusion in private or personal information is natural, essential, and inherent.” New Hampshire joins a growing number of states with constitutional privacy protections. EPIC Advisory Board member David Flaherty has written about the development of constitutional privacy protections. EPIC regularly files amicus briefs supporting state privacy rights. In a recent amicus brief concerning the OPM data breach, EPIC argued that the right to information privacy exists in the federal Constitution.
A federal court has blocked a New York City law requiring home-sharing platforms to disclose detailed personal information about users, ruling that the ordinance violates the Fourth Amendment. The law would have required companies such as Airbnb to disclose the names, contact information, financial data, and rental histories of hosts, even when no unlawful conduct was suspected. . . .l The court followed a Supreme Court case Los Angeles v. Patel, which prohibited the warrantless searches of hotel records. EPIC filed an amicus brief in Patel. The federal court also cited Carpenter v. United States, Byrd v. United States, Riley v. California, and United States v. Jones, Supreme Court cases in which EPIC alsofiledamicusbriefs. The decision in Airbnb v. New York also has implications for the data collection practices of so-called Smart Cities.
Push for Internet Privacy Rules Moves to Statehouses
3/26/2017
Conor Dougherty
New York Times
In the face of the Senate’s rollback on regulations preventing ISPs from monetizing information like a user’s browsing history, states like Illinois are now making moves towards increasing protections of their citizens’ privacy. In the case of Illinois, a “right to know” bill is in considering, which would “let consumers find out what information about them is being collected by companies like Google and Facebook, and what kinds of businesses they share it with.” Additionally, Illinois is looking to restrict smartphone tracking by applications in addition to audio recordings from TVs and wifi-enabled personal assistants.
Obviously, other states could easily look to these laws should they be passed, hopefully spreading further than just Illinois. This would additionally make it more difficult for companies to work around, requiring specific features on a per-state basis. These laws, of course, fly in the face of what large corporate entities like Microsoft lobby for.
While I’m appreciative of local state legislature for privacy, these laws feel a lot more like band-aids than legitimate solutions for the US. Protecting only a fraction of the country on a state-by-state basis is not ideal in that it creates pockets of lowered privacy. While it sounds ideal that other states may simply just adopt laws that Illinois or California have recently begun to push for, these regulations are the kind that should benefit all Americans, rather than just Illinoisans or Californians. If the majority of states prove that privacy is important to them and both the left and the right can prove that they can come together on these issues, there’s no reason that it should not just be the law of the land.
In a 53-14 vote that took place days ago, South Dakota’s legislative House passed legislation that makes arrest booking photos public records. The measure, which cleared the state’s Senate in January, will be signed by Governor Dennis Daugaard.
With that signature on Senate Bill 25, (PDF) South Dakota becomes the 49th state requiring mug shots to be public records. The only other state in the union where they’re not public records is Louisiana.
The South Dakota measure is certain to provide fresh material for the online mug shot business racket. These questionable sites post mug shots, often in a bid to embarrass people in hopes of getting them to pay hundreds of dollars to have their photos removed. The exposé I did on this for Wired found that some mug shot site operators had a symbiotic relationship with reputation management firms that charge for mug shot removals.
Peter Gabiola thought he was on the right track in 2013. He was out of prison and had been off parole for retail theft for more than a year when he started a new job with a Buffalo Grove sales and marketing firm.
But about an hour after he started, someone at the business Googled his name and saw that he was listed as being on parole. The company fired him immediately, he said.
The Illinois Department of Corrections had removed his records from its website. Commercial website Mugshots.com, however, still featured the information.
After having two more job offers rescinded, Gabiola typed his name into Google himself, saw his page on Mugshots.com, and contacted another site, Unpublisharrest.com, to try to get it taken down. He said the site, which only offers its service for Mugshots.com, told him it would cost $15,000 to attempt to scrub the information — with no guarantee that his profile would be removed.
The California Supreme Court ruled Thursday that state and local officials must disclose public records even if those “writings” are held on private devices or accounts. The City of San Jose and the County of Santa Clara had argued that such records could be exempted from the California Public Records Act.
The case dates back to 2009, when Ted Smith, a local environment activist, filed a public records request about various San Jose officials’ requests concerning local development efforts. When records came back that did not include materials from personal devices or accounts, he sued.
The state Supreme Court was unequivocal in its conclusion:
CPRA and the Constitution strike a careful balance between public access and personal privacy. This case concerns how that balance is served when documents concerning official business are created or stored outside the workplace. The issue is a narrow one: Are writings concerning the conduct of public business beyond CPRA’s reach merely because they were sent or received using a non governmental account? Considering the statute’s language and the important policy interests it serves, the answer is no. Employees’ communications about official agency business may be subject to CPRA regardless of the type of account used in their preparation or transmission.
Recent Comments